debugging – Page 13 – WindowsTechs.com

Stepping up your Python Printf Debugging Game

Posted on February 12, 2018 by Sven Gregori

Debuggers come in all shapes and sizes, offering a variety of options to track down your software problems and inspecting internal states at any given time. Yet some developers have a hard time breaking the habit of simply adding print statements into their code instead, performing manual work their tools could do for them. We say, to each their own — the best tools won’t be of much help if they are out of your comfort zone or work against your natural flow. Sometimes, a retrospective analysis using your custom-tailored debug output is just what you need to tackle an …read more

Continue reading Stepping up your Python Printf Debugging Game→

Methods for analysing android app on runtime

Posted on January 30, 2018 by WSS

I want to analyse security of android app by monitoring its behaviour on runtime. I need to monitor variables modifications, accesses and api calls while android app is running on the device. I tried to do this by JPDA framew… Continue reading Methods for analysing android app on runtime→

Debugging SUID for privilege escalation

Posted on December 31, 2017 by alex10791

When doing privilege escalation, assuming an application with the SUID set and a debugger, what stops us from starting a shell from within the debugger? I mean just write the shell code in an environment variable or somewhere… Continue reading Debugging SUID for privilege escalation→

The clang thread sanitizer

Posted on November 23, 2017 by Rainer Gerhards

Finding threading bugs is hard. Clang thread sanitizer makes it easier. The thread sanitizer instruments the to-be-tested code and emits useful information about actions that look suspicious (most importantly data races). This is a great aid in develop… Continue reading The clang thread sanitizer→

Malware sandbox detection

Posted on October 28, 2017 by OscarAkaElvis

I started some reverse engineering exercises using Ollydbg, IDA Pro and other tools like Sysinternals suite, etc. Some of these exercises are about malware. I downloaded some different malware from the awesome github repository called The … Continue reading Malware sandbox detection→

Is extern variable usage is danger in C?

Posted on October 14, 2017 by Harshan.B

Most of the coding standards don’t suggest use “Extern”. Is there any flaw with using “Extern” keyword with declaration?

MISRA won’t suggest to use “Extern” variables, I would like to know what is there reason behind usage o… Continue reading Is extern variable usage is danger in C?→

Trick needed to make use of a local buffer overflow vulnerability to obtain root

Posted on September 11, 2017 by HAlmusajjen

I am working on a certain CTF trying to gain root privileges in it, I found a vulnerable program to buffer overflow vulnerability with Non executable stack security level (NX), I developed an exploit to first bypass NX and th… Continue reading Trick needed to make use of a local buffer overflow vulnerability to obtain root→

return to libc- finding libc’s address and finding offsets

Posted on August 24, 2017 by J.J

So I tried performing a return-to-libc according to https://sploitfun.wordpress.com/2015/05/08/bypassing-nx-bit-using-return-to-libc/ .

I found libc’s address by using “ldd vuln”, and found system’s offset by using “readelf -s /lib/i386-l… Continue reading return to libc- finding libc’s address and finding offsets→

Crashed my phone – Think I might of found an bug, how do I try to exploit it?

Posted on August 10, 2017 by Rich Talcik

My phone has been extremely laggy so I caused it to crash. I have the android dump of the crash and want to see if I can turn it into a possible exploit but I don’t know where to start. Below I pasted the log and I took ou… Continue reading Crashed my phone – Think I might of found an bug, how do I try to exploit it?→

Immunity Debugger

Posted on August 3, 2017 by user155923

I have a question regarding Immunity Debugger, I was trying to understand the concept of buffer overflow and of course there are plenty of guides available for buffer overflow.

I noticed that when i try to get the JMP ESP of… Continue reading Immunity Debugger→