If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: checking out GDB with Dtrace support for OS X... (1.9.2). Should be interesting.
- wishinet: RT @bfoo: Worth reading: http://merbist.com/2010/08/22/discussion-with-a-java-switcher/
- wishinet: nächstes Jahr Taikai in Nürnberg (http://www.taikai.de/) - und nu aus Nürnberg total groggy in die Falle! ;)
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
Valgrind on MacOS X Leopard
Wed, 04/15/2009 - 20:39 | wishi
txtNo Linux required
Since quite a while I intended to have a look at Valgrind to have some real fun with C, without having to assume where the errors are. Valgrind has been recommended by many very experienced people to me as "the solution". Nevertheless I didn't want a Linux VM. Even with Portable Ubuntu this sucks.
A new perspective for exploit development
Natively running Valgrind on MacOS X is possible. The feature-set doesn't contain PPC.
But, and that's amazing, memcheck for 32 and 64 Bit Intel. The executable Heap in MacOS X 10.5.x simply is an introduction to write exploits and to smash it. So in the past I had major issues with MallocScribble, which simply didn't really catch pointer-based problems or strategic information according to potencial heap-overflows during fuzzing processes.
Memcheck is much more precise, and as it seems, the Valgrind port is extendable with chroicle-recorder. I didn't test this jet.
Current status
The latest Valgrind release for MacOS X (3.3.1 r8180, VEX r1854) doesn't run perfectly well on 10.5.6. But it works. Still some syscalls are unrecognized, but for analyzing the heap in particular - a new era of breaking stuff and hardening it afterwards!
Have fun,
wishi
Tags: 
Post new comment