Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-05-2005, 05:26
taos's Avatar
taos taos is offline
The Art Of Silence
 
Join Date: Aug 2004
Location: In front of my screen
Posts: 580
Rept. Given: 65
Rept. Rcvd 54 Times in 19 Posts
Thanks Given: 69
Thanks Rcvd at 135 Times in 36 Posts
taos Reputation: 54
Beginners Guide to Basic Linux Anti Anti Debugging Techniques

hxxp://www.codebreakers-journal.com/include/getdoc.php?id=112&article=55&mode=pdf


taos
Reply With Quote
  #2  
Old 07-06-2005, 12:22
just4urim
 
Posts: n/a
Thank you TAOS , it was amazing . Didn't you know any reference for beginners for Linux programming ?

Regards,
Just4UriM
Reply With Quote
  #3  
Old 07-07-2005, 21:54
vodu
 
Posts: n/a
Do you think these methods are the same as ways which used in Windows OS?
Reply With Quote
  #4  
Old 07-08-2005, 01:16
zzsx
 
Posts: n/a
Except the "PTRACE" one, the other methods described in the article are pretty much the same as those in Windows.
Reply With Quote
  #5  
Old 07-08-2005, 02:06
JMI JMI is offline
Leader
 
Join Date: Jan 2002
Posts: 1,627
Rept. Given: 5
Rept. Rcvd 199 Times in 99 Posts
Thanks Given: 0
Thanks Rcvd at 96 Times in 94 Posts
JMI Reputation: 100-199 JMI Reputation: 100-199
taos:

I have taken the liberty of posting your reference (with credit to you of course) in the Linux RCE section on the Woodmann RCE Board. I'm sure those there who are active in Linux reversing issues will appreciate your alerting us to this article.

Regards,
__________________
JMI
Reply With Quote
  #6  
Old 07-08-2005, 04:06
taos's Avatar
taos taos is offline
The Art Of Silence
 
Join Date: Aug 2004
Location: In front of my screen
Posts: 580
Rept. Given: 65
Rept. Rcvd 54 Times in 19 Posts
Thanks Given: 69
Thanks Rcvd at 135 Times in 36 Posts
taos Reputation: 54
for me it's a honor
:-)
Reply With Quote
  #7  
Old 07-08-2005, 05:32
JMI JMI is offline
Leader
 
Join Date: Jan 2002
Posts: 1,627
Rept. Given: 5
Rept. Rcvd 199 Times in 99 Posts
Thanks Given: 0
Thanks Rcvd at 96 Times in 94 Posts
JMI Reputation: 100-199 JMI Reputation: 100-199
I'm sure that they would be glad to receive anything you may find relative to Linux reversing, or even general reversing, if you cared to share it over there as well. We are still attempting to create more general interest in the Linux area, but there are not as many investigating that OS and less protection systems as well known for Linux.

Regards,
__________________
JMI
Reply With Quote
  #8  
Old 07-08-2005, 09:05
chaboyd
 
Posts: n/a
>>> and less protection systems as well known for Linux.

I'd almost argue that there are no commercial or packaged protections for Linux (besides maybe Cloakware (more code transformation/obfuscation than anything else, and a few linux dongles). Are you aware of anything new?

Since Shiva and Burneye I've only seen homegrown type protections.....I have done plenty of searching
Reply With Quote
  #9  
Old 07-08-2005, 13:25
JMI JMI is offline
Leader
 
Join Date: Jan 2002
Posts: 1,627
Rept. Given: 5
Rept. Rcvd 199 Times in 99 Posts
Thanks Given: 0
Thanks Rcvd at 96 Times in 94 Posts
JMI Reputation: 100-199 JMI Reputation: 100-199
Remember that the operative statement was "less protection systems as well known for Linux". Because of the nature of the Linux open source systems, there are less commercial programs and less commercial protection systems. I have not personally spent much time with Linux and, although I follow some of the news, have not researched the subject much myself.

0xf001, on the Woodmann Forum, who moderates the Linux Forum there, is very knowledgable on this subject and inquiries could be directed to him.

Regards,
__________________
JMI
Reply With Quote
  #10  
Old 07-08-2005, 19:44
taos's Avatar
taos taos is offline
The Art Of Silence
 
Join Date: Aug 2004
Location: In front of my screen
Posts: 580
Rept. Given: 65
Rept. Rcvd 54 Times in 19 Posts
Thanks Given: 69
Thanks Rcvd at 135 Times in 36 Posts
taos Reputation: 54
Quote:
Originally Posted by chaboyd
Are you aware of anything new?
Since Shiva and Burneye I've only seen homegrown type protections.....I have done plenty of searching
Linux is not a market for protection systems (like JMI says) but there're "movement" in this direction (at the most popular is linux, more systems will appear).
Do you know this system too? (Modification of C compiler to make executable ofuscation) :
hXXp://www.anacapasciences.com/publications/protecting_software2005.02.09.pdf

it is time question to find companies developing software protection to Linux.
BTW:Silicon Realms is working in PDA/Pocket PC soft.
Reply With Quote
  #11  
Old 07-09-2005, 05:55
chaboyd
 
Posts: n/a
Thanks JMI, I will check with 0xf001. I agree with both you and Taos on the lack of Linux protections... there are not so many reasons to protect something that is already open source and only a few commercial *nix apps. I just misread your last post.

Taos, yep I found that paper when I was searching for linux protections. I have to admit I haven't taken the time to really understand what they are doing (i.e., trying out their source code). It certainly seems like it would be effective to prevent traditional static analysis, but not dynamic analysis or emulation (I need to try Chris Eagle's ida pro x86 emulator plugin against it) Another thing to add to my list...

Last edited by chaboyd; 07-09-2005 at 05:57. Reason: typos...
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Anti-debugging techniques for a hypervisor debugger HarrySpoofer General Discussion 4 08-03-2018 05:31
Anti-Debugging ? ? LOUZEW General Discussion 7 04-02-2005 18:38


All times are GMT +8. The time now is 20:24.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )