Is this debugger something you'd want integrated with Immunity Debugger? When you say "debugger that runs over firewire" do you mean kinda like WinDBG does when you're trying to do kernel debugging? I'm writing a kernel exploit all day today, but no chance of setting up WinDBG to do it - it's almost easier just to use memory dumps and !analyze -v. The WinDBG UI is almost as bad as SPIKE Proxy's. One thing MOSDEF is not good at is enumerating all the different ways to add two numbers together. We only put one kind of encoding into the assembler and changing it now would be quite difficult. But we're optimized for shellcode size, and speed, while remaining pure-Python. Which is annoying because those are all polar opposites.
<br><br>What dialect of assembler is it that metasm implements? Is that NASM-like?<br><br>-dave<br><br><br><div><span class="gmail_quote">On 7/22/07, <b class="gmail_sendername">Thomas Ptacek</b> <<a href="mailto:tqbf@matasano.com">
tqbf@matasano.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">I've learned not to benchmark ideas against MOSDEF; it's dispiriting.
<br><br>The difference between my code and yours, apart from maturity and<br>originality, is that yours focuses on assembly language and mine<br>focuses on a class hierarchy for opcodes. I wanted to see how far I<br>could get using Python as a superficial IL for x86.
<br><br>My goal isn't shellcode; it's process[or] manipulation. I used it to<br>write a debugger to run over firewire.<br><br>> Thomas Ptacek wrote:<br>> > We've had a lot of luck with a very similar approach. Ours is in
<br>> > Python, only supports x86, and isn't as complete; it also tries<br>> > less hard to look like a DSL. But we like it. If anyone's<br>> > interested, we'd be happy to post.<br>> How do these things differ from MOSDEF (other than having a disassembler?)
<br><br>--<br>---<br>Thomas H. Ptacek // matasano security<br>read us on the web: <a href="http://www.matasano.com/log">http://www.matasano.com/log</a><br>_______________________________________________<br>Dailydave mailing list
<br><a href="mailto:Dailydave@lists.immunitysec.com">Dailydave@lists.immunitysec.com</a><br><a href="http://lists.immunitysec.com/mailman/listinfo/dailydave">http://lists.immunitysec.com/mailman/listinfo/dailydave</a><br>
</blockquote></div><br>