Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

dailydave logo Dailydave mailing list archives

Re: Problems to solve
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 10 Aug 2006 11:34:21 -0700
Dave Aitel wrote:

One problem Immunity has is that invariably we're all working on
different virtual machines - everyone at once trying to write one
exploit. Each VM we work on has it's own DLL's and invariably mine are
different from everyone else's. To solve this problem, I want to graph
the DLL and then actually name every function based on that graph,
instead of based on their memory address, which is changing on a
per-DLL basis and therefor means nothing.


Just to be clear, you're talking about different dll versions, right? 
As in, not the same byte-for-byte DLL that happens to have loaded at a 
different address on a different machine?  Otherwise, you could just use 
fixed offsets.  I'm assuming that you're talking about the "same" dll on 
Win2K and XP.

As far as I know, Halvar has done the best work on mapping 
similar-but-not-identical binaries.  Halvar, you have a way to serialize 
the path to a particular function?

                                        BB
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]