Giovanni Di Santi
Giovanni Di Santi
I'm the author of https://github.com/rizinorg/rizin/blob/dev/test/db/archos/linux-x64/dbg_dmht, every binary inside bins/elf/ has a patchef interpreter/linker. Example: ``` $ patchelf --print-interpreter bins/elf/glibc-heap-2.27 bins/elf/ld-2.27.so ``` Now I'm particularly busy to continue working on this
pwndbg checks main_arena in the symbols of the libc: https://github.com/pwndbg/pwndbg/blob/dev/pwndbg/heap/ptmalloc.py#L73 while gef compute the offset from __malloc_hook since main_arena and __malloc_hook are adjacient in memory: https://github.com/hugsy/gef/blob/dev/gef.py#L58 It shouldn't be too...
Check new implementation in the updated comment. ~~I've added the way to compute the main_arena using symbols:~~ ~~https://github.com/meowmeowxw/radare2/blob/cab8f2a92f5ee7de7a7fd00165f2f01c3ebff8dd/libr/core/linux_heap_glibc.c#L325~~ However if I call `r_core_free()` to free the core of the libc,...
UPDATE: I used a function to resolve main_arena from libc: https://github.com/meowmeowxw/radare2/blob/0c41fd4ebd2c33c637efad582db4185f3ae984a4/libr/core/linux_heap_glibc.c#L24 which is called by: https://github.com/meowmeowxw/radare2/blob/0c41fd4ebd2c33c637efad582db4185f3ae984a4/libr/core/linux_heap_glibc.c#L363 I created a [source test](https://github.com/meowmeowxw/radare2/blob/fast-dmh/test/tcache.c) and the binary of the [test](https://github.com/meowmeowxw/radare2/blob/fast-dmh/test/tcache). Then I created...
Hello @jfagoagas , Thank you for the reply. > Also, as I can see this option does not provide a full compatibility with all Prowler's features right? Yes just some...
Hi @toniblyx , Yes it would enable an easier integration into lambda instead of using subprocesses. It would also be possible to manipulate the findings in real time, and add...
Hi, I will close this PR since I don't have time. Thanks for the ping :smile: