Wizzup?
10-23-2012, 09:26 PM
Hi,
This is another project I have been working on (with two other students) over the last 5 months. Right now it is much more polished and complete than Rubberfuse (http://villavu.com/forum/showthread.php?t=91342) and I opened the repository to the public two days ago.
The project is really quite low level, even for C.
Goals:
Education
Provide an easy to use, cross architecture system call tracing and injection interface usable by debuggers and other tools.
Skills:
C
Linux
Debuggers
ptrace system call
Tools:
Linux
GCC
Introduction
Tracy is an system call tracing and injection framework. It allows you to monitor and modify system calls made by a process on the lowest possible level in userspace. You can use this library (Tracy) to create all kinds of tools, ranging from special debuggers, transparent proxifiers, rootkits, guided program testing, […].
I wrote a small paper on the project. It's a bit messy but there was this deadline... ;)
http://wizzup.org/tracy.pdf (.tex file can be found in report/ in the github repo)
Documentation can be found in tracydoc/ (https://github.com/MerlijnWajer/tracy/blob/master/doc)
Intro: https://github.com/MerlijnWajer/tracy/blob/master/tracydoc/intro.rst
API: https://github.com/MerlijnWajer/tracy/blob/master/tracydoc/reference.rst
Current status
Tracy is not a finished product, but it is already quite usable, has a somewhat mature API and works at least on the following platforms (using Linux):
ARM
Intel x86 (32 bit)
AMD 64 (64 bit)
*BSD support is planned but not a priority.
We have several example programs, the most notable one is Soxy, a SOCKS 5 proxifier for IPv4 and TCP (no UDP and IPv6 yet, sorry).
Source: https://github.com/MerlijnWajer/tracy
Contact
Here or on github.
This is another project I have been working on (with two other students) over the last 5 months. Right now it is much more polished and complete than Rubberfuse (http://villavu.com/forum/showthread.php?t=91342) and I opened the repository to the public two days ago.
The project is really quite low level, even for C.
Goals:
Education
Provide an easy to use, cross architecture system call tracing and injection interface usable by debuggers and other tools.
Skills:
C
Linux
Debuggers
ptrace system call
Tools:
Linux
GCC
Introduction
Tracy is an system call tracing and injection framework. It allows you to monitor and modify system calls made by a process on the lowest possible level in userspace. You can use this library (Tracy) to create all kinds of tools, ranging from special debuggers, transparent proxifiers, rootkits, guided program testing, […].
I wrote a small paper on the project. It's a bit messy but there was this deadline... ;)
http://wizzup.org/tracy.pdf (.tex file can be found in report/ in the github repo)
Documentation can be found in tracydoc/ (https://github.com/MerlijnWajer/tracy/blob/master/doc)
Intro: https://github.com/MerlijnWajer/tracy/blob/master/tracydoc/intro.rst
API: https://github.com/MerlijnWajer/tracy/blob/master/tracydoc/reference.rst
Current status
Tracy is not a finished product, but it is already quite usable, has a somewhat mature API and works at least on the following platforms (using Linux):
ARM
Intel x86 (32 bit)
AMD 64 (64 bit)
*BSD support is planned but not a priority.
We have several example programs, the most notable one is Soxy, a SOCKS 5 proxifier for IPv4 and TCP (no UDP and IPv6 yet, sorry).
Source: https://github.com/MerlijnWajer/tracy
Contact
Here or on github.