Storicamente il reversing di eseguibili è sempre stata una pratica oscura associata alla pirateria o allo spionaggio industriale, ma oggi, con l'aumentare di malware targettizzati, quest'arte sta diventando un argomento molto discusso perchè necessita una forte capacità di analisi, intuizione ed inventiva. Ma perchè è così importante analizzare un malware? Quali strumenti utlizzare, ma soprattutto come approcciare il problema? Come gestire i meccanismi di protezione adottati? Niente di meglio per addentrarci nel mondo della malware analysis partendo proprio da alcuni casi reali.

1. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
THE DARK SIDE OF
MALWARE ANALYSIS
Andrea Pompili
There are only 10 types
of people in the world:
Those who understand binary,
and those who don't
apompili@hotmail.com

2. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

3. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

4. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
203.131.222.102:8080
217.96.33.164:8000
88.53.215.64:8000
IPSistemi Comando eControllo #>

5. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

6. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Malware Analysis?
> Per capire i danni reali
> Per scoprire gli Indicatori di Compromissione
> Per stabilire il grado di preparazione/motivazione
dell’attaccante (Sun Tzudocet)
> Per ricostruire la vulnerabilità utilizzata (Magari uno0-day:-|)
> Per catturare il cattivo
> Per rispondere alle domande della vita…

7. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
La nobile arte del Reverse Engineering
Ingegneriainversa def.
«processodi analisidi unsistema softwareesistente, eseguitoalfinedi
crearneunarappresentazione ad altolivello di astrazione»
Altri scopi dell'ingegneria inversa comprendono: verifichedi vulnerabilità,
rimozionedi protezioneda copia, l'aggiramento di restrizionid'accesso

8. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Ideal Reverse Engineering

9. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Full vs Adequate Analysis

10. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Reversing Malware is like

11. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Launcher
Dropper
Downloader
Module
Command & Control
Exploit
Vector
Module <01>
Malware Architecture
Infection Stage
Malware Core
Module <XX>

12. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Launcher
Dropper
Module
Command & Control
Vector
Module <01>
Malware Architecture > Infection Stage
Malware Core
Module <XX>
Exploit
Downloader
Infection Stage

13. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Email contenenti link

14. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Email contenenti Allegati

15. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
La cara vecchia pennetta USB

16. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Vector
Malware Architecture > Downloader
Infection Stage
Downloader
Exploit
Command & Control

17. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
How is Encoded the Communication Channel?
<#1> FixedByteXOR(evergreen)
Identificabile (basta trovare unopcode xor nel binario)
<#2> Base64 Encoding
Identificabile e automaticamente reversabile
<#3> Encryption
Librerie Crypto ingombranti e riconoscibili gestire lechiavi?
<#4> G Channel
Dipendedal tipo prova a farlo con unoShellcode!!!

18. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Communication Channel: Spazio alla fantasia

19. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Downloader
Command & Control
Vector
Module <01>
Malware Architecture > Persistenza
Infection Stage Module <XX>
Exploit
Launcher
Dropper
Malware Core
Module

20. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Downloader
#1
Malware
Component
Command & Control #1
Vector
Malware Architecture > Chained Modules
Infection Stage
Exploit
Downloader
#2
Command & Control#2

21. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Moduli e Plugin
> Infostealer
> Keylogging
> Sniffer
> Spyware
> Data Exfiltration
> Remote Control
> Identity Theft
> Ransomware
> Spambot
> Network Scanner
> DDoS Agent
> Targeted attacks
> Data manipulation
> Anonymous Proxy
> DNS Attack
> Warez Archive

22. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Static vs Dynamic Analysis?
> Il codice non viene MAI eseguito (o almeno non dovrebbe)
> L’analisi è effettuata trasformando o ri-organizzando il codice di un
artefatto per stadi successivi
> Uso di un numero importante di tool di analisi
> Necessità di gestire strumenti di elaborazione ad-hoc
> Attenzione ad eventuali exploit per i tool di analisi utilizzati!
> Analisi limitata o molto lunga in caso di packer o offuscamenti complessi
<#1>Analisi Statica

23. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
First of All

24. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
String Revealer

25. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Static Malware
<#1>Formato Nativo (PE/Elf)
<#2>Intermediate Language(Java/.NET/etc.)
<#3>DocumentiAttivi (PDF/Office/etc.)
<#4
Stessorisultato == Approcci MOLTO diversi

26. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
La realtà dei fatti #1
<#1>Formato Nativo (PE/Elf)

27. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Interactive Disassembler

28. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Online Disassembler

29. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
How Malware Writers protect their

30. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
http://upx.sourceforge.net/
How Malware Writers protect their

31. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
How Malware Writers protect their

32. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
The way to Packers
Sections
DOS MZ Header
PE Header
Section Table
.text
.data
.resrc
Sections
DOSMZ Header
PE Header
SectionTable
Unpacker Stub
TempSpace
PackedData(orignalOEP)
OEP
OriginalProgram PackedProgram

33. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
FUD (Fully UnDetectable) Packers
UPX, Aspack, PE Compact,
eilresto
http://it.wikipedia.org/wiki/Exe_Packer

34. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Static Resource Analyzer

35. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Internet helps

36. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
La realtà dei fatti #2
<#2>Intermediate Language(Java/.NET/etc.)

37. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
> Metadati devono essere espliciti
(nomi Constant-Pool, variabili, metodi e classi)
> Gli opcode sono molto vicini ai costrutti del codice sorgente
(es. tableswitch)
> Non si può usare self-modifying code
> Non è possibile effettuare il branching su location arbitrarie,
ma solo all‘inizio di un‘istruzione, con il limite dello scope del
metodo corrente (controllato dal verifier)
Why Decompilation is easier

38. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
The «Easy» way to Source Code
JD-GUI
http://jd.benow.ca/
JAD
http://varaneckas.com/jad/

39. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

40. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

41. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

42. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
http://set.ee/jbe/
ByteCode Analysis & Manipulation

43. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

44. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

45. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
But things can go in the wrong

46. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

47. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Get your own ZKM String Custom Tool
java -jar ZKMTools.jar <CLASS_FILE>

48. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
What is Dynamic Analysis?
<#2>Live ExecutionAnalysis
<#3>Sandboxbased Analysis
<#1>Debugging
Non usare MAI il tuo PC per
eseguire Malware!!!

49. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Snapshot is the Way

50. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Debugging Principles
<#1>Debugging
OllyDbgDebugger
http://www.ollydbg.de/
Immunity Debugger
http://www.immunitysec.com/products-immdbg.shtml

51. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Debugging World
x86 Ring0
x86 Ring3
I Ringsono dei livellidi privilegio e/odi sicurezza fornitidal processore
Usermode
Kernel
HyperDbg,WinDbg, SoftICE
http://www.woodmann.com/collaborative/
tools/index.php/Category:Ring_0_Debuggers
http://www.woodmann.com/collaborative/
tools/index.php/Category:Ring_3_Debuggers

52. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Two Assembler things you have to know
Registri base x86/x64:
EAX registro general purpose #1 RAX a 64bit
EBX registro general purpose #2 RBX a 64bit
ECX registro general purpose #3 RCX a 64bit
EDX registro general purpose #4 RDX a 64bit
ESI puntatore sorgente operazioni su stringhe RSI a 64bit
EDI puntatore destinazione operazioni su stringhe RDI a 64bit
ESP puntatore alla posizione attuale dello stack RSP a 64bit
EBP puntatore alla base dello stack RBP a 64bit
EIP (Extended Instruction Pointer) puntatore
alla successiva istruzione da eseguire
Registri generici 64-bit mode-only
R8-R15

53. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Two Assembler things you have to know
Stack x86/x64:
» Struttura LIFO (Last In First Out) mappata sulla memoria
» ESP punta alla posizione attuale in memoria
» EBP viene utilizzato come «marcatore»
per gestire il successivo stackframe
» I dati possono essere caricati mediante
istruzioni PUSH e POP
» Automaticamente salva l’indirizzo di ritorno
delle CALL

54. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
> Run-time stack (Stackframe)
> Contiene le variabili locali
> ESP punta al primo elemento dello stack
> EBP punta alla base dello Stackframe
> Ad ogni chiamata di procedura viene
riservato un nuovo stackframe (scope
della funzione) spostando ESP ed EBP
Instructions
(.text)
global data(.data)
run-time
stack
Device Registers
x0200
xFFFF
EPC
R4
ESP
EBP
x0000
xFE00
Trap Vectors
Op Sys
x3000
Heap
Intr Vectors
x0100
Two Assembler things you have to know

55. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
» UsareilDebugger (es. OllyDbgo IDA Procon Bochs)attraverso levarieroutine
di decryption impostando Breakpointalterminedi ogni ciclo
» Effettuareil Dumpdellamemoria al terminedel processo(e.g. OllyDumpEx)
Defeat Packers using Dubuggers
Best Practices:
>Molti processi nonsono resilienti(si eseguonoed esconosubito)
>Interrompereil processoal momento giusto
>Step over istruzione per istruzione fino

56. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
<#2>Live ExecutionAnalysis

57. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Start Debugging during Execution

58. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
How to Fake Servers during Execution

59. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
How to Monitor Traffic during Execution

60. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
<#3>Sandboxbased Analysis

61. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Detailed Artifact Execution

62. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Screenshots Available!!!

63. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
The Online Cuckoo Service

64. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com

65. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
but be careful to fully Understand Objectives!

66. Page  ‹N›
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
apompili@hotmail.com – Xilogic Corp.
ROME 27-28.03.2015
www.codemotionworld.com
Domande?
Italian
‫ة‬َّ‫ي‬َ‫أ‬ ‫ِب‬‫ل‬‫ا‬َ‫ط‬َ‫م‬
Arabic
¿Preguntas?
Spanish
Questions?
English
tupoQghachmey
Klingon
Sindarin
Japanese
Ερωτήσεις?
Greek
вопросы?
Russian