Results 1 to 7 of 7

Thread: Immunity Debugger v1.4

  1. #1
    nicolas.waisman
    Guest

    Immunity Debugger v1.4

    Immunity is proud to announce: Immunity Debugger v1.4 "veni, vidi, pwn"

    We would like to express our appreciation for the enormous amount of
    contributions, feedback and requests we receive daily from the Immunity
    Debugger community at http://forum.immunityinc.com.

    Our TODO list seems infinite but we are getting the most requested
    features out there for you guys.

    New in this release: a proper process detach, a Second Pass Analysis
    which will soon grow into better argument/local variable recognitions
    and a new Silent Mode for batch scripts.

    Last but not least, we have included a collection of new scripts
    including a lot of contributions from forum regular Bob (scanpe.py,
    hidedebug.py and bpxep.py) and the contest winning plugin from JMS
    (Instead of a candle dinner with Kostya, he received a brand new job as
    a Developer on the CANVAS team).

    Thanks for using Immunity Debugger! We hope you enjoy this month's
    release, Check out the Changelog below for more detailed information.

    You can upgrade your current Immunity Debugger by going to Help/Update
    or directly downloading the new installer from
    http://debugger.immunityinc.com/register.html

    Sincerely
    Team Immunity
    http://www.immunityinc.com

    PS: Feedback, Requests, Scripts and Cool Screenshots are always
    welcome at http://forum.immunityinc.com

    1.40 Build 0

    New Features:

    - Debugger Core:
    o Added Silent Debugging Flag [accesible via Debugging options ALT-O or via immlib]
    http://forum.immunityinc.com/index.php?topic=157.0
    o Added Analysis Second Pass [Decoding Functions]
    http://forum.immunityinc.com/index.php?topic=163.0

    - Debugger GUI Core:
    o Now you can add headers + other useful information on every Row
    displayed at the Disasm Window. The information will be saved
    as part of dump struct.
    o Dettach option added to File Menu: Go to File -> Dettach [You need to be attached to
    gray out Dettach]
    http://forum.immunityinc.com/index.php?topic=158.0


    - Debugger GUI:
    o Right click on disasm line -> Add Header will add headers to your line



    - Immunity Debugger API:
    o Row Headers / Adding Lines to CPU
    - Added imm.addHeader() and imm.getHeader() methods.
    - imm.addLine behaves like addHeader()
    - Added imm.removeHeader()/imm.removeLine() && imm.getHeader()/imm.getLine()
    - Added imm.getTraceArgs()

    o Added imm.goSilent() method.
    o Added imm.undecorateName() method: Undecorate symbol names
    http://forum.immunityinc.com/index.php?topic=159.0
    o Added imm.Dettach() method: Dettach current process from debugger
    o Added imm.prepareForNewProcess() method: Prepare Debugger core for a fresh start
    o Updated BoB's UserDB.txt (http://peid.info/BobSoft/Downloads.html)

    - PyCommands:
    o Added namefunc.py : a simple samplescript that uses imm.addHeader to name
    functions in module
    o Added traceargs.py: find User supplied arguments into a given function.
    o Added JMS's Mike & Boo script
    o User Contributed PyCommands:
    - BoB (http://PEiD.info/BobSoft/)
    * scanpe.py (http://forum.immunityinc.com/index.php?topic=137.0)
    * hidedebug.py (http://forum.immunityinc.com/index.php?topic=140.0)
    * bpxep.py (http://forum.immunityinc.com/index.php?topic=138.0)


    Bug Fixes:

    - Fixed error when adding knowledge and changing python enviroments later.
    (__dict__ not accesible in restricted mode error)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    I've updated your entry in the CRCETL to reflect the "updated" version number and "update" date. In the future, you may do this yourself, if you wish.

    You will find the CRCETL listing for Immunity Debugger here:

    http://www.woodmann.com/collaborative/tools/index.php/Immunity_Debugger

    Regards,
    JMI

  3. #3
    nicolas.waisman
    Guest
    Awesome. Thanks.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    nicolas.waisman
    Guest

    Immunity Debugger 1.5

    Immunity team is proud to present: Immunity Debugger 1.5

    This new Immunity Debugger release provides a lot of new scripts and important fixes. New scripts to improve your debugging experience include: gflags, hookssl, and hookndr.

