Guarded Memory Move

The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a "good" stack image. It uses dynamic function call interception to catch the most common functions that are used by attackers to exploit stack buffers. It uses the LD_PRELOAD capability, and, on discovering an exploit, will produce a core dump with the necessary information to debug the exploit and fix the software.

Tags Software Development Debuggers Libraries
Licenses GPL
Operating Systems POSIX BSD Linux

Tweet this project Short link

Rss Recent releases

  • Rrelease-mid
  •  17 Apr 2007 02:24
  • Rrelease-after

Changes: GCC's __builtin_return_address and __builtin_frame_address seems to return garbage instead of NULL at the last frame. This release fixes the problem.

  • Rrelease-mid
  •  11 Feb 2004 08:36
  • Rrelease-after

Changes: A few more potentially dangerous functions have been wrapped.

  • Rrelease-mid
  •  27 Jan 2004 10:31
  • Rrelease-after

Changes: Wrapper macros for user defined functions have been added, along with a larger glibc function interception. Documentation/White Paper is included in this release.

  • Rrelease-mid
  •  25 Jan 2004 22:17
  • Rrelease-after

Changes: More functions have been added to the interception list. The ability to call an external program upon exploit detection has been added. Some necessary code cleanup has been done.

  • Rrelease-mid
  •  24 Jan 2004 21:01
  • Rrelease-after

No changes have been submitted for this release.

No-screenshot

Project Spotlight

vPICdisasm

A mid-range PIC dissassembler with several handy features.

F2f8bfdbf10e88f1d334b9a16fc8c048_thumb

Project Spotlight

OBM

A groupware, email, LDAP and PDC, CRM, and project tool with connectors.