Difference between revisions of "GMM"
(Created page with "{{Entry |Name=GMM |Short description=Guarded Memory Move |Full description=The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a ...") |
(New version) |
||
Line 3: | Line 3: | ||
|Short description=Guarded Memory Move | |Short description=Guarded Memory Move | ||
|Full description=The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a "good" stack image. Once a stack overflow has been exploited, the back trace is already gone, as is information about parameters and local variables that are very important in understanding how the attacker is working out the exploit. The GMM library uses dynamic function call interception to catch the most common functions that attackers use to exploit stack buffers. It uses the LD_PRELOAD capability and offers two services: first, it avoids buffer overflow to allow the attacker to execute shell-code on your machine. Second, where an exploit is detected, it saves the stack content and triggers a segmentation fault. The resulting core dump has the necessary information to debug the exploit and fix the software. | |Full description=The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a "good" stack image. Once a stack overflow has been exploited, the back trace is already gone, as is information about parameters and local variables that are very important in understanding how the attacker is working out the exploit. The GMM library uses dynamic function call interception to catch the most common functions that attackers use to exploit stack buffers. It uses the LD_PRELOAD capability and offers two services: first, it avoids buffer overflow to allow the attacker to execute shell-code on your machine. Second, where an exploit is detected, it saves the stack content and triggers a segmentation fault. The resulting core dump has the necessary information to debug the exploit and fix the software. | ||
+ | |Homepage URL=http://www.xmailserver.org/gmm.html | ||
|User level=none | |User level=none | ||
− | |||
− | |||
− | |||
− | |||
|Computer languages=C | |Computer languages=C | ||
|Documentation note=User reference in PDF from http://www.xmailserver.org/gmm.pdf | |Documentation note=User reference in PDF from http://www.xmailserver.org/gmm.pdf | ||
− | |||
− | |||
− | |||
− | |||
|Related projects=libsafe | |Related projects=libsafe | ||
|Keywords=debug,intrusion detection,stack,buffer overflow,exploit,forensic analysis,shell code | |Keywords=debug,intrusion detection,stack,buffer overflow,exploit,forensic analysis,shell code | ||
− | | | + | |Version identifier=0.6 |
− | |Last review by= | + | |Version date=2007/04/18 |
− | |Last review date= | + | |Version status=beta |
+ | |Version download=http://www.xmailserver.org/gmm-0.6.tar.gz | ||
+ | |Last review by=Alejandroindependiente | ||
+ | |Last review date=2017/03/15 | ||
|Submitted by=Database conversion | |Submitted by=Database conversion | ||
|Submitted date=2011-04-01 | |Submitted date=2011-04-01 | ||
− | | | + | |Status= |
− | | | + | |Is GNU=No |
− | | | + | |License verified date=2004-01-27 |
− | | | + | }} |
+ | {{Project license | ||
+ | |License=GPLv2orlater | ||
+ | |License verified by=Janet Casey | ||
|License verified date=2004-01-27 | |License verified date=2004-01-27 | ||
− | |||
}} | }} | ||
{{Person | {{Person | ||
+ | |Real name=Davide Libenzi | ||
|Role=Maintainer | |Role=Maintainer | ||
− | |||
|Email=davidel@xmailserver.org | |Email=davidel@xmailserver.org | ||
|Resource URL= | |Resource URL= | ||
Line 37: | Line 35: | ||
|Interface=library | |Interface=library | ||
|Internet-application=security | |Internet-application=security | ||
− | |Use=internet-application,security | + | |Use=internet-application, security |
− | |||
− | |||
− | |||
− | |||
− | |||
}} | }} | ||
{{Software prerequisite | {{Software prerequisite | ||
Line 52: | Line 45: | ||
|Prerequisite description=gcc | |Prerequisite description=gcc | ||
}} | }} | ||
+ | {{Featured}} |
Revision as of 17:09, 15 March 2017
GMM
http://www.xmailserver.org/gmm.html
Guarded Memory Move
The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a "good" stack image. Once a stack overflow has been exploited, the back trace is already gone, as is information about parameters and local variables that are very important in understanding how the attacker is working out the exploit. The GMM library uses dynamic function call interception to catch the most common functions that attackers use to exploit stack buffers. It uses the LD_PRELOAD capability and offers two services: first, it avoids buffer overflow to allow the attacker to execute shell-code on your machine. Second, where an exploit is detected, it saves the stack content and triggers a segmentation fault. The resulting core dump has the necessary information to debug the exploit and fix the software.
Licensing
License
Verified by
Verified on
Notes
Leaders and contributors
Contact(s) | Role |
---|---|
Davide Libenzi | Maintainer |
Resources and communication
Audience | Resource type | URI |
---|---|---|
Python (Ref) | https://pypi.org/project/GMM |
Software prerequisites
Kind | Description |
---|---|
Required to use | glibc |
Required to build | gcc |
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.