Dailydave mailing list archives

Re: Problems to solve

From: Chris Eagle <cseagle () redshift com>
Date: Thu, 10 Aug 2006 11:39:06 -0700

Dave Aitel wrote:

One problem Immunity has is that invariably we're all working on
different virtual machines - everyone at once trying to write one
exploit. Each VM we work on has it's own DLL's and invariably mine are
different from everyone else's. To solve this problem, I want to graph
the DLL and then actually name every function based on that graph,
instead of based on their memory address, which is changing on a
per-DLL basis and therefor means nothing.


Doesn't BinDiff solve this same problem internally?  It needs to
recognize two functions as being the same, independent of address so
that it can do its magic across updates to the dll.  Sounds like you
need some Halvar magic.

Chris
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Problems to solve Dave Aitel (Aug 10)
- Re: Problems to solve Chris Eagle (Aug 10)
  - Re: Problems to solve CIRT.DK (Aug 10)
    - Re: Problems to solve Nicolas RUFF (Aug 14)
    - Re: Problems to solve Matt Oh (Aug 15)
    - Re: Problems to solve Matt Oh (Aug 15)
    - Re: Problems to solve Nicolas RUFF (Aug 15)
    - Re: Problems to solve Matt Oh (Aug 15)
    - Re: Problems to solve Matt Oh (Aug 15)
  - Re: Problems to solve Halvar Flake (Aug 11)
    - Re: Problems to solve Blue Boar (Aug 14)
- Re: Problems to solve Blue Boar (Aug 10)

(Thread continues...)