[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-disclosure] Interactive Linux Binary Analysis Tool
From: Kaddeh <kaddeh () gmail ! com>
Date: 2010-04-30 21:48:40
Message-ID: y2mf921d62a1004301448j1463d64am724d7e3204ad07a5 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
try this link:
http://sourceforge.net/projects/strace/
On Fri, Apr 30, 2010 at 2:40 AM, Julien Reveret <shaddai@c0a8.org> wrote:
> > I'm sure I once read about a tool for linux which could execute a binary
> > and prompt for each particular library or system call to be approved or
> > whitelisted by various attributes, I have searched everywhere but I can
> > find no trace of it, I think it was posted to FD, any ideas?
> >
>
> Have you looked at systrace ? There's a Linux port, eventhough it may be
> dead today: http://www.provos.org/index.php?/categories/2-Systrace
>
> Otherwise, you may want to try sydbox:
> http://projects.0x90.dk/wiki/sydbox/
>
> Regards
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
[Attachment #5 (text/html)]
try this link:<br><a \
href="http://sourceforge.net/projects/strace/">http://sourceforge.net/projects/strace/</a><br><br><div \
class="gmail_quote">On Fri, Apr 30, 2010 at 2:40 AM, Julien Reveret <span dir="ltr"><<a \
href="mailto:shaddai@c0a8.org">shaddai@c0a8.org</a>></span> wrote:<br> <blockquote \
class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, \
204); padding-left: 1ex;"><div class="im">> I'm sure I once read about a tool for linux \
which could execute a binary<br>
> and prompt for each particular library or system call to be approved or<br>
> whitelisted by various attributes, I have searched everywhere but I can<br>
> find no trace of it, I think it was posted to FD, any ideas?<br>
><br>
<br>
</div>Have you looked at systrace ? There's a Linux port, eventhough it may be<br>
dead today: <a href="http://www.provos.org/index.php?/categories/2-Systrace" \
target="_blank">http://www.provos.org/index.php?/categories/2-Systrace</a><br> <br>
Otherwise, you may want to try sydbox: <a href="http://projects.0x90.dk/wiki/sydbox/" \
target="_blank">http://projects.0x90.dk/wiki/sydbox/</a><br> <br>
Regards<br>
<div><div></div><div class="h5"><br>
<br>
_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" \
target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br> Hosted and \
sponsored by Secunia - <a href="http://secunia.com/" \
target="_blank">http://secunia.com/</a><br> </div></div></blockquote></div><br>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic