ok, you’ve got my mail (at least I think you see it as that your site). So mail me some informations when you want, to keep this on. I’ve got plenty of time for the next 3 months. I search a windows security project, but I always love to contribute on C unix projects.

By the way, I’m french so I can’t understand the reply you’ve got on 48bits, people seems to think as good as me of this first step.

Cya.

I am very glad you considere this project useful and interesting!! Thanks a lot again.

I have already ordered a project space in sourceforge and I will commit the code with some improvements, after a discussion in http://www.48bits.com, as soon it gets approved.
Afterwards you will be able to propose improvents easily through sf;s infrastructure.

Cheers.

No it was just suggestions of what your project can evolve in, there is a lot of differents others improvements you can made. I was just propose thoses things because I already test it.

Your first release is quite nice, because it shows how its simple to add check into a project, without made complicate modifications.

I can think about others improvements, it depend how far you wanna improve it and on which way of use.

Cheers.

(Sorry for my english, I hardly practice on freenode but it’s not that good lol, you can ask me to rebuild some phrase if you can’t understand well)

First off, thanks for your comments. Yes it straightforward to use in a large project and other advantage of this approach is you can enable the system to work only in a single module since so you will only get output from the piece of software you are interested in debug.

The second point of your comment, being a very challenging and not trivial task I think it is a bit out of context since this tool is to help the developer to fix his/her stuff up, it has nothing to do with reverse engineering. Because why do you want to “hack” a binary to debug if you have the source code handy?
If you think I am wrong fell free to reply, maybe I am missing something.

Cheers.

I found that site web from Ruben’s one and see this news.
Your approach is very interessant as it can be used in both unix / windows.
It will just be tricky to implement it on a really big project ? or on closed binaries ?

You can think about inject a library .so which will replace entries of the PLT , with LD_PRELOAD technique or injection using DT_DEBUG field of the dynamic table. After that there is plenty techniques that can help you to wrap desired PLT entries, fill the GOT, fill the PLT etc .. then malloc / realloc / free etc .. will be managed in your library which will call it’s own plt entries for resolv process.
All injection part can be done in the script too.

It’s just suggestion …