PLDI: PyLingual tutorial resource home

# PLDI: PyLingual tutorial resource home ![](https://codimd.syssec.org/uploads/eb9335c2-95ec-48c2-872c-e86800ad84a0.png) ## Tutorial schedule | Topic | Time | Resources | |-----------------------------------------------------|---------|-------------------| | Lec1: Tutorial intro | 30 min. | [Lec1][lec1.pptx] | | Tut 1: Python packaging and deployment | 15 min. | [Tut1][tut1.pptx] | | Lec 2: PyLingual decompilation errors | 20 min. | [Lec2-1][lec2-1.pptx], [Lec2-2][lec2-2.pptx] | | Tut 2: Patching decompilation errors | 10 min. | [Tut2-1][tut2.pptx] | | Break | 20 min. | | | Tut 2: (cont.) | 30 min. | [Tut2-2][tut2-2.pptx] | | Lec 3: PyLingual internals | 15 min. | [Lec3][lec3.pptx] | | Tut 3: Writing CFG patch and commit to PyLingual | 15 min. | [Tut3][tut3.pptx] | ## PyLingual services * [PyLingual Web Service (pylingual.io)](https://pylingual.io) * [PyLingual open-source](https://github.com/syssec-utd/pylingual) for on-premise/standalone execution. * CUDA support recommended. ## CLI environments * Mark your connection user id * https://pldi25.pylingual.io/users * Connect to the tutorial VM ```shell ssh <userid>@pldi25.pylingual.io ``` * Docker image: https://hub.docker.com/repository/docker/syssecutd/pyuser/general ```shell # create your private/persistent workspace where you can place # your PYC files to analyze mkdir workspace # run the docker image docker run -h pyuser -v $(pwd)/workspace:/workspace -it syssecutd/pyuser /bin/zsh ``` ## Malware samples with decompilation errros - Total 15 malware candidates | hash | version | size | error types | # CO| Malware type|vtotal score| |------|---------|------|-------------|----|---|---| |[083c](https://pylingual.io/view_chimera?identifier=d11d874c302f76460093bf4ca38667d53009d9b242dcdc77c03502d834d5f1d1)|3.9|139|IT|19|Token Stealer|14/61| |[3a73](https://pylingual.io/view_chimera?identifier=9f905ce1af4b1534e7bb33566a5b62ab0a4ce39a05439013dbe7ff923b3f8f90)|3.9|161|IT|5|Credential Stealer, Token Stealer |15/61| |[2b3d](https://pylingual.io/view_chimera?identifier=d02865d6246288dce371f058b3c7cbbb66319abbabe76819e5744b2c1de87424)|3.10|138|CF|5|Credential Stealer, focus.cc, spoofer|14/61| |[dc82](https://pylingual.io/view_chimera?identifier=245e5eaed43259d3a2c177700c92d06f2f0f49e6e6680172f7206aaebc2c6164)|3.10|239|CF|15|Cookie Stealer, ZARNET|15/61| |[b394](https://pylingual.io/view_chimera?identifier=17c25c33f9c1ed584c37d59f619d70189af81ed3e5e794ac399f7fb2377568ef)|3.11|40|IT|3|Credential Stealer, Keylogger |13/61| |[1400](https://pylingual.io/view_chimera?identifier=1400a12206e83c617e777602d9e0dc0a263864d4d0ec920c057ec15ee700b5a2)|3.11|123|CF|7|credential stealer|3/61| |[d393](https://pylingual.io/view_chimera?identifier=a04f2850daed89daf640baa523cb0c7d67504dac0188bf7c89437fabe994ec7b)|3.11|168|CF|9|Credential Stealer, Token Stealer|14/61| |[a5c5](https://pylingual.io/view_chimera?identifier=e48a5b5d920409faedbc484488d1370b8d60627a426d1cbfed83c7d1be8c56d2)|3.11|175|CF, IBO|11|Credential Stealer|20/61| |[8ae6](https://pylingual.io/view_chimera?identifier=f6f2d1aa3c67da8d7efc97ae54c7ed6d48ceed5c71c09d6330085d38f1fce0a3)|3.11|197|IT, IBO|15|Token Stealer|22/61| |[6cc2](https://pylingual.io/view_chimera?identifier=6cc23314daa7f72dce061dd1d342c899dc0ac7522c25da0f1e5df9bd0d05a3de)|3.12|135|CF|8|anti-virus, credential strealer, persistency|14/61| |[6da2](https://pylingual.io/view_chimera?identifier=0f3f879c16c7b764ceaa63df83476e83cd0743feadf6f2e14e1b48747d2541ea)|3.12|124|IT, CF|5|Token Stealer|16/61| |[2a15](https://pylingual.io/view_chimera?identifier=8926d560d84edb89d62e9cce41d5155a51be6e59c8718d2add5168365c80be71)|3.12|240|CF, IUBC|16|Cookie Stealer, Credential Stealer,Persistent|13/61| |[c2e5]((https://pylingual.io/view_chimera?identifier=00ac4362f462e6a2fc165cd2a018d7ce924899e9be2272d54b033cf00228a61d))|3.12|271|CF|11|Cookie Stealer, Credential Stealer, Persistent|14/61| |[5fc9](https://pylingual.io/view_chimera?identifier=44db39e0cc16be532a54d84ca504760fa928e1b759b38d73d5769bb7dce0e89a)|3.12|272|IT, CF|16|Token Stealer|16/61| |[a697](https://pylingual.io/view_chimera?identifier=436af5d6c99095e86b803529679e91c765fb7dde98d5cada74b256ca4f569347)|3.13|209|IT, CF|8|Browser Stealer, Token Stealer|16/61| ## Resources * [Tools and commands cheatsheet][cheatsheet] ###### tags: `pldi`,`pylingual` --- [lec1.pptx]:https://cometmail-my.sharepoint.com/:p:/g/personal/kxj190011_utdallas_edu/Eb7zuUW6Yv1Nln48aAaGS6UB8ARQ9a7pGUZqQeGkLaAfPQ?e=V6ThZV&nav=eyJzSWQiOjI2NCwiY0lkIjozNDQ5MjMwMDAyfQ [lec2-1.pptx]:https://cometmail-my.sharepoint.com/:p:/g/personal/kxj190011_utdallas_edu/Ecq6nqNcCfxGmE_DePLPrfQBM25IWCGf-8y9X0SAc0GZmA?e=XaA7U1 [lec2-2.pptx]:https://cometmail-my.sharepoint.com/:p:/g/personal/kxj190011_utdallas_edu/EUucw8Ip555BihccA0FTw6MBhZllWGJAoFMLPS0gCj6qvw?e=L2eK3r&nav=eyJzSWQiOjI1NywiY0lkIjo0MjY1Mjk0OTE1fQ [lec3.pptx]:https://cometmail-my.sharepoint.com/:p:/g/personal/kxj190011_utdallas_edu/EVlgKjP65HNOuO53Q5s4KIIBUN_LUv22Uy6OqQqp_JWw2w?e=J2xoVr&nav=eyJzSWQiOjI1NywiY0lkIjo0MzUwMDI3OTV9 [tut1.pptx]:https://codimd.syssec.org/s/cYopmJb1oa [tut2.pptx]:https://codimd.syssec.org/s/b5fQIEwy6 [tut2-2.pptx]:https://codimd.syssec.org/s/bgZgPLK5J [tut3.pptx]:https://codimd.syssec.org/s/Md8v1UrwQ [cheatsheet]:https://codimd.syssec.org/s/1XoJSA1g6