Firewall Wizards mailing list archives
Re:
From: Bret <bret () rehost com>
Date: Thu, 20 May 1999 09:46:13 -0400
---Reply to mail from Gilles about
Does anyone here can post a simple C decompiler ? If i need to decompile my /bin/login in Linux Red Hat, is it what i need ?
I dont see how a decompiler relates to firewalls, however ... It is difficult to decompile programs, though not impossible.. As far as I know there are no linux decompilers, there are however disassemblers. Using gdb (gnu debugger) you should be able to figure out if your login program is doing anything that you dont want it to do (additionally strace may also provide some information).. You can even use ldd to see what libraries it is using (to see if it uses anything that it shouldnt/doesnt normally).. You can also try to check the checksum of the file and see if it matches, changes typically show up with a different checksum (though a really clever person can make the checksum the same, typically not without changing the filesize though).. With that said, unless you are trying to look at exactly what was done, it is often easier to replace the program by getting the source from a known secure location and rebuilding it from that. If you do not know how to use any of the tools that I mentioned (or simmilar ones) odds are that you do not know enough to figure out exactly what is going on, and this forum isnt the correct place to explain usage of those tools (as they deal more with development and not with firewalls themselves).. Hope this helps somewhat -- Bret McDanel http://www.rehost.com Realistic Technologies, Inc. 973-514-1144 These opinions are mine, and may not be the same as my employer
Current thread:
- [no subject] Gilles (May 19)
- Re: your mail Joseph S D Yao (May 21)
- Re: Bret (May 21)
- Decompiler, was (uselessly) Re: David Gillett (May 21)
- Re: Decompiler, was (uselessly) Re: Chuck Young (May 21)