OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Thursday, August 30 2007 16:09.20 CDT

Modified: Thursday, August 30 2007 17:38.16 CDT

Printer Friendly ...

Immunity Debugger v1.1 Release

Author: nicowow

# Views: 8547

The number one request this month was "Please implement a Python shell so I can write scripts and play with immlib features on the fly!". This is now done. Enjoy! Next to that we continued our efforts to improve the overall debugging experience with two new libraries, libstackanalyze and Ero's Carrera pefile and two new scripts: searchcrypt and stackvar.   The Immunity Debugger engine has also undergone changes to improve reliability issues, fix reported memleaks and remove some well-know bugs used for packers such as the printfloat format error (a.k.a the FLD bug).   Keep in mind we still have a contest going for the best Immunity Debugger script. The winner gets a free SILICA! Get more details from http://forum.immunityinc.com/index.php?topic=12.0 .
We hope you enjoy this month's release. You can upgrade your current Immunity Debugger by going to Help/Update or directly downloading from http://debugger.immunityinc.com/register.html

Feedback, Requests, and Cool Screenshots  are always welcomed at http://forum.immunityinc.com
Sincerely,
Team Immunity
http://www.immunityinc.com
PS: If you are a company, and you are looking for a person
with the right  skills, try our ID Job Advertisement program: http://www.immunityinc.com/products-idadvertising.shtml

-------------------------------
1.1 Build 0
August 30, 2007

New Features:

o Interactive Python Shell added
o Lookaside enhanced output + Discovery option
o libdatatype "Get" Function
o Get OS information methods
o Ero Carrera's pefile.py (http://code.google.com/p/pefile/)
o Python engine rewritten to properly use thread locking/unlocking
o Added ignoreSingleStep method for immlib (TRANSPARENT + CONVENTIONAL)
o Attach process window is now dynamically searchable
o Added clean ID memory methods inside immlib
o Added Stack analyzation library (libstackanalyze)
o Fixed some memleak on Disasm
o Fixed wrong arguments on Disasm operand
o Improved Patch command
o Safeseh moved into a PyCommand

New Scripts:

o searchcrypt PyCommand
o stackvars PyCommand

Bug Fixes:

o Solved 'ij' issue inside attach window
o Fixed VCG parser (Blocks display complete address now)
o Fixed traceback error when trying to graph and not attached
o Fixed printfloat() format error
o Fixed ret value of Getaddrfromexp in case of non-existing expression

Blog Comments

simpleuser	Posted: Friday, August 31 2007 02:46.39 CDT
Hey, I thought we could have a free dinner with Kostya instead :D

n00b	Posted: Friday, August 31 2007 06:18.14 CDT
Wow man nice work i have one question how does the stackvars command work.I tried it and couldn't get it to work i execute the Command !stackvars and it asks for an argument. ??? is this an address i have to put in i just want it to scan every thing. thanks nicowow

nicowow

Posted: Friday, August 31 2007 08:53.41 CDT

simpleuser: The kostya dinner is still an option for the prize (It would be mine, but im not allowed to play)

noob: You can get the usage information from a script by doing : !usage stackvars
      The way to run stackvar is simple:
  !stackvars function_address

   There is no option to do it on every function, but I will ask the guys for it. You can also import it from your script (libstackanalize) and use it (And so, check every function you want), check PyCommands/stackanalize.py to see how to do it.

n00b	Posted: Friday, August 31 2007 09:34.24 CDT
Yeh i found that out lol after a little playing about nice addition thank's.

There are 31,313 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
hi!	Jul/01
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit