Re: Problems to solve

["CIRT.DK" <mailinglists () cirt dk>]

Hey there

Have any of you looked at the tools released from Eeye (eEye Binary Diffing
Suite (EBDS))

And if so what do you think about it ?

Best Regards
Dennis 

-----Original Message-----
From: dailydave-bounces () lists immunitysec com
[mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Chris Eagle
Sent: Thursday, August 10, 2006 8:39 PM
To: dailydave
Subject: Re: [Dailydave] Problems to solve

Dave Aitel wrote:
> One problem Immunity has is that invariably we're all working on 
> different virtual machines - everyone at once trying to write one 
> exploit. Each VM we work on has it's own DLL's and invariably mine are 
> different from everyone else's. To solve this problem, I want to graph 
> the DLL and then actually name every function based on that graph, 
> instead of based on their memory address, which is changing on a 
> per-DLL basis and therefor means nothing.

Doesn't BinDiff solve this same problem internally?  It needs to recognize
two functions as being the same, independent of address so that it can do
its magic across updates to the dll.  Sounds like you need some Halvar
magic.

Chris
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave



_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave