Even end users will benefit from this technology as they will be able to submit more relevant bug reports to software maintainers and eventually get the critical bugs they may experience fixed faster.
(PRWEB) September 06, 2011
Security startup Toucan System released today the tool they presented earlier this month at the Blackhat US conference as Open Source.
The tool, called pmcma (for Post Memory Corruption Memory Analysis) is a debugger. Pmcma was designed to determine if a given software bug is a vulnerability... by attempting to exploit it.
"The very core innovation of pmcma is to be able to force a debugged process to fork, therefore creating many exact replicates of itself in memory. This allows for incremental creation of an exploit." said Jonathan Brossard, Senior Security Engineer and CEO at Toucan System. "This approach allows for easy experimentation with the debugged software and is pretty revolutionary in terms of exploit engineering" he added.
Pmcma is now capable of determining automatically if invalid memory write permissions, a very common consequence of memory corruption bugs such as buffer overflows or integer overflows, are exploitable directly by overwriting a function pointer anywhere in memory. It can also determine with which probability those vulnerabilities can be exploited, or if they do not pose any security concerns.
"This is a critical factor for many players in the industry, from system administrators who wish to know if a public exploit for given vulnerability could be adapted easily to attack their own systems, to software vendors or programmers that need metrics to prioritise which bugs they should fix first" concluded Nicolas Massaviol, CTO at Toucan System. Even end users will benefit from this technology as they will be able to submit more relevant bug reports to software maintainers and eventually get the critical bugs they may experience fixed faster.
The tool is released as free software under the Apache 2.0 license and is available at : http://www.pmcma.org/ . It currently supports x86 and x86_64 Intel architectures for the GNU/Linux and Android operating systems. Ports to Mac OSX, *BSD and ARM architectures will be released in the next few months.