[Dailydave] Tool announce: user mode single stepping
Jared DeMott
demottja at msu.edu
Wed Nov 29 15:44:33 EST 2006
> Hello,
> There is a small project named "umss", created in McAfee labs, which
> readers
> of this list may find interesting. It implements fast single stepping of
> Win32 binaries. It is ca 100x faster than WaitForDebugEvent() and 10x
> faster
> than in-process EXCEPTION_SINGLE_STEP trapping. Umss works by (kind of)
> disassembling the binary on-the-fly and placing logging hooks after each
> executed instruction (so, it does not use the TF flag). More information
> and
> the project source can be found at
> http://www.avertlabs.com/research/blog/?p=140
>
> RW
>
>
Very cool. How hard to you think it would be to port this technology to
PaiMei? I know python is slow, but if it could be done the dependence
on a PIDA file (func/basic block granularity) could possibly be removed
for Code Coverage tracking. This would not only save time preparing a
PIDA file for difficult binaries, but could give a better measure of
CC. (I'm in the process of upgrading PaiMei to be remotely controlled
by GPF for evolutionary fuzzing and was talking with Pedram about this
very thing a couple weeks ago.)
More information about the Dailydave
mailing list