Hi Dmitry,
On Sat, Dec 24, 2016 at 04:59:21PM +0300, Dmitry V. Levin wrote:
> I'd rather extended new -efault= syntax with :signal= option.
Thanks for the feedback. You're absolutely right, adding this to -e
fault is the best solution, not only it minimizes new code, but gives
a nice consistent
Hi,
On Sat, Dec 24, 2016 at 01:29:24PM +0100, Seraphime Kirkovski wrote:
> Hello straces devs !
>
> Recently, I had to do some reverse engineering on a malware for
> a somewhat exotic platform. As the malware had its .text encrypted my
> only possibility was strace. As always, it helped me to
>
Hello.
If you can run the executable under gdb, you can try to use "catch
syscall write".
On Sat, Dec 24, 2016 at 12:29 PM, Seraphime Kirkovski
wrote:
> Hello straces devs !
>
> Recently, I had to do some reverse engineering on a malware for
> a somewhat exotic platform. As the malware had its .
Hello straces devs !
Recently, I had to do some reverse engineering on a malware for
a somewhat exotic platform. As the malware had its .text encrypted my
only possibility was strace. As always, it helped me to
understand the binary, but after I knew what it did, I couldn't do much
more because
