S2 Dynamic Tracer And Decompiler For Gdb

Decompiling is very useful for understanding srtipped binaries, most dissasemblers like IDA or Hopper have a plugin for decompiling binaries, generating a c like pseudocode.

Static analysis, is very useful in most of cases, specially when the binary is not so big, or when you just have an address where to start to analyze. But some algorithms will be learned in less time by dynamic analysis like tracing or debugging.

In cookiemonsters team, we are working on several tracers with different focus, but all of them mix the concept of tracing and decompiling to generate human-readable traces.

S2 is my tracer & decompiler plugin for gdb, very useful for ctfs.

Some of the features are:

- signed/unsigned detecion
- conditional pseudocode (if)
- syscall resolution
- unroll bucles
- used registers values
- mem states
- strings
- logging

The code:

https://bitbucket.org/sha0coder/gdb_automatization/

More information

Comments

Reversing C++ String And QString

After the rust string overview of its internal substructures, let's see if c++ QString storage is more light, but first we'r going to take a look to the c++ standard string object: At first sight we can see the allocation and deallocation created by the clang++ compiler, and the DAT_00400d34 is the string. If we use same algorithm than the rust code but in c++: We have a different decompilation layout. Note that the Ghidra scans very fast the c++ binaries, and with rust binaries gets crazy for a while. Locating main is also very simple in a c++ compiled binary, indeed is more low-level than rust. The byte array is initialized with a simply move instruction: 00400c4b 48 b8 68 MOV RAX,0x6f77206f6c6c6568 And basic_string generates the string, in the case of rust this was carazy endless set of calls, detected by ghidra as a runtime, but nevertheless the basic_str...

The Base Blockchain Airdrop: Hidden Opportunities You Don’t Want to Miss!

The Base blockchain, supported by Coinbase, is making waves in the crypto space with its surging Total Value Locked (TVL) and potential airdrop opportunities. In this article, we'll dive deep into Base's ecosystem, its key protocols, and strategies for maximizing potential rewards. We'll also explore SynFutures, a standout perpetual protocol, and other exciting opportunities that could set the stage for a lucrative airdrop. Base Blockchain: A Rising Star Current Status Base has climbed to the sixth position among blockchains in terms of TVL, surpassing even Arbitrum, the long-time leader in Ethereum Layer 2 solutions. With $4 billion+ in TVL , Base's rapid growth is drawing attention from the crypto community. Why the Excitement Around a Potential Airdrop? Coinbase Backing: As a leading exchange, Coinbase's involvement ensures credibility and innovation. Changing Regulations: With evolving regulatory clarity, there's renewed optimism for potential rewards lik...

Top 12 Highest Paying URL Shortener 2019: Best URL Shortener to Earn Money

Short.pe Short.pe is one of the most trusted sites from our top 30 highest paying URL shorteners.It pays on time.intrusting thing is that same visitor can click on your shorten link multiple times.You can earn by sign up and shorten your long URL.You just have to paste that URL to somewhere. You can paste it into your website, blog, or social media networking sites.They offer $5 for every 1000 views.You can also earn 20% referral commission from this site.Their minimum payout amount is only $1.You can withdraw from Paypal, Payza, and Payoneer. The payout for 1000 views-$5 Minimum payout-$1 Referral commission-20% for lifetime Payment methods-Paypal, Payza, and Payoneer Payment time-on daily basis Short.am Short.am provides a big opportunity for earning money by shortening links. It is a rapidly growing URL Shortening Service. You simply need to sign up and start shrinking links. You can share the shortened links across the web, on your webpage, Twitter, Facebook, and more. Short...

Sri Lanka news columns

Search This Blog