Immunity Debugger v1.1 Release
 nicowow <nicolas immunityinc com> |
Thursday, August 30 2007 16:09.20 CDT |
The number one request this month was "Please implement a Python shell so I can write scripts and play with immlib features on the fly!". This is now done. Enjoy! Next to that we continued our efforts to improve the overall debugging experience with two new libraries, libstackanalyze and Ero's Carrera pefile and two new scripts: searchcrypt and stackvar. The Immunity Debugger engine has also undergone changes to improve reliability issues, fix reported memleaks and remove some well-know bugs used for packers such as the printfloat format error (a.k.a the FLD bug). Keep in mind we still have a contest going for the best Immunity Debugger script. The winner gets a free SILICA! Get more details from http://forum.immunityinc.com/index.php?topic=12.0 .
We hope you enjoy this month's release. You can upgrade your current Immunity Debugger by going to Help/Update or directly downloading from http://debugger.immunityinc.com/register.html
Feedback, Requests, and Cool Screenshots are always welcomed at http://forum.immunityinc.com
Sincerely,
Team Immunity
http://www.immunityinc.com
PS: If you are a company, and you are looking for a person
with the right skills, try our ID Job Advertisement program: http://www.immunityinc.com/products-idadvertising.shtml
-------------------------------
1.1 Build 0
August 30, 2007
New Features:
o Interactive Python Shell added
o Lookaside enhanced output + Discovery option
o libdatatype "Get" Function
o Get OS information methods
o Ero Carrera's pefile.py (http://code.google.com/p/pefile/)
o Python engine rewritten to properly use thread locking/unlocking
o Added ignoreSingleStep method for immlib (TRANSPARENT + CONVENTIONAL)
o Attach process window is now dynamically searchable
o Added clean ID memory methods inside immlib
o Added Stack analyzation library (libstackanalyze)
o Fixed some memleak on Disasm
o Fixed wrong arguments on Disasm operand
o Improved Patch command
o Safeseh moved into a PyCommand
New Scripts:
o searchcrypt PyCommand
o stackvars PyCommand
Bug Fixes:
o Solved 'ij' issue inside attach window
o Fixed VCG parser (Blocks display complete address now)
o Fixed traceback error when trying to graph and not attached
o Fixed printfloat() format error
o Fixed ret value of Getaddrfromexp in case of non-existing expression
Comments
| simpleuser | Posted: Friday, August 31 2007 02:46.39 CDT |
| Hey, I thought we could have a free dinner with Kostya instead :D | |
| n00b | Posted: Friday, August 31 2007 06:18.14 CDT |
|
Wow man nice work i have one question how does the stackvars command work.I tried it and couldn't get it to work i execute the Command !stackvars and it asks for an argument. ??? is this an address i have to put in i just want it to scan every thing. thanks nicowow |
|
 nicowow |
Posted: Friday, August 31 2007 08:53.41 CDT |
|
simpleuser: The kostya dinner is still an option for the prize (It would be mine, but im not allowed to play) noob: You can get the usage information from a script by doing : !usage stackvars The way to run stackvar is simple: !stackvars function_address There is no option to do it on every function, but I will ask the guys for it. You can also import it from your script (libstackanalize) and use it (And so, check every function you want), check PyCommands/stackanalize.py to see how to do it. |
|
| n00b | Posted: Friday, August 31 2007 09:34.24 CDT |
| Yeh i found that out lol after a little playing about nice addition thank's. | |