After fighting with Sulley and Peach Fuzzer I decided that both were lacking when it came to unix applicaion monitoring. VDEbug seems broken and for whatever reason Michael has not decided to fix it. Sulley has issues with its PEDRPC implementation on Unix but with some work that can be resolved. The real issue is that pydbg is developed for windows and I enjoy breaking unix applications. I’m working on a modified Agent for peach that using ptyhon-ptrace but in the meantime I wrote pydbgunix which works great for monitoring and reporting faults. The code simply looks for any signal of interest (segfault, sigbrt, sigsys..etc..) and dumps the stack and memory info.
here is an example
debian:/home/user# ./pydbg_unix.py 19202
Continuing process execution
waiting for signal..
ERROR:root:------------------------------------------------------------
ERROR:root:PID: 19202
ERROR:root:Signal: SIGUSR2
ERROR:root:------------------------------------------------------------
None
Registers ------>
ERROR:root: ebx = 0x00000000
ERROR:root: ecx = 0x00000000
ERROR:root: edx = 0x00000000
ERROR:root: esi = 0x00000000
ERROR:root: edi = 0xbffff4a8
ERROR:root: ebp = 0xbffff4b8
ERROR:root: eax = 0xfffffdfe
ERROR:root: ds = 0x0000007b
ERROR:root: __ds = 0x00000000
ERROR:root: es = 0x0000007b
ERROR:root: __es = 0x00000000
ERROR:root: fs = 0x00000000
ERROR:root: __fs = 0x00000000
ERROR:root: gs = 0x00000033
ERROR:root: __gs = 0x00000000
ERROR:root:orig_eax = 0x0000008e
ERROR:root: eip = 0xb7f6c430
ERROR:root: cs = 0x00000073
ERROR:root: __cs = 0x00000000
ERROR:root: eflags = 0x00000246
ERROR:root: esp = 0xbffff460
ERROR:root: ss = 0x0000007b
ERROR:root: __ss = 0x00000000
Stack ---->
ERROR:root:STACK: 0xbffeb000-0xc0000000 => [stack] (rw-p)
ERROR:root:STACK-20: 0x00000000
ERROR:root:STACK-16: 0x00000000
ERROR:root:STACK-12: 0xbffff488
ERROR:root:STACK -8: 0x000f4240
ERROR:root:STACK -4: 0x00000000
ERROR:root:STACK +0: 0xbffff4b8
ERROR:root:STACK +4: 0x00000000
ERROR:root:STACK +8: 0x00000000
ERROR:root:STACK+12: 0xb7e4fbbd
ERROR:root:STACK+16: 0xb7f14ff4
ERROR:root:STACK+20: 0xbffff644
Memory Map ->
ERROR:root:MAPS: 0x08048000-0x0809d000 => /usr/sbin/apache2 (r-xp)
ERROR:root:MAPS: 0x0809d000-0x0809f000 => /usr/sbin/apache2 (rw-p)
ERROR:root:MAPS: 0x0809f000-0x08355000 => [heap] (rw-p)
ERROR:root:MAPS: 0xb6d8f000-0xb6d95000 => /usr/lib/php5/20060613+lfs/pdo_mysql.so (r-xp)
ERROR:root:MAPS: 0xb6d95000-0xb6d96000 => /usr/lib/php5/20060613+lfs/pdo_mysql.so (rw-p)
ERROR:root:MAPS: 0xb6d96000-0xb6daa000 => /usr/lib/php5/20060613+lfs/pdo.so (r-xp)
ERROR:root:MAPS: 0xb6daa000-0xb6dac000 => /usr/lib/php5/20060613+lfs/pdo.so (rw-p)
ERROR:root:MAPS: 0xb6dac000-0xb6dc3000 => /usr/lib/php5/20060613+lfs/mysqli.so (r-xp)
ERROR:root:MAPS: 0xb6dc3000-0xb6dc5000 => /usr/lib/php5/20060613+lfs/mysqli.so (rw-p)
ERROR:root:MAPS: 0xb6df6000-0xb6e06000 => /dev/zero (deleted) (rw-s)
ERROR:root:MAPS: 0xb6e06000-0xb6e10000 => /lib/i686/cmov/libnss_files-2.7.so (r-xp)
ERROR:root:MAPS: 0xb6e10000-0xb6e12000 => /lib/i686/cmov/libnss_files-2.7.so (rw-p)
ERROR:root:MAPS: 0xb6e12000-0xb6e1a000 => /lib/i686/cmov/libnss_nis-2.7.so (r-xp)
ERROR:root:MAPS: 0xb6e1a000-0xb6e1c000 => /lib/i686/cmov/libnss_nis-2.7.so (rw-p)
ERROR:root:MAPS: 0xb6e1c000-0xb6e23000 => /lib/i686/cmov/libnss_compat-2.7.so (r-xp)
ERROR:root:MAPS: 0xb6e23000-0xb6e25000 => /lib/i686/cmov/libnss_compat-2.7.so (rw-p)
ERROR:root:MAPS: 0xb6e26000-0xb6e30000 => /usr/lib/php5/20060613+lfs/mysql.so (r-xp)
ERROR:root:MAPS: 0xb6e30000-0xb6e31000 => /usr/lib/php5/20060613+lfs/mysql.so (rw-p)
ERROR:root:MAPS: 0xb6e31000-0xb6f64000 => /usr/lib/libxml2.so.2.6.32 (r-xp)
ERROR:root:MAPS: 0xb6f64000-0xb6f69000 => /usr/lib/libxml2.so.2.6.32 (rw-p)
ERROR:root:MAPS: 0xb6f69000-0xb6f6a000 (rw-p)
ERROR:root:MAPS: 0xb6f6a000-0xb6f79000 => /lib/libbz2.so.1.0.4 (r-xp)
ERROR:root:MAPS: 0xb6f79000-0xb6f7a000 => /lib/libbz2.so.1.0.4 (rw-p)
ERROR:root:MAPS: 0xb6f7e000-0xb6f82000 => /usr/lib/apache2/modules/mod_status.so (r-xp)
ERROR:root:MAPS: 0xb6f82000-0xb6f83000 => /usr/lib/apache2/modules/mod_status.so (rw-p)
ERROR:root:MAPS: 0xb6f83000-0xb6f85000 => /usr/lib/apache2/modules/mod_setenvif.so (r-xp)
ERROR:root:MAPS: 0xb6f85000-0xb6f86000 => /usr/lib/apache2/modules/mod_setenvif.so (rw-p)
you can get the file here
