Guarded Memory Move
The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a "good" stack image. It uses dynamic function call interception to catch the most common functions that are used by attackers to exploit stack buffers. It uses the LD_PRELOAD capability, and, on discovering an exploit, will produce a core dump with the necessary information to debug the exploit and fix the software.
| Tags | Software Development Debuggers Libraries |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX BSD Linux |
Recent releases
- 17 Apr 2007 02:24
Release Notes: GCC's __builtin_return_address and __builtin_frame_address seems to return garbage instead of NULL at the last frame. This release fixes the problem.
- 11 Feb 2004 08:36
Release Notes: A few more potentially dangerous functions have been wrapped.
- 27 Jan 2004 10:31
Release Notes: Wrapper macros for user defined functions have been added, along with a larger glibc function interception. Documentation/White Paper is included in this release.
- 25 Jan 2004 22:17
Release Notes: More functions have been added to the interception list. The ability to call an external program upon exploit detection has been added. Some necessary code cleanup has been done.
- 24 Jan 2004 21:01
No changes have been submitted for this release.
davidel
23 Jan 2004 11:17
Heartbeat
- Popularity Score
- 35.69
- Vitality Score
- 2.89
- Subscriptions
- 12
