Beginners Guide to Basic Linux Anti Anti Debugging Techniques

[taos]

hxxp://www.codebreakers-journal.com/include/getdoc.php?id=112&article=55&mode=pdf


taos

Thank you TAOS , it was amazing . Didn't you know any reference for beginners for Linux programming ?

Regards,
Just4UriM

Do you think these methods are the same as ways which used in Windows OS?

Except the "PTRACE" one, the other methods described in the article are pretty much the same as those in Windows.

[JMI]

taos:

I have taken the liberty of posting your reference (with credit to you of course) in the Linux RCE section on the Woodmann RCE Board. I'm sure those there who are active in Linux reversing issues will appreciate your alerting us to this article.

Regards,

[taos]

for me it's a honor
:-)

[JMI]

I'm sure that they would be glad to receive anything you may find relative to Linux reversing, or even general reversing, if you cared to share it over there as well. We are still attempting to create more general interest in the Linux area, but there are not as many investigating that OS and less protection systems as well known for Linux.

Regards,

>>> and less protection systems as well known for Linux.

I'd almost argue that there are no commercial or packaged protections for Linux (besides maybe Cloakware (more code transformation/obfuscation than anything else, and a few linux dongles). Are you aware of anything new?

Since Shiva and Burneye I've only seen homegrown type protections.....I have done plenty of searching

[JMI]

Remember that the operative statement was "less protection systems as well known for Linux". Because of the nature of the Linux open source systems, there are less commercial programs and less commercial protection systems. I have not personally spent much time with Linux and, although I follow some of the news, have not researched the subject much myself.

0xf001, on the Woodmann Forum, who moderates the Linux Forum there, is very knowledgable on this subject and inquiries could be directed to him.

Regards,

[taos]

Quote:

Originally Posted by chaboyd

Are you aware of anything new?
Since Shiva and Burneye I've only seen homegrown type protections.....I have done plenty of searching

Linux is not a market for protection systems (like JMI says) but there're "movement" in this direction (at the most popular is linux, more systems will appear).
Do you know this system too? (Modification of C compiler to make executable ofuscation) :
hXXp://www.anacapasciences.com/publications/protecting_software2005.02.09.pdf

it is time question to find companies developing software protection to Linux.
BTW:Silicon Realms is working in PDA/Pocket PC soft.

Thanks JMI, I will check with 0xf001. I agree with both you and Taos on the lack of Linux protections... there are not so many reasons to protect something that is already open source and only a few commercial *nix apps. I just misread your last post.

Taos, yep I found that paper when I was searching for linux protections. I have to admit I haven't taken the time to really understand what they are doing (i.e., trying out their source code). It certainly seems like it would be effective to prevent traditional static analysis, but not dynamic analysis or emulation (I need to try Chris Eagle's ida pro x86 emulator plugin against it) Another thing to add to my list...