Guarded Memory Move 0.6

Date Added: August 06, 2010 | Visits: 1.122

Report Broken Link
Printer Friendly Version

Product Homepage
Download (89 downloads)

Guarded Memory Move project gets handy when you have to study buffer overflows and you need to catch them together with a "good" stack image. When a stack overflow has been exploited, the back trace is already gone together with good information about parameters and local variables, that are of vital importance when trying to understand how the attacker is trying to work out the exploit. The GMM library uses dynamic function call interception to catch the most common functions that are used by attackers to exploit stack buffers. The GMM library uses the LD_PRELOAD capability and offers two services to the user. First of all, it avoids buffer overflow to allow the attacker to execute shell-code on your machine. Second, in case where an exploit is detected, the stack content is saved and a segmentation fault is triggered. The resulting core dump will then have all the necessary information to debug the exploit and fix the software. Internally, the library insert itself between the application and the glibc library and intercept functions that might lead to buffer overflow exploits. Before calling the glibc core function, the GMM layer saves part of the stack frame above the caller to a temporary location in its frame. It also stores the previous three return addresses in its local storage before calling the glibc core function. When the core function returns, the GMM code samples again the previously recorded return addresses and, if they differ, it restores the previously saved stack frame and issue a segmentation fault. This with a clean stack frame, so that it can be inspected with a debugger. While other solutions exist to detect buffer overflow exploits, like for example StackGuard and StackShield, those differs from GMM in many ways. They live as gcc patches and do require you to rebuild your application to use their functionalities. The good of this approach is that every single function is protected against buffer overflows. The bad of this solution is that every single function is protected against buffer overflows. That is, performance regression on the whole application, even if this is not really a huge problem when hunting for buffer overflows. Another solution similar to GMM is LibSafe, but it does not save and restore the stack frame by making it unusable for debugging. But lets see how GMM differs from the above listed solutions. First of all, GMM works everywhere there are stack frames and the gcc and glibc duo. That means that it is not limited to i386 only. And now the real reason for the GMM existence. Whats New in This Release: - GCCs __builtin_return_address and __builtin_frame_address seems to return garbage instead of NULL at the last frame. This release fixes the problem..

Requirements: No special requirements

Platforms: Linux

Keyword: Buffer, Buffer Overflows, Debuggers, Frame, Gmm, Guarded, Guarded Memory Move, Memory, Move, Overflows, Programming, Stack, Stack Frame, Together With

Users rating: 0/10

License: Freeware

Size: 419.84 KB

USER REVIEWS

More Reviews or Write Review

GUARDED MEMORY MOVE RELATED

Programming - Innovasys Freeware Controls Suite V1.0 Frameplus is themed frame control with auto-enable feature for child controls. ButtonPlus is an alternative to the VB command button control that includes a range of features to give your buttons more functionality and visual appeal. ScrollBarPlus...	2.04 MB
MP3 Tools - Desktop Photo 1.00 Desktop photo - photos on the desktop. This widget acts as a desktop photo frame. Place the photo in any part of the desktop. 7 photo effects to choose from. Photo without frame, photo with a narrow border, photo with translucent borders....	9.93 MB
Networking Tools - Measuring Buffer 20070518 Measuring Buffer is an enhanced version of buffer. Measuring Buffer features display of throughput, network support, memory-mapped file I/O for huge buffers and multithreading..	92.16 KB
Security Tools - Arri 0.2a1 Arri is an array API - more commonly known as a buffer API. Arri provides an interface to create, write, copy, duplicate, delete, append and free awways. It does more than that, though. Arri contains a string API, to handle character strings, an...	64.51 KB
Libraries - smalloc 1.0 smalloc short from Static memory buffer malloc, is an ideal memory manager for Realtime Linux Kernel modules that cant use dynamic memory offered by kmalloc because of the non-realtime nature of kmalloc. Like malloc(), smalloc() doles out memory...	7.17 KB
Utilities - Openwall Linux kernel patch 2.4.35-ow2 Openwall Linux kernel patch is a collection of security-related features for the Linux kernel, all configurable via the new Security options configuration section. In addition to the new features, some versions of the patch contain various...	34.82 KB
Networking - Philtron for Scripts 0.2.6 Philtron is a filtering HTTP proxy, meaning it rewrites the HTML of the web pages that pass through it in order to remove dangerous or annoying javascript-s, popups and improve the anonymity of the user.It will be different from the existing...	307.2 KB
Virus Scanners - ThreatFire™ AntiVirus 3.0+ ThreatFire™ protects when others can't, will your anti virus software catch the latest malware that just came out today. In most cases, no, because it simply does not know how to detect it yet. But ThreatFire's ActiveDefense technology does, and...	14.6 MB
File Utilities - Comodo Internet Security 6.3.300670.2970 Comodo Internet Security combines the award-winning Comodo Firewall and Antivirus software in one easy-to-install suite. More than 10 million PC users around the world rely on Comodo. Free. Comodo Internet Security 2013 is the free,...	144.24 MB
Utilities - Adamantix 1.1.0-pre15 Adamantix project aims to become a highly secure but usable Linux distribution. A standard Linux distribution is not very secure, despite the fact that it may be more secure than other operating systems. The underlying problem is that most of...	292.1 MB

NEW DOWNLOADS IN LINUX SOFTWARE, PROGRAMMING

Linux Software - EasyEDA PCB Designer for Linux 2.0.0 EasyEDA, a great web based EDA(Electronics Design Automation) tool, online PCB tool, online PCB software for electronics engineers, educators, students, makers and enthusiasts. Theres no need to install any software. Just open EasyEDA in any...	34.4 MB
Linux Software - wpCache® WordPress HTTP Cache 1.9 wpCacheÂ® is a high-performance, distributed object, caching system application, generic in nature, but intended for use in speeding up dynamic web applications, by decreasing database load time. wpCacheÂ® decreases dramatically the page...	3.51 MB
Linux Software - Polling Autodialer Software 3.4 ICTBroadcast Auto Dialer software has a survey campaign for telephone surveys and polls. This auto dialer software automatically dials a list of numbers and asks them a set of questions that they can respond to, by using their telephone keypad....	488 B
Linux Software - Total Video Converter Mac Free 3.5.5 Total Video Converter Mac Free developed by EffectMatrix Ltd is the official legal version of Total Video Converter which was a globally recognized brand since 2006. Total Video Converter Mac Free is a free but powerful all-in-one video...	17.7 MB
Linux Software - Skeith mod_log_sql Analyzer 2.10beta2 Skeith is a php based front end for analyzing logs for Apache using mod_log_sql.	47.5 KB
Programming - Cedalion for Linux 0.2.6 Cedalion is a programming language that allows its users to add new abstractions and define (and use) internal DSLs. Its innovation is in the fact that it uses projectional editing to allow the new abstractions to have no syntactic limitations.	471.04 KB
Programming - Math::GMPf 0.29 Math::GMPf - perl interface to the GMP library's floating point (mpf) functions.	30.72 KB
Programming - Net::Wire10 1.08 Net::Wire10 is a Pure Perl connector that talks to Sphinx, MySQL and Drizzle servers. Net::Wire10 implements the low-level network protocol, alias the MySQL wire protocol version 10, necessary for talking to one of the aforementioned...	30.72 KB
Programming - logilab-common 0.56.2 a bunch of modules providing low level functionnalities shared among some python projects devel Please note that some of the modules have some extra dependencies. For instance, logilab.common.db will require a db-api 2.0 compliant...	174.08 KB
Programming - OpenSSL for linux 1.0.0a The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a...	3.83 MB

Windows Software	BeOS Software
Macintosh Software	Linux Software
PDA Software	OS/2 Software
Mobile Software	Scripts