Dailydave mailing list archives
Request of the day
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 21 Apr 2006 02:10:19 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here's what else I want today for my super-debugger, and this one is easy. I want to breakpoint on WSARecv() then hit control-f9 to continue until done, and then say returned buffer is now "my string" and I want to know all references to it and if anyone uses it in strdup() or wsprintf() or similar I want to mark the return values from those as well and follow them and just comment up the whole program automagically and let me know every instruction that relates to my string as you step_instruction() through it. Then later I want to know all functions that touched my string. Later on we'll work on structures and classes and internal members for the same thing. :> Last week Bas and Nico finalized a working GOCode for Win32. This turns out to be pretty hard, since although we've had a GOCodeWin32 for a long time, I've never truly been happy with it because in some situations it would randomly freeze doing getpeername(). This new shellcode is something like our fourth attempt at the problem and is essentially wildly different from every other attempt. Stealing the socket on Win32 is difficult to do reliably. But having it working and portable and small and beautiful...rocks. Maybe I'll convince them to do a talk soon about it somewhere. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFESHdKB8JNm+PA+iURAo3tAJ91RfaaUfZy3Mcqas8EYoA+4DgZBQCbBp6n bpzj0TMb5dpMnQm2tG1bGgU= =dIpu -----END PGP SIGNATURE-----
Current thread:
- Request of the day Dave Aitel (Apr 24)
- <Possible follow-ups>
- Re: Request of the day Pedram Amini (Apr 24)
- Re: Request of the day MÃ¥rten Cassel (Apr 26)
- RE: Request of the day Aleksander P. Czarnowski (Apr 26)
- Re: Request of the day MÃ¥rten Cassel (Apr 26)