It's been only few days since the release of Fenris 0.02, and I don't have next stable version ready, but thanks to Marcin Gozdalik, I came up with an interesting tool that, while being a part of Fenris, probably has a value of its own for all sorts of code analysis. Because of that, this post is intended to announce this new component of the project. The tool is called 'dress', an opposite to 'strip', and is supposed to reconstruct symtab for static, stripped ELF binaries that come with no debugging and symbol information. It uses a database of 70k+ function fingerprints that comes with Fenris to find and name functions in the binary. It generates a new binary that can be loaded into GDB, objdump, nm, or any other favorite debugging tool. This way, "call 0x8054ad4" becomes "call 0x8054ad4 <libc_start_main>". It's that simple. Whether you hate Fenris or just want to use another tool along with it, this is probably a good choice. For more information on how to use it, please refer to project's documentation at http://lcamtuf.coredump.cx/fenris/README . Sources of 'dress' are available for download with the unstable 0.03b release, which is archived at http://lcamtuf.coredump.cx/fenris/devel.shtml . Note that 'dress' does not have much in common with another utility of similar name, 'unstrip'. Have fun, -- _____________________________________________________ Michal Zalewski [lcamtufat_private] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/
This archive was generated by hypermail 2b30 : Tue May 14 2002 - 07:10:03 PDT