Let’s start IDA on our Windows machine and see if we can figure out what causes the crash. If you run it with a malformed output file name, it crashes: We modified the tool we use to generate IDA message files to make it vulnerable. Lets now take a look at our somewhat artificial macvuln demo application. If your debugger server is directly accessible from the Internet (a strategy we do not recommend!), or if you are working in a sniffable local environment, consider adding encryption such as a SSH tunnel to prevent password sniffing. If you forget to password-protect it, anyone can connect to the debugger server and launch any program on the machine. Do not forget to protect your debugger server from the outside world. We’re all set! We can either create new processes or attach to existing ones. We are now ready to launch the the debugger server: Please note the ‘s’ bit in the file permissions. In order to connect to other applications and debug them, we first have to set the appropriate permissions for the debugger server: we need to make it setgid “procmod”. But, if you prefer, you may also use the Mac OS X version of IDA, or even the Linux version, they offer the same functionalty. For this tutorial, we will use the Windows version of IDA. The debugger server is stand-alone and it is not necessary to have installed the OS X version of IDA to use it. Unpack the debugger server files to any directory on Mac OS X. macvuln.tgz – a sample vulnerable Mac OS X application which will be used in this primer.
#How to use mac os 9 debugger how to
This primer shows how to use the Mac OS X debugger included in IDA 5.1.īefore we start, please download this archive: