[prev in list] [next in list] [prev in thread] [next in thread] 

List:       radare
Subject:    [radare] latest commits
From:       pancake () youterm ! com (pancake)
Date:       2007-08-18 16:53:15
Message-ID: 20070818185315.c202f2f0.pancake () youterm ! com
[Download RAW message or body]

On Sat, 18 Aug 2007 12:07:09 +0200
"sha0 sha0" <sha0 at nosgoth.bounceme.net> wrote:

> I think this would be very useful:
> 
> * let the user to change de flag values

pancake@~$ radare /bin/ls
open ro /bin/ls
[0x00000000]> f one
flag 'one' at 0x00000000 and size 512
[0x00000000]> s 33
0x00000021
[0x00000021]> f 
000 0x0000000000000000  512                       one x  7f 45 4c 46 01 01 01 00..
[0x00000021]> f one
flag 'one' redefined to 0x00000021
[0x00000021]> 

it works for me :?

> * memory/register value breakpointing.

you can already do that now. it's not a step-by-step register/memory analysis,
but it gets the value of a register in a certain moment and uses the value to
set the breakpoint:

examples:

> !bp sym_main
> !bp 0x8049142
> !bp eax

> * step backwards

heheh that's not as easy as it seems, but i will provide a load/store functionality
to allow you to switch between multiple states of the same program. To do this we
need to integrate the pd and embed the register information anywhere inside the
same elf file, a custom elf loader is required.

We can split the memory image and metadata (registers ...) into two separated files,
one a ELF and the other a radare script that performs some commands to setup seeks,
register values and so.

This will be nice for unpacking, so if you have multiple layers to defeat, you can
"save" the game at a certain place ;)

> * emulate cpu jmp  (is in the TODO list)

this is already done too: "> !jmp [address]"

> * dump elf map to file

Yeah, that's the key for load/store process states. :) 

Yesterday i was discussing with ora8 about adding exploiting features to radare,
with a reduced metasploit-like set of programs to launch exploits via network,
local, file format fuzzing and a shellcode database (just the more useful ones
to be easily accesible).

Joking about it, I imaginate a unitary test suite for this program containing
the ABOs :P hehe

More will go :)

  --pancake


[prev in list] [next in list] [prev in thread] [next in thread]