| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Dec 2013 19:49:08 +0100
From: Mario Vilas <mvilas@...il.com>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: WinAppDbg 1.5 is out!
What is WinAppDbg?
==================
The WinAppDbg python module allows developers to quickly code
instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and
provides
an object-oriented abstraction layer to manipulate threads, libraries and
processes, attach your script as a debugger, trace execution, hook API
calls,
handle events in your debugee and set breakpoints of different kinds (code,
hardware and memory). Additionally it has no native code at all, making it
easier to maintain or modify than other debuggers on Windows.
The intended audience are QA engineers and software security auditors
wishing to
test / fuzz Windows applications with quickly coded Python scripts. Several
ready to use utilities are shipped and can be used for this purposes.
Current features also include disassembling x86/x64 native code, debugging
multiple processes simultaneously and produce a detailed log of application
crashes, useful for fuzzing and automated testing.
What's new in this version?
===========================
In a nutshell...
* full 64-bit support (including function hooks!)
* added support for Windows Vista and above.
* database code migrated to SQLAlchemy, tested on:
+ MySQL
+ SQLite 3
+ Microsoft SQL Server
should work on other servers too (let me know if it doesn't!)
* added integration with more disassemblers:
+ BeaEngine: http://www.beaengine.org/
+ Capstone: http://capstone-engine.org/
+ Libdisassemble: http://www.immunitysec.com/resources-freesoftware.shtml
+ PyDasm: https://code.google.com/p/libdasm/
* added support for postmortem (just-in-time) debugging
* added support for deferred breakpoints
* now fully supports manipulating and debugging system services
* the interactive command-line debugger is now launchable from your scripts
(thanks Zen One for the idea!)
* more UAC-friendly, only requests the privileges it needs before any
action
* added functions to work with UAC and different privilege levels, so it's
now possible to run debugees with lower privileges than the debugger
* added memory search and registry search support
* added string extraction functionality
* added functions to work with DEP settings
* added a new event handler, EventSift, that can greatly simplify coding a
debugger script to run multiple targets at the same time
* added new utility functions to work with colored console output
* several improvements to the Crash Logger tool
* integration with already open debugging sessions from other libraries is
now
possible
* improvements to the Process and GUI instrumentation functionality
* implemented more anti-antidebug tricks
* more tools and code examples, and improvements to the existing ones
* more Win32 API wrappers
* lots of miscellaneous improvements, more documentation and bugfixes as
usual!
Where can I find WinAppDbg?
===========================
Project homepage:
-----------------
http://winappdbg.sourceforge.net/
Download links:
---------------
Windows installer (32 bits)
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5.win32.msi/download
Windows installer (64 bits)
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5.win-amd64.msi/download
Source code
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5.zip/download
Documentation:
--------------
Online
http://winappdbg.sourceforge.net/doc/v1.5/tutorial
http://winappdbg.sourceforge.net/doc/v1.5/reference
Windows Help
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5-tutorial.chm/download
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5-reference.chm/download
HTML format (offline)
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5-tutorial.chm/download
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5-reference.chm/download
PDF format (suitable for printing)
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5-tutorial.pdf/download
http://sourceforge.net/projects/winappdbg/files/WinAppDbg/1.5/winappdbg-1.5-reference.pdf/download
Acknowledgements
================
Acknowledgements go to Arthur Gerkis, Chris Dietrich, Felipe Manzano,
Francisco
Falcon, @Ivanlef0u, Jean Sigwald, John Hernandez, Jun Koi, Michael Hale
Ligh,
Nahuel Riva, Peter Van Eeckhoutte, Randall Walls, Thierry Franzetti, Thomas
Caplin, and many others I'm probably forgetting, who helped find and fix
bugs
in the almost eternal beta of WinAppDbg 1.5! ;)
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists