Highest Voted 'debugging' Questions - IT Security Stack Exchange

2

votes

1 answer

What tricks can be used to prevent debugging?

What tricks can be used to prevent or hinder debugging? Examples: IsDebuggerPresent API on Windows Exception handlers used for program flow. GetTickCount / rdtsc checks. Are there any good resources on this kind of thing?

reverse-engineering shellcode debugging

asked Aug 23 '12 at 15:53

Polynomial

132,208
43
298
379

2

votes

2 answers

Unable to understand $EIP changes with Buffer Overflow

I am learning Buffer Overflow, so the question might seem silly but here it is. I started with this very simple buggy program int main(int argc, char *argv[]) { char buf[128]; printf("You entered value %s\n", argv[1]); strcpy(buf,argv[1]); …

buffer-overflow c debugging gcc

asked May 30 '18 at 17:45

aneela

201
3
10

2

votes

1 answer

Buffer Overflow CTF challenge

I am having trouble solving a challenge that requires using a buffer overflow to overwrite the return address and call another function that gives a shell. The program prompts the user for input, which can be used to overflow the buffer. I can…

buffer-overflow debugging

asked Apr 16 '18 at 16:29

brad

31
3

2

votes

2 answers

Debugging SUID for privilege escalation

When doing privilege escalation, assuming an application with the SUID set and a debugger, what stops us from starting a shell from within the debugger? I mean just write the shell code in an environment variable or somewhere in memory and just call…

linux permissions privilege-escalation debugging

asked Dec 31 '17 at 02:59

alex10791

151
1
4

2

votes

0 answers

What are your favorite BLE (Bluetooth Low Energy) sniffing tools? (Hardware and Software)

I will soon need to debug BLE communication for a newly developed BLE device. What are your favorite BLE (Bluetooth Low Energy) sniffing tools? (Hardware and Software)

sniffer bluetooth sniffing debugging

asked Feb 04 '17 at 13:55

FredericMARTIN

581
3
8

1

vote

2 answers

How is Thread local storage used by malware/Virus?

I have been told that code in TLS is run before the entry point of an exe is reached ,so if one puts a breakpoint on this TLS address he/she could debug the behavior of the virus.Can Fiber local Storage too can be used for malicious intent . TLS…

windows malware operating-systems reverse-engineering debugging

asked Dec 27 '14 at 06:18

rebel87

205
4
11

1

vote

0 answers

Google Chrome Crash Report Analysis

I am new to the field of crash analysis. I recently, by accident, happened to crash Google Chrome. I do not know the reason as to why the crash really happened. I'd like to know it in depth though. When the crash happened, there was a Crash report…

web-browser chrome reverse-engineering fuzzing debugging

asked Jul 06 '14 at 07:25

qre0ct

1,492
3
19
30

1

vote

1 answer

Reverse TCP connection from exploited SearchIndexer.exe failing

I'm working on a tool that exploits SearchIndexer.exe on Windows 7 x86 and connects back to a metasploit multi/handler, using standard metasploit reverse TCP stagers. The exploit seems to function as intended in the debugger, and works for other…

windows exploit metasploit tcp debugging

asked Jan 18 '14 at 16:11

Carsten Maartmann-Moe

131
6

1

vote

3 answers

How to know if a specific address is on stack or heap using immuntiy debugger?

I have an address (i.e. 0x010f73fc) and I need to know where this address exist ? is it on stack or heap ? In another way, how to differentiate between addresses that belong to the stack and addresses that belong to heap ?

debugging

asked Aug 03 '13 at 16:36

Ahmed Taher

701
6
13
23

1

vote

0 answers

How to debug javascript code with Windows functions on Linux?

I am a beginner in analyzing javascript code on Linux and whenever the code is for a Windows machine I cannot proceed with debugging because there are undefined functions. Examples: GetObject(_6078(1),7983()) -> error GetObject is not defined or…

malware javascript debugging

asked Jul 17 '22 at 18:11

jjnounde

13
5

1

vote

0 answers

Penetration testing framework for Windows Desktop applications

Is there a burpsuite-like framework for Windows Desktop applications? I.e. I'm looking for something that would allow me to intercept user-input data sent to my application for manipulation to test specific payloads. I'm assuming this would be…

appsec debugging

asked May 18 '22 at 22:38

Amir Ashar

11
2

1

vote

0 answers

How do you catch sigtrap so your malware will still run while being debugged?

I have written a small shellcode but it is trapped at execve() by the debugger if it is attached. Can this be bypassed? Note that I can add any instructions to my shellcode, but I don't have root privileges.

debugging

asked Dec 15 '21 at 11:24

hehehe

11
1

1

vote

1 answer

Suspicious HTTP Requests in my logs

I'm running a PHP application with a user management system called userspice. It basically allows you to include the userspice PHP file and then control access to a certain PHP page. As I have seen some spikes in my log management about 404 requests…

php http debugging reverse-shell

asked Mar 24 '21 at 17:20

Dinn Arbieri

11
1
2

1

vote

1 answer

Memory address problem in GNU Debugger

I'm new to gbd. I've wrote a simple program which will print hello world 10 times(I've listed the program in the screenshot). Then I've displayed the assembly language and set the break point to main and after running the program untill main, I've…

memory programming assembly debugging gcc

asked Aug 30 '20 at 13:34

Abhirup Bakshi

167
1
6

1

vote

0 answers

How would you follow all JavaScript calls after a click?

I'm using Google Chrome developer tools. Let's say I'm performing a bug bounty activity. I found an obfuscated JS. I know user data goes into this JS and goes out encrypted. I found a few files called cryptoJS.js, aes-json-format.js, etc... Now what…

encryption javascript chrome debugging

asked Aug 26 '20 at 11:48

michel32

11
2

Questions tagged [debugging]