Delicious & Malicious Code Analysis News
Status: Inactive
Brought to you by:
sinchume69
Menu
▾
▴
Posted by
2002-11-08
Posted by
2002-11-07
Posted by
2002-11-07
Delicious & Malicious Code Analysis / News: Recent posts
maladjusted-i386-bin released
This is a proof-of-concept that can modify an Linux ELF executable in a way that it still performs normally, but libbfd programs like the Gnu Debugger (GDB) cannot read.
Further detales about this and other bugs in "Debugging Debuggers, Design Flaws of GDB and LibBFD".
2002-11-08
Alpha Release of Nightmode
Nightmode lists the strings and functions of a Linux ELF executable without executing the binary. This is intended for quick analysis of Malicious Code such as trojans and viruses.
Nightmode reports the memory location, size, and the number of function or system calls. Nightmode also uses lcamtuf's fingerprint code to identify known functions.
2002-11-07
shstrndx-i386-bin released
This is a proof-of-concept that can modify an Linux ELF executable in a way that it still performs normally, but crashes the Gnu Debugger (GDB).
Shstrndx exploits a bug in GDB by modifiing the ELF header to misreport the location of the Section Header String Index.
The exploit will be incorporated in the next version of Maladjusted, and will be further detailed in "Debugging Debuggers, Design Flaws of GDB and LibBFD".
2002-11-07
