OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Monday, July 19 2010 17:38.27 CDT

Printer Friendly ...

Live x86 Code Instrumentation with Frida

Author: oleavr

# Views: 5301

Thought this might be of interest to you fellow reversers:

http://blog.kalleberg.org/post/833101026/live-x86-code-instrumentation-with-frida

If you want to dive straight in and play with the code, you'll need:
- MS Visual Studio 2010
- Mercurial: http://mercurial.selenic.com/

Then:
- hg clone https://frida-ire.googlecode.com/hg/ frida-ire
- Open frida-ire\zed\zed.sln
- Build in Debug|Win32
- Launch the "zed" project
- Log in using any Jabber account, like GMail, or create a new one at https://register.jabber.org/
- Start typing the name of the process you want to attach to, and off you go

PS: There are some knowns issues with Stalker on pure 32 bit systems, so for now, please make sure you're running 64 bit Windows -- but only attach to 32 bit processes for now :-)

Active in Last 5 Minutes
	waleedassar
	Invisible

There are 28,229 total registered users.

Recently Created Topics
Reverse Engineering ...	Jan/23
Career: DoD Agency I...	Jan/22
"Disappearing&q...	Jan/17
Career: Software Sec...	Jan/11
Where is the call st...	Jan/07
IDA Pro 6.1 Breakpoi...	Jan/01
How to create data s...	Dec/30
can i search all mod...	Dec/23
IDA symbol table exp...	Dec/20
An anti-attach trick	Dec/17

Recent Forum Posts
Reverse Engineering ...	NirIzr
"Disappearing&q...	NirIzr
Reverse Engineering ...	charlie
"Disappearing&q...	charlie
An anti-attach trick	Bass
An anti-attach trick	waleeda...
An anti-attach trick	Bass
An anti-attach trick	waleeda...
An anti-attach trick	Bass
Looking for value in...	NirIzr

Recent Blog Entries
	cmathieu	Feb/07
Hacker Carnival
	waleedassar	Feb/06
OllyDbg v1.10 And Hardware ...
	waleedassar	Jan/31
Yet Another Anti-Debug Trick
	RolfRolles	Jan/22
Finding Bugs in VMs with a ...
	waleedassar	Jan/13
An OllyDbg Bug Disables Sof...
More ...

Recent Blog Comments
	waleedassar on:	Feb/07
OllyDbg v1.10 And Hardware ...
	NirIzr on:	Feb/07
OllyDbg v1.10 And Hardware ...
	NirIzr on:	Feb/05
Yet Another Anti-Debug Trick
	trolotou on:	Feb/05
Doudoune Moncler -Pennies F...
	waleedassar on:	Feb/01
Yet Another Anti-Debug Trick
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit