Highest Voted 'debugging' Questions - IT Security Stack Exchange

47

votes

7 answers

Why is application crash considered insecure?

If an application crashes, the program stops and there is nothing anyone can do about it, other than starting the program again. Crash is a bad behaviour in general and should be avoided, but why are they seen as security vulnerability?

asked Apr 02 '13 at 08:48

Manoj R

533
4
8

19

votes

4 answers

Is this verbose error message on the DOT website a security issue?

I was looking for a form on the US Department of Transportations website, and I came to a page that gave me an error, with a full debug report and stack trace. Hopefully, you can get the same result by going to the page as…

webserver databases debugging error-handling

asked Jun 09 '14 at 10:17

CodyBugstein

579
5
12

13

votes

2 answers

Malware sandbox detection

I started some reverse engineering exercises using Ollydbg, IDA Pro and other tools like Sysinternals suite, etc. Some of these exercises are about malware. I downloaded some different malware from the awesome github repository called The Zoo. I…

malware reverse-engineering sandbox debugging

asked Oct 28 '17 at 10:55

OscarAkaElvis

5,185
3
17
48

11

votes

1 answer

Help in understanding an application's crash - exploitable?

Being new to researching vulnerabilities in native applications (as opposed to web apps), I'm having difficulties understanding a crash in Debian's browser, Epiphany (version 2.30.6), and determining if it is exploitable. I've discovered that the…

linux exploit debugging

asked May 06 '13 at 05:34

mds

119
4

11

votes

1 answer

Does analysing Malicious code in gdb pose a security risk?

I have encountered a Malicious Shell-Code & i have ported the shellcode into a compatible C Code which can run the shellcode, i compiled it using gcc -fno-stack-protector -z execstack shellcode.c -o code which gives output ELF file code, i am…

malware linux reverse-engineering shellcode debugging

asked Jun 09 '16 at 08:54

Gerorge Timber

464
5
17

10

votes

5 answers

Does GHIDRA have a debugger?

Does GHIDRA have a debugger attached for dynamic analysis of application?

malware reverse-engineering debugging

asked Mar 07 '19 at 05:10

pentesterxvi

101
1
1
4

8

votes

1 answer

Program getting exploited inside gdb, new shell is spawned but terminated immediately

I am trying to exploit a SUID program. The program is: #include #include #include #include #define e(); if(((unsigned int)ptr & 0xff000000)==0xca000000) { setresuid(geteuid(), geteuid(), geteuid());…

shellcode bash debugging

asked Jun 22 '15 at 07:19

Sounak Bhattacharya

81
1
2

7

votes

3 answers

Does a working JTAG diagnostics port on Android phone add unnecessary risk?

Not enough people seem to know about JTAG outside the hacker and LEO communities but the short version is that JTAG allows anyone with physical access to your phone to chew their way right into it. I can't understand why fundamentally disposable…

mobile hardware android risk debugging

asked Oct 05 '12 at 23:24

Mark Mullin

381
2
9

6

votes

2 answers

Why is my debugger detected as a Trojan by anti-virus software?

I'm trying to use a deugger (namely OllyDbg) to analyze some exe files. However, all the versions I downloaded from the Internet are considered as Trojans by some anti-virus software. (I use www.virustotal.com to scan the binary I downloaded) Are…

malware antivirus trojan debugging

asked Mar 03 '15 at 14:50

lyenliang

61
1
2

6

votes

3 answers

Disabling android application debug mode as a security practice

There's a security practice which says you should not publish your android application with debug mode enabled. While an attacker can use apktool to decompile your application, enable the debug flag in AndroidManifest.xml and recompile it, how does…

android reverse-engineering debugging

asked Mar 12 '16 at 19:04

Silverfox

3,369
2
19
39

5

votes

4 answers

What is the use of disabling detailed exception pages on open-sourced apps?

Frameworks for web apps typically can run in either production mode or development mode. One of the major differences between the two modes is how exceptions are handled: in development mode the browser will typically be sent a detailed exception…

web-application vulnerability opensource obscurity debugging

asked Apr 01 '19 at 20:59

gaazkam

5,607
11
24
37

5

votes

2 answers

Privilege escalation fails outside gdb

I have an application with the following source code: #include #include #include int bof(char *str) { char buffer[12]; strcpy(buffer, str); return 1; } int main(int argc, char **argv) { char…

c privilege-escalation debugging

asked Dec 26 '15 at 16:32

user2581671

51
1

4

votes

1 answer

Explaining a buffer overflow vulnerability in C

Given this C program: #include #include int main(int argc, char **argv) { char buf[1024]; strcpy(buf, argv[1]); } Built with: gcc -m32 -z execstack prog.c -o prog Given shell code: EGG=$(printf…

buffer-overflow c assembly debugging

asked Sep 28 '13 at 21:16

janos

93
9

4

votes

2 answers

Why does my stack contain the return address to __libc_csu_init after main is initialised?

I wrote a simple program in C, compiled it, opened it in gdb, set a breakpoint at line 11 and inspected the stack. 1 #include 2 3 int main(int argc, char *argv[]){ 4 char arr[4] = "AABB"; 5 int square = foo(2); 6 …

reverse-engineering assembly debugging

asked Oct 21 '18 at 11:34

Hugh Pearse

141
1
4

4

votes

2 answers

return to libc- finding libc's address and finding offsets

So I tried performing a return-to-libc according to https://sploitfun.wordpress.com/2015/05/08/bypassing-nx-bit-using-return-to-libc/ . I found libc's address by using "ldd vuln", and found system's offset by using "readelf -s…

exploit buffer-overflow exploit-development debugging glibc

asked Aug 24 '17 at 07:33

Jonathan

53
1
2
7

Questions tagged [debugging]