![Page 1: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/1.jpg)
Light and Dark side of Code
Instrumentation Dmitriy “D1g1″ Evdokimov
DSecRG, Security Researcher
![Page 2: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/2.jpg)
#whoami
• Security Researcher in DSecRG – RE – Fuzzing – Mobile security
• Organizer: DCG #7812 • Editor in “XAKEP”
CONFidence Krakow 2012 2 www.dsecrg.com
![Page 3: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/3.jpg)
Agenda
1. Instrumentation . 2. Instrumentation .. 3. Instrumentation … 4. Instrumentation …. 5. Instrumentation ….. 6. Instrumentation …… 7. Instrumentation …….
CONFidence Krakow 2012 3 www.dsecrg.com
![Page 4: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/4.jpg)
Intro
“It has been proved by scientists that a new
point of evolution, any technical progress appears when a Man makes up a new type of tool, but not a product.”
CONFidence Krakow 2012 4 www.dsecrg.com
![Page 5: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/5.jpg)
Instrumentation
Instrumentation is a technique adding extra code to an program/environment for monitoring/change some program behavior.
CONFidence Krakow 2012 5
Own extra code
Program
Own extra code
Program
Environment
www.dsecrg.com
![Page 6: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/6.jpg)
Why is it necessary?
CONFidence Krakow 2012 6
Simulation
Emulation
Performance analysis
Correctness checking
Memory debugging
Parallel optimization
Collecting code metrics
Automated debugging
Software profiling
Optimization
Testing
Error detection
Virtualization
Memory leak detection
www.dsecrg.com
Binary translation
![Page 7: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/7.jpg)
Instrumentation in information security
CONFidence Krakow 2012 7
Control flow analysis
Taint analysis
Data flow analysis
Code coverage
Privacy monitoring
Vulnerability detection
Fuzzing
Virtual patching Malware analysis
Shellcode detection
Reverse engineering Deobfuscation
Unpack
Data Structure Restoring
Sandboxing Antivirus technology
Forensic Transparent debugging
Program shepherding
Security test case generation
Behavior based security
www.dsecrg.com
Security enforcement
![Page 8: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/8.jpg)
Analysis
CONFidence Krakow 2012 8
Criterion Static analysis Dynamic analysis
Code vs. data Problem No problem
Code coverage Big (but not all) One way
Information about values No information All information
Self-modifying code Problem No problem
Interaction with the environment
No Yes
Unused code Analysis No analysis
JIT code Problem No problem
www.dsecrg.com
![Page 9: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/9.jpg)
Code Discovery
CONFidence Krakow 2012 9
0101010110101001010010 0101010101101010101010 1111010101110101000111 1011100111001010101011 0111010110100111100110 1010101101110001001011
Memory
Instr 1
Instr Instr 7
Instr 8 Instr 10
Instr 3 jump reg Instr 2
5 Instr 7 cont.
Instr 4 Instr 6
Instr 9
After static analysis Instr 1
DATA Instr 5
PADDING Instr 6
Instr 3 jump reg Instr 2
Instr 4 jmp 0x0ABCD
After dynamic analysis
www.dsecrg.com
![Page 10: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/10.jpg)
The general scheme of code instrumentation
1. Find points of instrumentation; 2. Insert instrumentation; 3. Take control from program; 4. Save context of the program; 5. Execute own code; 6. Restore context of the program; 7. Return control to program.
CONFidence Krakow 2012 10 www.dsecrg.com
![Page 11: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/11.jpg)
Source Data
CONFidence Krakow 2012 11
Source data
Source code Byte code Binary code
www.dsecrg.com
![Page 12: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/12.jpg)
Classification of target instrumentation
CONFidence Krakow 2012 12
Instrumentation
With source code Without source code
Source code
Linker/Compiler
Byte code Binary code
Byte code
Interpreter/VM
Executable file
Process
Environment
Hardware
Source code instrumentation Link-time/Compilation-time instrumentation
Byte code instrumentation - Static - Load-time - Dynamic
Static binary instrumentation Dynamic binary instrumentation Environment modification
www.dsecrg.com
![Page 13: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/13.jpg)
Source code instrumentation
• Source code* – Source code instrumentation
• Manual skills • Plugins for IDE
– Link-time/Compilation-time instrumentation • Options of linker/compiler
• Tools: Visual Studio Profiler, gcc, TAU, OPARI, Diablo, Phoenix, LLVM, Rational Purify, Valgrind
CONFidence Krakow 2012 13
*Unreal condition for security specialist =)
www.dsecrg.com
![Page 14: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/14.jpg)
Unmoral programming
CONFidence Krakow 2012 14 www.dsecrg.com
![Page 15: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/15.jpg)
Byte code instrumentation
Byte code – intermediate representation between source code and machine code.
CONFidence Krakow 2012 15
…
Java VM Dalvik VM AVM/AVM2 CLR
www.dsecrg.com
![Page 16: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/16.jpg)
Instrumentation byte-code (I)
CONFidence Krakow 2012 16
Source code Byte-code
Loader JIT
Lib Lib
Lib
Machine code
Compilation
Exec
ute
Load
Virtual machine
www.dsecrg.com
![Page 17: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/17.jpg)
Instrumentation byte code (II)
• Byte-code – Static instrumentation
• Static byte code instrumentation
– Load-time instrumentation • Custom byte code loader
– Dynamic instrumentation • Dynamic byte-code instrumentation
CONFidence Krakow 2012 17 www.dsecrg.com
![Page 18: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/18.jpg)
Instrumentation Java (I)
CONFidence Krakow 2012 18 www.dsecrg.com
Mechanisms: • java.lang.instrument package; • Java Platform Debugger Architecture (JPDA) .
![Page 19: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/19.jpg)
Instrumentation Java (II)
• Static instrumentation – Modification *.class files
• Load-time instrumentation – ClassFileLoadHook – Custom ClassLoader
• Dynamic instrumentation – ClassFileLoadHook -> RetransformClasses
Tools: Javassist, ObjectWeb ASM, BCEL, JOIE, reJ
JavaSnoop, Serp, JMangler
CONFidence Krakow 2012 19 www.dsecrg.com
![Page 20: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/20.jpg)
Instrumentation .NET
• Static instrumentation – Modification DLL files
• Load-time instrumentation – AppDomain.Load()/Assembly.Load() – Joint redirection – Via event handler
Tools: ReFrameworker, MBEL, RAIL, Cecil
CONFidence Krakow 2012 20 www.dsecrg.com
![Page 21: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/21.jpg)
Instrumentation ActionScript (I)
• ActionScript2 – AVM – Tags that (can) contain bytecode:
• DefineButton (7), DefineButton2 (34), DefineSprite (39), DoAction (12), DoInitAction (59), PlaceObject2 (26), PlaceObject3 (70).
• ActionScript3 – AVM2 – Tags that (can) contain bytecode:
• DoABC (82), RawABC (72).
CONFidence Krakow 2012 21 www.dsecrg.com
![Page 22: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/22.jpg)
AVM2 Architecture
.abc
.abc parser
Bytecode Verifier
Interpreter
JIT Compiler
MIR Code Generator
MD Code Generator (x86, PPC, ARM, etc.)
Runtime System (Type System, Object Model)
Memory Manager/Garbage Collector
22 CONFidence Krakow 2012
AS3 function (x:int):int { return x+10 }
.abc getlocal 1 pushint 10 add returnvalue
MIR @1 arg +8// argv @2 load [@1+4] @3 imm 10 @4 add (@2,@3) @5 ret @4 // @4:eax
x86 mov eax,(eap+8) mov eax,(eax+4) add eax,10 ret
www.dsecrg.com
![Page 23: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/23.jpg)
Instrumentation ActionScript (I)
CONFidence Krakow 2012 23 www.dsecrg.com
Original SWF file
Header Tags
AVM tag
Instrumenteted SWF file
![Page 24: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/24.jpg)
Instrumentation AVM (II)
CONFidence Krakow 2012 24 www.dsecrg.com
• Static instrumentation – Add :
• trace() • dump() • debug() • debugfile() • debugline()
– Modification: • Create own class + change class name = hook!
![Page 25: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/25.jpg)
Instrumentation binary code • The executable file
– Static code instrumentation • Static binary instrumentation
• Process – Debuggers
• Debugging API – Modifying call table/other structure
• IAT • …
– Dynamic code instrumentation • Dynamic binary instrumentation
• Hardware – Hardware debug features
• Debug registers • Hardware debuggers • …
CONFidence Krakow 2012 25 www.dsecrg.com
• Environment – Modifying call table
• IDT, CPU MSRs, GDT, SSDT, IRP тable
• … – Modifying OS options
• SHIM • LD_PRELOAD • AppInt_DLLs • DLL injection • …
– Reproduction of the environment
• Emulation • Virtualization
![Page 26: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/26.jpg)
Static Binary Instrumentation (I)
Static binary instrumentation/Physical code integration/Static binary code rewriting
• Realization: – With reallocation:
• Level of segment; • Level of function;
– Without reallocation.
CONFidence Krakow 2012 26 www.dsecrg.com
Header Edited Header
Segment of code
Segment of data
Extra segment of code
Extra segment of data
Segment of code
Segment of data
![Page 27: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/27.jpg)
Static Binary Instrumentation (II)
Reallocation: 1) Function Displacement + Entry Point Linking; 2) Branch Conversion; 3) Instruction Padding; 4) Instrumentation.
CONFidence Krakow 2012 27 www.dsecrg.com
Tools: DynInst, EEL, ATOM, PEBIL, ERESI, TAU, Vulcan, BIRD, Aslan(4514N)
![Page 28: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/28.jpg)
Debuggers • Breakpoints:
• Software • Hardware
• Debugger + scripting: • WinDBG + pykd • OllyDBG + python = Immunity Debuggers • GDB + PythonGDB
• Python library's*: Buggery, IDAPython, ImmLIB, lldb, PyDBG,
PyDbgEng, pygdb , python-ptrace , vtrace, WinAppDbg, … *See “Python Arsenal for Reverse Engineering”
CONFidence Krakow 2012 28 www.dsecrg.com
App Debugger
Processor
OS
![Page 29: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/29.jpg)
Dynamic Binary Instrumentation
Dynamic binary instrumentation/Virtual code integration/Dynamic binary rewriting
Tools: PIN, DynamoRIO, DynInst, Valgrind, BAP,
KEDR, Fit, ERESI, Detour, Vulcan, SpiderPig CONFidence Krakow 2012 29 www.dsecrg.com
App1 App2
Processor
OS
DBI
![Page 30: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/30.jpg)
Dynamic Binary Instrumentation
• Dynamic Binary Instrumentation (DBI) is a process control and analysis technique that involves injecting instrumentation code into a running process. • Dynamic binary analysis (DBA) tools such as profilers and checkers help programmers create better software. • Dynamic binary instrumentation (DBI) frameworks make it easy to build new DBA tools.
•DBA tools consist: – instrumentation routines; – analysis routines.
CONFidence Krakow 2012 30 www.dsecrg.com
![Page 31: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/31.jpg)
Kinds of DBI
Mode: – user-mode; – kernel-mode.
Modes of execution: – Interpretation-mode; – Probe-mode; – JIT-mode.
CONFidence Krakow 2012 31 www.dsecrg.com
Mode of work: - Start to finish; - Attach.
Performance Fu
nctio
nalit
y
JIT
Probe
![Page 32: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/32.jpg)
DBI Frameworks* Frameworks OS Arch Modes Features
PIN Linux, Windows, MacOS
x86, x86-64, Itanium, ARM
JIT, Probe Attach mode
DynamoRIO Linux, Windows
x86, x86-64 JIT, Probe
Runtime optimization
DynInst Linux, FreeBSD, Windows
x86, x86-64, ppc32, ARM, ppc64
Probe Static & Dynamic binary instrumentation
Valgrind Linux, MacOS x86, x86-64, ppc32, ARM, ppc64
JIT IR – VEX, Heavyweight DBA tools
CONFidence Krakow 2012 32 www.dsecrg.com
*For more details see “DBI:Intro” presentation from ZeroNights conference
![Page 33: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/33.jpg)
Start work with DBI
CONFidence Krakow 2012 33 www.dsecrg.com
![Page 34: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/34.jpg)
Levels of granularity
• Instruction; • Basic Block*; • Trace/Superblock; • Function; • Section; • Events; • Binary image.
CONFidence Krakow 2012 34 www.dsecrg.com
![Page 35: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/35.jpg)
Self-modifying code & DBI
Detect: – Written-protecting code pages – Checking store address – Inserting extra code
CONFidence Krakow 2012 35 www.dsecrg.com
![Page 36: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/36.jpg)
Overhead O = X + Y Y = N*Z Z = K+L
O – Tool Overhead; X – Instrumentation Routines Overhead; Y – Analysis Routines Overhead; N – Frequency of Calling Analysis Routine; Z – Work Performed in the Analysis Routine; K – Work Required to Transition to Analysis Routine; L – Work Performed Inside the Analysis Routine.
CONFidence Krakow 2012 36 www.dsecrg.com
![Page 37: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/37.jpg)
Rewriting instructions
• Platforms: – with fixed-length instruction; – with variable-length instructions.
CONFidence Krakow 2012 37 www.dsecrg.com
![Page 38: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/38.jpg)
Rewriting code (I)
• Easy / simple / boring / regular example – Rewriting prolog function
CONFidence Krakow 2012 38 www.dsecrg.com
![Page 39: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/39.jpg)
Rewriting code (II)
• Hardcore example: – Mobile phone firmware rewriting
CONFidence Krakow 2012 39
GSM AMSS SHELLCODE 1
Bootloader
Flash
Malicious SMS
reboot
Baseband processor www.dsecrg.com
![Page 40: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/40.jpg)
Instrumentation in ARM
ARM modes: – ARM
• Length(instr) = 4 byte – Thumb
• Length(instr) = 2 byte – Thumb2
• Length(instr) = 2/4 byte – Jazzle
For more detail see “A Dynamic Binary Instrumentation Engine for the ARM
Architecture” presentation.
CONFidence Krakow 2012 40 www.dsecrg.com
![Page 41: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/41.jpg)
Emulation
CONFidence Krakow 2012 41 www.dsecrg.com
App1 OS
Emulator
Processor
OS
![Page 42: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/42.jpg)
Instrumentation & Bochs • Bochs can be called with instrumentation support. • C++ callbacks occur when certain events happen:
– Poweron/Reset/Shutdown; – Branch Taken/Not Taken/Unconditional; – Opcode Decode (All relevant fields, lengths); – Interrupt /Exception; – Cache /TLB Flush/Prefetch; – Memory Read/Write.
• “bochs-python-instrumentation” patch by Ero Carrera
CONFidence Krakow 2012 42 www.dsecrg.com
![Page 43: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/43.jpg)
Virtualization
CONFidence Krakow 2012 43 www.dsecrg.com
App1 OS
VMM
Processor
App1 OS
VMM
Processor
OS
Native VMM Hosted VMM
*VMM - Virtual Machine Monitor
![Page 44: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/44.jpg)
Instrumentation & virtualization Stages: 1. Save the VM-exit reason information in the VMCS; 2. Save guest context information; 3. Load the host-state area; 4. Transfer control to the hypervisor; 5. Run own code.
*VMCS - Virtual Machine Control Structure
CONFidence Krakow 2012 44 www.dsecrg.com
![Page 45: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/45.jpg)
Instrumentation in Mobile World
CONFidence Krakow 2012 45
Mobile Platform Language Executable file format
Android Java Dex
iOS Objective-C Mach-O
Windows Phone .NET PE
www.dsecrg.com
![Page 46: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/46.jpg)
Conclusion
CONFidence Krakow 2012 46 www.dsecrg.com
One can implement instrumentation of everything!
![Page 48: DmitriyEvdokimov. Light and Dark Side of Code Instrumentation](https://reader034.vdocuments.us/reader034/viewer/2022042623/544c96abb1af9fc6498b4670/html5/thumbnails/48.jpg)
Windows 8
• Apps: – C++ & DirectX – C# & XAML – HTML & JavaScript & CSS
CONFidence Krakow 2012 48 www.dsecrg.com