Home page logo
/

dailydave logo Dailydave mailing list archives

Re: Trojan Languages
From: William Arbaugh <warbaugh () gmail com>
Date: Thu, 21 Nov 2013 16:15:41 -0500


On Nov 21, 2013, at 2:53 PM, Dave Aitel <dave () immunityinc com> wrote:


But you're getting one, *very* important thing when you use Python:

1. Your most complex code will be a lot less buggy. 

For advanced remote access trojans, you are operating in a completely unknown environment and frankly, you may NEVER 
be able to update it or reach it again. Any detection or failure could be globally catastrophic. This means your code 
has to be forward thinking in a way that is not typical. So it simply has to be much more correct than code usually 
is.

and here I was thinking Haskell.

People tend to write complex things more CORRECTLY in Python than in Ruby or Lua or (Naudhubillah!) C. That reason 
alone is why the future of remote access trojans is embedded Python engines. If you're trying to build trojans that 
have emergent behavior, then you need a language that makes that behavior as clear and easy to understand as 
possible. 


again Haskell ;).

I've always viewed emergent behavior as the behavior that occurs when a large number of well defined objects (usually 
small) interact. An example might be a number of INNUENDO nodes that dynamically form an overlay network for exfil. 

IMHO the only behavior that emerges from complex code is behavior we DON'T want.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]