bugscam
所属分类:Windows编程
开发工具:Visual C++
文件大小:19KB
下载次数:8
上传日期:2008-03-27 16:50:47
上 传 者:
ppanger
说明: BugScam is a collection of scripts for the commercial debugger IDA Pro
(http://www.datarescue.com) that will scan a given binary for problematic
uses of certain library functions (e.g. strcpy etc) and generate a nice
output file (HTML so far, LaTeX soon). It s release was inspired by the
fact that I had libaudit.idc (the "core" engine) lying on my harddisk
since early 2001, and never thought someone would bother with something
this simple -- but now in 2003 one can find commercial products
with almost identical functionality on the Web, and as such I decided to
release this as OpenSource.
(BugScam is a collection of scripts for the commercial debugger IDA Pro
(http://www.datarescue.com) that will scan a given binary for problematic
uses of certain library functions (e.g. strcpy etc) and generate a nice
output file (HTML so far, LaTeX soon). It s release was inspired by the
fact that I had libaudit.idc (the "core" engine) lying on my harddisk
since early 2001, and never thought someone would bother with something
this simple-- but now in 2003 one can find commercial products
with almost identical functionality on the Web, and as such I decided to
release this as OpenSource.
)
文件列表:
BUGSCAM (0, 2003-02-22)
BUGSCAM\analysis_scripts (0, 2003-02-20)
BUGSCAM\analysis_scripts\lstrcatA.idc (3284, 2003-02-17)
BUGSCAM\analysis_scripts\lstrcpyA.idc (3253, 2003-02-20)
BUGSCAM\analysis_scripts\MultiByteToWideChar.idc (2355, 2003-02-17)
BUGSCAM\analysis_scripts\sprintf.idc (4047, 2003-02-10)
BUGSCAM\analysis_scripts\wsprintfA.idc (2635, 2003-02-20)
BUGSCAM\analysis_scripts\_sprintf.idc (2634, 2003-02-20)
BUGSCAM\analysis_scripts\_strcat.idc (3283, 2003-02-17)
BUGSCAM\analysis_scripts\_strcpy.idc (3273, 2003-02-17)
BUGSCAM\reports (0, 2003-02-22)
BUGSCAM\reports\formatA.css (640, 2003-02-08)
BUGSCAM\bugscam.conf (311, 2003-02-20)
BUGSCAM\formatA.css (640, 2003-02-08)
BUGSCAM\globalvar.idc (3183, 2003-02-13)
BUGSCAM\insert_global_var.idc (2346, 2003-02-08)
BUGSCAM\known_bugs.txt (198, 2003-02-08)
BUGSCAM\libaudit.idc (9329, 2003-02-13)
BUGSCAM\probtbl_entry.html (109, 2003-02-07)
BUGSCAM\probtbl_template.html (425, 2003-02-08)
BUGSCAM\probtbl_xref.html (72, 2003-02-08)
BUGSCAM\report.html (1166, 2003-02-08)
BUGSCAM\report_gen.idc (857, 2003-02-08)
BUGSCAM\run_analysis.idc (1574, 2003-02-08)
BUGSCAM\table_entry.idc (1732, 2003-02-08)
BugScam Readme
This is the preliminary readme file for BugScam.
BugScam is a collection of scripts for the commercial debugger IDA Pro
(http://www.datarescue.com) that will scan a given binary for problematic
uses of certain library functions (e.g. strcpy etc) and generate a nice
output file (HTML so far, LaTeX soon). It's release was inspired by the
fact that I had libaudit.idc (the "core" engine) lying on my harddisk
since early 2001, and never thought someone would bother with something
this simple -- but now in 2003 one can find commercial products
with almost identical functionality on the Web, and as such I decided to
release this as OpenSource.
How to use BugScam:
1. Get the archive
2. Unpack the archive into /IDADIRECTORY/IDC/BUGSCAM
3. Start IDA from /IDADIRECTORY via executing "idag.exe"
4. Load an (x86)-binary which you want to analyze
5. Run /IDADIRECTORY/IDC/BUGSCAM/run_analysis.idc
6. Look at the pretty output generated:
/IDADIRECTORY/IDC/BUGSCAM/REPORTS/filename.html
7. Use the report & view the reported problems in IDA. Inspect
manually to remove false positives, use the ObjRec package
(or something similar) to reconstruct structures & objects
in order to further decrease false postives
8. Goto 5. until you're satisfied with the result
I hope this helps getting people started :-)
Cheers,
Halvar
近期下载者:
相关文件:
收藏者: