Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Dave Aitel (daveimmunityinc.com)
Date: Thu Apr 19 2007 - 11:57:19 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Today in the great white north, the train was late by ten minutes. At
first I thought there was going to be a riot, but then everyone just
huddled into the stairwell for warmth like a group of emperor penguins.
Anyways, since I'm teaching, I mostly fix CANVAS bugs and prepare for
class all night, but I've been slowly working on a new thing, which I
hope will be done soon.
Essentially the problem is that I want a bunch of people to be able to
comment up a disassembly all at the same time, much like we all code
on one exploit at the same time. I also am tired of commenting the
same parts of dll's on various VM's just in different language packs.
Bindiff solves the second problem, but there's a small part of this
problem that I don't need a Bindiff to solve, and I still want to
solve it. Likewise there are other issues I'd like to solve
peripherally, and they're all built using different tools that don't
work together. So I want to expose all those tools to each other and
to my disassembler.
Anyways, my attempted solution is this: When you click "export" in
ImmDBG, I want it to export a semi-portable mapping file with all your
names and comments and other data (analysis data or type data from
unmidl, for example) to an XML file. If you want to include arbitrary
Python objects in there as marshalled strings, that's cool too.
Whatever you want goes into this structured XML file, which is then
automatically synced to the main server with CVS/SVN. This buys us
revision control for free. So when I install ImmDBG on some random VM,
I point it at the company SVN server, and every time I attach to
something any comments I'd done on those DLL's before get
automatically imported, updated, changed, and commited.
Likewise if I want to work on the XML file with PaiMai or Bindiff or
whatever else, I can do that quite quickly and easily. And the whole
team can work together the exact same way they work together on source
code, using the exact same toolset they're used to.
Just an idea.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
Dailydave mailing list