Security/Mentorships/MWoS/2014/Cross-platform memory scanning in Go: Difference between revisions
< Security | Mentorships | MWoS | 2014
Jump to navigation
Jump to search
| Line 14: | Line 14: | ||
=== Success Criteria === | === Success Criteria === | ||
== Updates == | == Updates == | ||
=== | === 2014-08-01 === | ||
Summary of the week: | |||
* Linux: /proc/<pid>/maps for .so mapped files, and /proc/<pid>/mem for raw memory. | |||
* Windows has a couple of functions via the Windows API, that can be called with LoadLibrary or CGO. We decided to use CGO because it was easier. | |||
* Mac: Not so easy, there's a way to get a coredump without killing the process, we can do that to analyze what we want. osxbook has an example. | |||
* If we use CGO we won't be able to cross-compile. Not a problem. | |||
* Go has packages for accessing ELF/Mach-O/PE files in the debug package, we can analyze binaries and get more info. | |||
* We got working examples on Linux and Windows to get a process loaded libraries. | |||
Plan for next week: | |||
* Investigate how to get more information about libraries (version number, build, revision, etc) | |||
* Read more about Mac and how to get the data that we need. | |||
* Decide on a name for the project | |||
* Sign committer agreement | |||
=== 2014-07-14 === | |||
* Team presentation | * Team presentation | ||
* Project introduction: MIG and the memory scanner module. | * Project introduction: MIG and the memory scanner module. | ||
| Line 20: | Line 35: | ||
* Agreed on meeting once a week. Meetings scheduled by the team. | * Agreed on meeting once a week. Meetings scheduled by the team. | ||
* Plan for the next week: Investigate how to get the information that the memory scanner will provide in linux, windows and OS X. | * Plan for the next week: Investigate how to get the information that the memory scanner will provide in linux, windows and OS X. | ||
=== <date> === | === <date> === | ||
Revision as of 02:19, 2 August 2014
Team
Introduction
Members
- Agustin Martinez Suñé
- Marco Vanotti
- Nahuel Lascano
- Patricio Palladino
- Professor: Alejandro Furfaro
- Mozilla Advisor: Julien Vehent
Project
Description
Scope
Success Criteria
Updates
2014-08-01
Summary of the week:
- Linux: /proc/<pid>/maps for .so mapped files, and /proc/<pid>/mem for raw memory.
- Windows has a couple of functions via the Windows API, that can be called with LoadLibrary or CGO. We decided to use CGO because it was easier.
- Mac: Not so easy, there's a way to get a coredump without killing the process, we can do that to analyze what we want. osxbook has an example.
- If we use CGO we won't be able to cross-compile. Not a problem.
- Go has packages for accessing ELF/Mach-O/PE files in the debug package, we can analyze binaries and get more info.
- We got working examples on Linux and Windows to get a process loaded libraries.
Plan for next week:
- Investigate how to get more information about libraries (version number, build, revision, etc)
- Read more about Mac and how to get the data that we need.
- Decide on a name for the project
- Sign committer agreement
2014-07-14
- Team presentation
- Project introduction: MIG and the memory scanner module.
- Set deadline: mid/end of December
- Agreed on meeting once a week. Meetings scheduled by the team.
- Plan for the next week: Investigate how to get the information that the memory scanner will provide in linux, windows and OS X.
<date>
- current work
- blocking points
- discussion points
- upcoming work