Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a computer program.
Questions tagged [debugging]
69 questions
47
votes
7 answers
Why is application crash considered insecure?
If an application crashes, the program stops and there is nothing anyone can do about it, other than starting the program again.
Crash is a bad behaviour in general and should be avoided, but why are they seen as security vulnerability?
Manoj R
- 533
- 4
- 8
19
votes
4 answers
Is this verbose error message on the DOT website a security issue?
I was looking for a form on the US Department of Transportations website, and I came to a page that gave me an error, with a full debug report and stack trace.
Hopefully, you can get the same result by going to the page as…
CodyBugstein
- 579
- 5
- 12
13
votes
2 answers
Malware sandbox detection
I started some reverse engineering exercises using Ollydbg, IDA Pro and other tools like Sysinternals suite, etc. Some of these exercises are about malware. I downloaded some different malware from the awesome github repository called The Zoo.
I…
OscarAkaElvis
- 5,185
- 3
- 17
- 48
11
votes
1 answer
Help in understanding an application's crash - exploitable?
Being new to researching vulnerabilities in native applications (as opposed to web apps), I'm having difficulties understanding a crash in Debian's browser, Epiphany (version 2.30.6), and determining if it is exploitable.
I've discovered that the…
mds
- 119
- 4
11
votes
1 answer
Does analysing Malicious code in gdb pose a security risk?
I have encountered a Malicious Shell-Code & i have ported the shellcode into a compatible C Code which can run the shellcode, i compiled it using
gcc -fno-stack-protector -z execstack shellcode.c -o code which gives output ELF file code, i am…
Gerorge Timber
- 464
- 5
- 17
10
votes
5 answers
Does GHIDRA have a debugger?
Does GHIDRA have a debugger attached for dynamic analysis of application?
pentesterxvi
- 101
- 1
- 1
- 4
8
votes
1 answer
Program getting exploited inside gdb, new shell is spawned but terminated immediately
I am trying to exploit a SUID program.
The program is:
#include
#include
#include
#include
#define e(); if(((unsigned int)ptr & 0xff000000)==0xca000000) { setresuid(geteuid(), geteuid(), geteuid());…
Sounak Bhattacharya
- 81
- 1
- 2
7
votes
3 answers
Does a working JTAG diagnostics port on Android phone add unnecessary risk?
Not enough people seem to know about JTAG outside the hacker and LEO communities but the short version is that JTAG allows anyone with physical access to your phone to chew their way right into it.
I can't understand why fundamentally disposable…
Mark Mullin
- 381
- 2
- 9
6
votes
2 answers
Why is my debugger detected as a Trojan by anti-virus software?
I'm trying to use a deugger (namely OllyDbg) to analyze some exe files.
However, all the versions I downloaded from the Internet are considered as Trojans by some anti-virus software. (I use www.virustotal.com to scan the binary I downloaded)
Are…
lyenliang
- 61
- 1
- 2
6
votes
3 answers
Disabling android application debug mode as a security practice
There's a security practice which says you should not publish your android application with debug mode enabled.
While an attacker can use apktool to decompile your application, enable the debug flag in AndroidManifest.xml and recompile it, how does…
Silverfox
- 3,369
- 2
- 19
- 39
5
votes
4 answers
What is the use of disabling detailed exception pages on open-sourced apps?
Frameworks for web apps typically can run in either production mode or development mode. One of the major differences between the two modes is how exceptions are handled: in development mode the browser will typically be sent a detailed exception…
gaazkam
- 5,607
- 11
- 24
- 37
5
votes
2 answers
Privilege escalation fails outside gdb
I have an application with the following source code:
#include
#include
#include
int bof(char *str)
{
char buffer[12];
strcpy(buffer, str);
return 1;
}
int main(int argc, char **argv)
{
char…
user2581671
- 51
- 1
4
votes
1 answer
Explaining a buffer overflow vulnerability in C
Given this C program:
#include
#include
int main(int argc, char **argv) {
char buf[1024];
strcpy(buf, argv[1]);
}
Built with:
gcc -m32 -z execstack prog.c -o prog
Given shell code:
EGG=$(printf…
janos
- 93
- 9
4
votes
2 answers
Why does my stack contain the return address to __libc_csu_init after main is initialised?
I wrote a simple program in C, compiled it, opened it in gdb, set a breakpoint at line 11 and inspected the stack.
1 #include
2
3 int main(int argc, char *argv[]){
4 char arr[4] = "AABB";
5 int square = foo(2);
6 …
Hugh Pearse
- 141
- 1
- 4
4
votes
2 answers
return to libc- finding libc's address and finding offsets
So I tried performing a return-to-libc according to https://sploitfun.wordpress.com/2015/05/08/bypassing-nx-bit-using-return-to-libc/ .
I found libc's address by using "ldd vuln", and found system's offset by using "readelf -s…
Jonathan
- 53
- 1
- 2
- 7