Page 3 of 3 FirstFirst 123
Results 31 to 37 of 37

Thread: Linux debugger

  1. #31
    Firstly, the most basic linux anti-debugging technique is for an app to call ptrace on itself, if it is being debugged by ptrace, this call will fail (a process may only be ptraced by one other process at a time). I imagine that the win32 debugging API, if it's implemented at all in WINE would be based on ptrace. Though i really dont see a huge need for doing so, maybe fore visual studio support.

    Snapshot idea isn't bad, fairly trivial to implement too.

    Anyway, to answer your question on memory access breakpoints in ollydbg, according to the help file he simply marks the ENTIRE region in which the address resides as having no-access. When ollydbg gets the page fault, it checks the location, if it's in a memory access breakpoint region, it pauses execution, and restores the original permissions so that it may continue.

    As for execution based breakpoints, it simply replaces the byte at the address to 0xcc (int 3) which causes a trap exeption which the debugger can catch.

    PS, why not use one of the MANY existing dissasemblers that are out there?

    proxy

  2. #32
    Hey everyone, just wanted to post some progress

    The debugger is coming along very nicely. I have implemented plugins which are very easy to code. Even the debugging core is a plugin, so you can drop in a new one as long as it implements the correct API.

    I have implemented some pretty cool features, most recently the ability to search for opcodes in a similar fashion as metasploit.

    Many of the "issues which could block release" are resolved as well, so I think I am getting close to a pre-1.0 release to the public sometime this month (I hope).

    Anyway, just wanted to give everyone a heads up. As always you can check out the current progress at:

    http://www.codef00.com/projects.php#Debugger

    proxy

  3. #33
    yosh64
    Guest
    hey

    I'm really looking forward to more progress and the release . I got side tracked before I really even started mine , I think I will wait and see yours before even thinking about starting over with mine, as yours looks to be quite impressive .

    cyas
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #34
    Tesmovrog
    Guest
    Too early...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #35
    just wanted to let anyone know who was following this thread, that I have officially released a pre-1.0 version to get the ball rolling.

    Hope you all enjoy

    http://www.codef00.com/projects.php#Debugger

    proxy

  6. #36
    Hey, keep up the good work! Try put this on sourceforge and opensource it. Then we can all contribute.

  7. #37
    well it is open source under a GPL-2 license I'll probably make a sourceforge entry for it, but nothing stopping people from downloading it and contributing.

    I personally would be more than happy to add any good plugins to the official source tree and try to get a ton of features in it.

    proxy

Similar Threads

  1. Replies: 3
    Last Post: August 12th, 2008, 14:59
  2. bidirectional Linux debugger
    By gabri3l in forum Linux RCE
    Replies: 1
    Last Post: September 5th, 2006, 23:38
  3. Linux Flexlm SDK Kit
    By roZes in forum Advanced Reversing and Programming
    Replies: 0
    Last Post: May 22nd, 2001, 01:57
  4. Linux
    By Sorvat in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: April 30th, 2001, 21:07

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •