Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Immunity Debugger 1.5

from [Nicolas Waisman] Network Security [Permanent Link]
Subject: Immunity Debugger 1.5
Date: Thu, 27 Mar 2008 19:23:07 -0300 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Immunity team is proud to present: Immunity Debugger 1.5

This new Immunity Debugger release provides a lot of new scripts and
important fixes. New scripts to improve your debugging experience
include: gflags, hookssl, and hookndr.

The API has been reinforced with new functionality which allows you to
gather more information from the remote process, such as Threads,
findRetValue. This release also includes some important fixes such as
correct Memory Page protection flags, which are also available via the
Python API.

Check the Changelog below for the details of this exciting release.

As usual, you can discuss your scripts, request new features or just hang
out at our forum: http://forum.immunityinc.com.  We would like to thank
Teddy Roggers from tuts4you for maintaining a list of Immunity Debugger
ported plug-ins that can be found at
http://www.tuts4you.com/download.php?list.74

Do you want to hire a hacker? Are you looking for job? Immunity has
extended the Immunity Debugger Advertisment service to hackers, reverse
engineers and debugger freaks and it is now free for job seekers!

Job seekers can place ads at
http://debugger.immunityinc.com/hireahacker.html

Happy debugging (and job hunting)!

Team Immunity
P.S.: If you want to request a feature, show off your script or just
chat about Immunity Debugger, Justin Seitz from the Immunity Debugger
team will be at CanSecWest for the next three days.


1.50 Build 0

New Features:

- - Debugger:
  o Added "Servers" folder with specific PyCommand listeners - for
example, hookssl.py will send all the data back to a XML-RPC service
using ssl_listener.py, which then has the option to change it and send
it back.

- - Memory Pages:
  o Working on Windows Vista. Now correct on Windows XP, 2000, 2003.

Immunity Debugger API:
  o Added imm.vmQuery() wrapper [Query Virtual Memory pages]
  o The MemoryPage class has been improved.
    - Protect and Allocation Protect Flags are queried in real-time
    - You can get a human readable flag passing human = 1 to
      page.getAccess() and page.getInitAccess()
  o Added:
    - searchOnExecute()
    - searchOnRead()
    - searchOnWrite()
    These methods will search in any memory page with access = any
combination.
  o Modified:
    - Search()
    - searchShort()
    - searchLong()
    to receive an extra flag parameter to specify memory protection type
    when searching.
  o Added imm.isAdmin() : is ID running as admin?
  o Added Thread class to debugtypes.py
  o Added imm.getAllThreads() method
  o librecognition.py : Improved REGEXP support for the indexed register
search
  o Added Function.findRetValue Find all the possible values on a Function
  o GFlags class Handle Windows Global Flags.

PyCommands:

  o gflags.py: Enable/Disable Windows Global Flags
  o recognize.py: Backward compatability
  o Added hookssl.py
  o Added ssl_listener.py to Servers directory
  o Added hookndr.py: Hooks the NDR unmarshalling routines and prints them
    out so you can see which ones worked
  o Added nohooks.py : removes all hooks from memory

Bug Fixes:

- - Debugger Core
  o The memory page protect information is correctly displayed now.
  o Fixed Second Analysis pass repeated entries bug.
  o Fixed thread state swap issue which was leading to a memory leak.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH7B5Lnx8KWzmcRsERAvnjAKCrswcUWJlIbdsN6mH+LC6717bfhQCfT6Fu
sTr8Gc+g6fZig4T97WRF6Ck=
=h1WC
-----END PGP SIGNATURE-----
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Immunity Debugger 1.5, Nicolas Waisman <=
Previous by Date:  Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities, fake
Next by Date:  Re: XChat 2.8.4-1 - Multiple Vulnerabilities, fabio
Previous by Thread:  XChat 2.8.4-1 - Multiple Vulnerabilities, evilcry
Next by Thread:  Internet explorer 7.0 spoofing, jplopezy
Indexes:  [Date] [Thread] [Top] [All Lists]