All Questions
22 questions
1
vote
0
answers
87
views
How to develop an anti-debug library which allow users to debug their own programs but not the library?
I'm going to publish a library which guarded by anti-debug ,(ptrace_trackme for Linux and isDebuggerPresent for windows).
The down side of this library is: users would be abled to debug their own ...
- 81
4
votes
1
answer
212
views
How to debug cfg80211.ko
I have an Linux embedded device that I want to debug the cfg80211.ko
I have full root SSH on that device.
How can I debug cfg80211.ko?
- 281
2
votes
2
answers
358
views
Examining memory without attaching to the process by using /proc/$PID/mem?
I have a gap in my understanding and tooling. Now I would prefer to use Radare2, but will consider any answer. Let's use this program as an example.
#include <stdio.h>
#include <unistd.h>
...
- 1,789
1
vote
0
answers
35
views
Using rbreak without import functions
While debugging with GDB I want to break for each function and print the PC register.
rbreak .
define hook-stop
i r $PC
c
end
The problem is that is stop on functions that imported like printf ...
1
vote
1
answer
3k
views
How can I find out the size of heap allocations?
While I debug with GDB I see the address of a buffer that's located on the heap.
How can I know what is the size of this buffer? Or where (in the code) this buffer was originally allocated?
When I ...
0
votes
1
answer
84
views
Program goes to suspend when buffer overflow occurs
Full disclosure: I am seeking help to complete a college assignment. I am seeking help on steps where I am stuck and unable to move forward, not a ready made answer.
I need to exploit it to get a ...
1
vote
1
answer
190
views
How can I debug open source C code for Linux?
I want to debug & reverse engineer open source code such as this project. I usually use CLion to write and debug C code on Linux. I've also used GDB. What steps do I need to take to download a ...
- 1,880
0
votes
1
answer
849
views
Remote debugger for Linux from one VM (IDA) to another (running the debuggee)
I want to debug a Linux program (ELF), but my IDA Pro is on a Windows 10 VM and I want to use remote debugging to debug the program on Ubuntu (also in a VM).
So, is it possible to debug if both ...
- 1
5
votes
3
answers
1k
views
Nested Structures in IDA
I'm trying to figure out how to explore structs in IDA, and getting stuck on the basics. I wrote a very basic test app;
int main() {
const int kBits = 1024;
const int kExp = 3;
RSA *rsa = ...
- 215
0
votes
1
answer
3k
views
IDA remote linux Debugger attach to a running process
I usually use remote linux debugger as shown below:
./linux_server bin
And in IDA Pro, I select Remote Linux Debugger as the debugger and set the process options accordingly with the IP address and ...
- 775
4
votes
1
answer
4k
views
Radare2 debugging - How to get into lazy imported functions?
I have a linux binary that imports functions from an external library (shared object). The functions are lazy loaded and not available when rip is at @main or @entry. When i step into such a function (...
- 185
0
votes
1
answer
2k
views
Dynamic Analysis on ELF using IDA
On Linux, while generally reversing ELF files and dynamic analyzing (like step into, step over, break-point, inspecting registers value, memory etc) I use gdb or radare2 which provides dynamic ...
- 11
2
votes
1
answer
194
views
ARM system crashes after changing stack address
-- Edit with latest update on the problem, it is not solved yet :( --
While playing with an ARM embedded Linux system (Version 3.8.13), out of curiosity, I created a small "debug" kernel module.
...
- 121
18
votes
1
answer
5k
views
Debugging with radare2 using two terminals
I have been trying to figure this out for quite some time now, and would really need some help. Firstly, some intro:
I am running the newest version of radare2 from Github on a 64bit Ubuntu 16.04 and ...
- 1,073
3
votes
1
answer
5k
views
IDA Pro debugging: follow child process
I'm reverse engineering a malware that creates a number of child processes and I'm trying to do dynamic analysis of the ELF binary with IDA Pro and IDA's Local Linux Debugger, but I can't get IDA to ...
- 31