POP/POP/RET lets break sh*t

www.poppopret.org

previous post: RECON 2008 Presentation Materials    

REDBG Code Posted

After five months of procrastination we have finally posted the REDBG code from BlackHat/Defcon 2008. REDBG, a programmatic debugger for OS X, is something we put together to compliment the RE:Trace framework.  There are certain things we just cannot accomplish with RE:Trace that we need, like writing registers and setting breakpoints.  The goal is to use RE:Trace to effectively trace the application until a certain point and then transfer control to redbug and have it carry out some programmatic task, like search memory for specific op codes.  More information on REDBG can be found in the Black Hat 2008 slidedeck starting on slide 38.

If you have any feedback please contact David Weston or myself.

REDBG-0.41.tgz

SHA1 = 5b8dd7ef493e62229c3b70ebd0f3f7bdff40c32e
MD5 = 1966ba126735fced7af751c8cec34dcf

Leave a comment

RSS feed for comments on this post · TrackBack URI

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>