|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Debuggers and such...
From: Sinan Eren (sinan.eren
immunitysec.com)
Date: Fri Jan 30 2004 - 15:54:55 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 30 Jan 2004, Dave Aitel wrote:
> In my opinion ddd is to ollydb what a honda civic is to an audi s4. Part
> of gdb's problem is ptrace() itself. I believe the bastard's team is
> hooking the linux kernel to get around this, but it has been a long time
> since I've looked at the project.
agreed. ptrace() is a poor bastard compared to what softice is.
> Just for starters - what memory pages are owned by what shared
> libraries, and I want to search through all of those pages for ffe4.
> This is an easy thing with olly, and impossible with ddd.
not agreed. i think gdb's scripting capabilities are great for any sort
of exploit development, bug hunting task.
here is how to do what you are asking for; display shared library maps
and search for ffe4 in libc.so
noirjuneof44:~> gdb -q /usr/bin/python
(no debugging symbols found)...(gdb) break *main
Breakpoint 1 at 0x80486d0
(gdb) r
Starting program: /usr/bin/python
(no debugging symbols found)...(no debugging symbols found)...[New Thread
16384 (LWP 2132)]
(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no
debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no
debugging symbols found)...
[Switching to Thread 16384 (LWP 2132)]
Breakpoint 1, 0x080486d0 in main ()
(gdb) info sharedlibrary
>From To Syms Read Shared Object Library
0x400454d0 0x400de304 Yes /usr/lib/libpython2.3.so.1.0
0x4011e260 0x40126f24 Yes /lib/i686/libpthread.so.0
0x4016beb0 0x4016cde4 Yes /lib/libdl.so.2
0x4016ee50 0x4016f7b4 Yes /lib/libutil.so.1
0x401ad440 0x4020df14 Yes /usr/lib/libstdc++.so.5
0x40235520 0x4024e044 Yes /lib/i686/libm.so.6
0x40256520 0x4025b3e4 Yes /lib/libgcc_s.so.1
0x40272b40 0x4036d7b4 Yes /lib/i686/libc.so.6
0x40000c00 0x400139ef Yes /lib/ld-linux.so.2
(gdb) set $libc = 0x40272b40
(gdb) while ( (*$libc & 0xffff) != 0xffe4 && $libc < 0x4036d7b4)
>set $libc = $libc + 1
>end
(gdb) x/2bx $libc
0x402742fa <add_derivation+122>: 0xe4 0xff
(gdb)
> Every unix hacker, including myself, who's used olly has wished they had
> it on linux.
i wish i had softice on linux since kernel land is as much interesting ...
and i cant recall ollydbg doing any kernel level stuff.
-sinan
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]