Comments for exploitscience.org http://www.exploitscience.org/blog You see a mouse trap I see free cheese, and a challenge -Unknown Tue, 27 Mar 2012 14:58:43 +0000 hourly 1 http://wordpress.org/?v=3.3.2 Comment on pydbg for unix by Martin Žember http://www.exploitscience.org/blog/?p=10&cpage=1#comment-153 Martin Žember Tue, 27 Mar 2012 14:58:43 +0000 http://www.exploitscience.org/blog/?p=10#comment-153 Hm. WP ate all blank lines and formatting. Sorry for the unreadable result. Hm. WP ate all blank lines and formatting. Sorry for the unreadable result.

]]> Comment on pydbg for unix by Martin Žember http://www.exploitscience.org/blog/?p=10&cpage=1#comment-152 Martin Žember Tue, 27 Mar 2012 14:57:14 +0000 http://www.exploitscience.org/blog/?p=10#comment-152 You are right that there is a problem with monitoring crashes in unix. Thanks for sharing your solution. I tried to run it, and it says: /new/pydbg_unix/pydbg_unix.py server -c myserver.conf Continuing process execution waiting for signal.. Reading configuration '/new/server-1.0.0/myserver.conf' ... Binding to interface 192.168.103.128 port 53. Loading 1 compiled zones... Loaded zone 'example.com.' Loaded 1 out of 1 zones. Configured 1 interfaces and 1 zones. Starting server... Server started in foreground, PID = 22518 PID stored in /tmp/server-minimal/server.pid Traceback (most recent call last): File "/new/pydbg_unix/pydbg_unix.py", line 85, in main() File "/new/pydbg_unix/pydbg_unix.py", line 81, in main debugProcess(process) File "/new/pydbg_unix/pydbg_unix.py", line 32, in debugProcess signal = process.waitSignals(6,4,10,11,12) File "/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py", line 714, in waitSignals return self.debugger.waitSignals(*signals, **{'pid': self.pid}) File "/usr/local/lib/python2.6/dist-packages/ptrace/debugger/debugger.py", line 172, in waitSignals raise event ptrace.debugger.process_event.ProcessExit: Process 22518 killed by signal SIGSEGV It seems that process.waitSignals() does not return (but raises an exception). So I tried to handle those exceptions: /new/pydbg_unix/pydbg_unix.py serverd -c myserver.conf Continuing process execution waiting for signal.. Reading configuration '/new/server-1.0.0/myserver.conf' ... Binding to interface 192.168.103.128 port 53. Loading 1 compiled zones... Loaded zone 'example.com.' Loaded 1 out of 1 zones. Configured 1 interfaces and 1 zones. Starting server... Server started in foreground, PID = 23168 PID stored in /tmp/server-minimal/server.pid Registers ------> ERROR:root:Unable to read registers: ptrace(cmd=12, pid=23168, 0, 156766432) error #3: No such process Stack ----> Traceback (most recent call last): File "/new/pydbg_unix/pydbg_unix.py", line 101, in main() File "/new/pydbg_unix/pydbg_unix.py", line 97, in main debugProcess(process) File "/new/pydbg_unix/pydbg_unix.py", line 42, in debugProcess process.dumpStack() File "/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py", line 656, in dumpStack stack = self.findStack() File "/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py", line 275, in findStack for map in self.readMappings(): File "/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py", line 676, in readMappings return readProcessMappings(self) File "/usr/local/lib/python2.6/dist-packages/ptrace/debugger/memory_mapping.py", line 114, in readProcessMappings raise ProcessError(process, "Unable to read process maps: %s" % err) ptrace.debugger.process_error.ProcessError: Unable to read process maps: Unable to open '/proc/23168/maps': [Errno 2] No such file or directory: '/proc/23168/maps' It looks like the process is already killed. The signals were probably not trapped... I wonder if you had a different version of python-ptrace. (I even found some new commits involving LinuxApport in the SVN of Peach, but have not tried it yet.) You are right that there is a problem with monitoring crashes in unix.

Thanks for sharing your solution. I tried to run it, and it says:

/new/pydbg_unix/pydbg_unix.py server -c myserver.conf
Continuing process execution
waiting for signal..
Reading configuration ‘/new/server-1.0.0/myserver.conf’ …
Binding to interface 192.168.103.128 port 53.
Loading 1 compiled zones…
Loaded zone ‘example.com.’
Loaded 1 out of 1 zones.
Configured 1 interfaces and 1 zones.

Starting server…
Server started in foreground, PID = 22518
PID stored in /tmp/server-minimal/server.pid
Traceback (most recent call last):
File “/new/pydbg_unix/pydbg_unix.py”, line 85, in
main()
File “/new/pydbg_unix/pydbg_unix.py”, line 81, in main
debugProcess(process)
File “/new/pydbg_unix/pydbg_unix.py”, line 32, in debugProcess
signal = process.waitSignals(6,4,10,11,12)
File “/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py”, line 714, in waitSignals
return self.debugger.waitSignals(*signals, **{‘pid’: self.pid})
File “/usr/local/lib/python2.6/dist-packages/ptrace/debugger/debugger.py”, line 172, in waitSignals
raise event
ptrace.debugger.process_event.ProcessExit: Process 22518 killed by signal SIGSEGV

It seems that process.waitSignals() does not return (but raises an exception). So I tried to handle those exceptions:

/new/pydbg_unix/pydbg_unix.py serverd -c myserver.conf
Continuing process execution
waiting for signal..
Reading configuration ‘/new/server-1.0.0/myserver.conf’ …
Binding to interface 192.168.103.128 port 53.
Loading 1 compiled zones…
Loaded zone ‘example.com.’
Loaded 1 out of 1 zones.
Configured 1 interfaces and 1 zones.

Starting server…
Server started in foreground, PID = 23168
PID stored in /tmp/server-minimal/server.pid
Registers ——>
ERROR:root:Unable to read registers: ptrace(cmd=12, pid=23168, 0, 156766432) error #3: No such process
Stack —->
Traceback (most recent call last):
File “/new/pydbg_unix/pydbg_unix.py”, line 101, in
main()
File “/new/pydbg_unix/pydbg_unix.py”, line 97, in main
debugProcess(process)
File “/new/pydbg_unix/pydbg_unix.py”, line 42, in debugProcess
process.dumpStack()
File “/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py”, line 656, in dumpStack
stack = self.findStack()
File “/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py”, line 275, in findStack
for map in self.readMappings():
File “/usr/local/lib/python2.6/dist-packages/ptrace/debugger/process.py”, line 676, in readMappings
return readProcessMappings(self)
File “/usr/local/lib/python2.6/dist-packages/ptrace/debugger/memory_mapping.py”, line 114, in readProcessMappings
raise ProcessError(process, “Unable to read process maps: %s” % err)
ptrace.debugger.process_error.ProcessError: Unable to read process maps: Unable to open ‘/proc/23168/maps’: [Errno 2] No such file or directory: ‘/proc/23168/maps’

It looks like the process is already killed. The signals were probably not trapped…

I wonder if you had a different version of python-ptrace.

(I even found some new commits involving LinuxApport in the SVN of Peach, but have not tried it yet.)

]]> Comment on pydbg for unix by ach http://www.exploitscience.org/blog/?p=10&cpage=1#comment-60 ach Thu, 15 Jul 2010 15:34:28 +0000 http://www.exploitscience.org/blog/?p=10#comment-60 Nerve / Ragweed works on osx for exactly this... but i suppose if you're stuck with python.. ;) Nerve / Ragweed works on osx for exactly this… but i suppose if you’re stuck with python.. ;)

]]> Comment on Cybercrime As A Service by spoofy http://www.exploitscience.org/blog/?p=5&cpage=1#comment-3 spoofy Thu, 01 Apr 2010 14:52:38 +0000 http://www.exploitscience.org/blog/?p=5#comment-3 That's a good point, the tax rate for criminal organizations is 100% That’s a good point, the tax rate for criminal organizations is 100%

]]> Comment on Cybercrime As A Service by hm http://www.exploitscience.org/blog/?p=5&cpage=1#comment-2 hm Tue, 30 Mar 2010 07:53:07 +0000 http://www.exploitscience.org/blog/?p=5#comment-2 "...it works out to a fairly nice sum of money for a few years work..." Did you forget about 20 years in prison and seizing the assets? “…it works out to a fairly nice sum of money for a few years work…”
Did you forget about 20 years in prison and seizing the assets?

]]>