    The API has been reinforced with new functionality which allows you to gather more information from the remote process, such as Threads, findRetValue. This release also includes some important fixes such as correct Memory Page protection flags, which are also available via the Python API.

    Check the Changelog below for the details of this exciting release.

    As usual, you can discuss your scripts, request new features or just hang
    out at our forum: http://forum.immunityinc.com. We would like to thank
    Teddy Roggers from tuts4you for maintaining a list of Immunity Debugger
    ported plug-ins that can be found at http://www.tuts4you.com/download.php?list.74

    Do you want to hire a hacker? Are you looking for job? Immunity has extended the Immunity Debugger Advertisment service to hackers, reverse engineers and debugger freaks and it is now free for job seekers!

    Job seekers can place ads at http://debugger.immunityinc.com/hireahacker.html

    Happy debugging (and job hunting)!

    Team Immunity
    P.S.: If you want to request a feature, show off your script or just chat about Immunity Debugger, Justin Seitz from the Immunity Debugger team will be at CanSecWest for the next three days.


    1.50 Build 0

    New Features:

    - Debugger:
    o Added "Servers" folder with specific PyCommand listeners - for example, hookssl.py will send all the data back to a XML-RPC service using ssl_listener.py, which then has the option to change it and send it back.

    - Memory Pages:
    o Working on Windows Vista. Now correct on Windows XP, 2000, 2003.

    Immunity Debugger API:
    o Added imm.vmQuery() wrapper [Query Virtual Memory pages]
    o The MemoryPage class has been improved.
    - Protect and Allocation Protect Flags are queried in real-time
    - You can get a human readable flag passing human = 1 to
    page.getAccess() and page.getInitAccess()
    o Added:
    - searchOnExecute()
    - searchOnRead()
    - searchOnWrite()
    These methods will search in any memory page with access = any
    combination.
    o Modified:
    - Search()
    - searchShort()
    - searchLong()
    to receive an extra flag parameter to specify memory protection type
    when searching.
    o Added imm.isAdmin() : is ID running as admin?
    o Added Thread class to debugtypes.py
    o Added imm.getAllThreads() method
    o librecognition.py : Improved REGEXP support for the indexed register search
    o Added Function.findRetValue Find all the possible values on a Function
    o GFlags class Handle Windows Global Flags.

    PyCommands:

    o gflags.py: Enable/Disable Windows Global Flags
    o recognize.py: Backward compatability
    o Added hookssl.py
    o Added ssl_listener.py to Servers directory
    o Added hookndr.py: Hooks the NDR unmarshalling routines and prints them
    out so you can see which ones worked
    o Added nohooks.py : removes all hooks from memory

    Bug Fixes:

    - Debugger Core
    o The memory page protect information is correctly displayed now.
    o Fixed Second Analysis pass repeated entries bug.
    o Fixed thread state swap issue which was leading to a memory leak.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Glad to see you updated the CRCETL as well!

    Regards,
    JMI

  6. #6
    nicolas.waisman
    Guest
    hehehe, yeah. Thanks man
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Thanks for your efforts nicolas

    Keep up the good work
    Found in the OpenGL header file for Visual C++ 6: 'typedef GLint int '. AAAARRRRGGGHHHH!!! [Don't get it? You're not a C programmer.]

    A hacker does for love what others would not do for money.

    Being married to a programmer is like having a cat. You talk to it but you're never really sure if it hears you, much less comprehends what you say.

Similar Threads

  1. Immunity Debugger v1.4
    By OpenRCE_nicowow in forum Blogs Forum
    Replies: 0
    Last Post: February 5th, 2008, 00:12
  2. Immunity Debugger is now released!
    By OpenRCE_nicowow in forum Blogs Forum
    Replies: 0
    Last Post: November 24th, 2007, 18:50
  3. Immunity Debugger v1.2
    By nicolas.waisman in forum Tools of Our Trade (TOT) Messageboard
    Replies: 2
    Last Post: October 2nd, 2007, 09:27
  4. Immunity Debugger v1.1
    By nicolas.waisman in forum Tools of Our Trade (TOT) Messageboard
    Replies: 3
    Last Post: September 4th, 2007, 00:03
  5. Immunity Debugger is now released!
    By nicolas.waisman in forum Tools of Our Trade (TOT) Messageboard
    Replies: 23
    Last Post: August 27th, 2007, 07:26

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •