Description: This is the video recording of the presentation titled "<span style="font-weight: bold;">Helikaon Linux Debugger</span>" given by Jason Raber at Recon 2008. <br><br>The Linux OS is not immune to malware and viruses. The reverse engineer is faced with fighting though anti-debugging protections when trying to understand these binaries. This can be a tedious and time consuming process. COTS debuggers, such as GDB and IDA Pro, are detected in Linux utilizing a variety of anti-debugging techniques. I have developed a stealthy Linux-driver-based debugger named "Helikaon" that will aid the reverse engineer in debugging a running executables without being detected. Guest Helikaon injects a jump at runtime from kernel land into a user mode running process rather than using standard debugger breakpoints like "INT 3" or DR0-DR7 hardware registers. Find out alternate techniques for dynamic analysis in the Linux environment. <br><br>You can download a high resolution version of the video here. The slides are available here. <br><br><br><br><br><style type="text/css"> body { background: #FFF; } </style> </div><br> <style type="text/css"> body { background: #FFF; } </style>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.