Vuln Dev
Immunity Debugger v1.1 Aug 30 2007 09:18PM
Nicolas Waisman (nicolas waisman immunityinc com)
The number one request this month was "Please implement a Python shell
so I can write scripts and play with immlib features on the fly!". This
is now done. Enjoy! Next to that we continued our efforts to improve
the overall
debugging experience with two new libraries, libstackanalyze and Ero
Carrera's pefile and two new scripts: searchcrypt and stackvar. The
Immunity Debugger engine has also undergone changes to improve
reliability issues, fix reported memleaks and remove some well-know bugs
used for packers such as the printfloat format error (a.k.a the FLD
bug). Keep in mind we still have a contest going for the best Immunity
Debugger script. The winner gets a free SILICA! Get more details from .
We hope you enjoy this month's release. You can upgrade your current
Immunity Debugger by going to Help/Update or directly downloading from

Feedback, Requests, and Cool Screenshots are always welcomed at
Team Immunity
PS: If you are a company, and you are looking for a person
with the right skills, try our ID Job Advertisment program:
1.1 Build 0
August 30, 2007

New Features:

o Interactive Python Shell added
o Lookaside enhanced output + Discovery option
o libdatatype "Get" Function
o Get OS information methods
o Ero Carrera's (
o Python engine rewritten to properly use thread locking/unlocking
o Added ignoreSingleStep method for immlib (TRANSPARENT + CONVENTIONAL)
o Attach process window is now dynamically searchable
o Added clean ID memory methods inside immlib
o Added Stack analyzation library (libstackanalyze)
o Fixed some memleak on Disasm
o Fixed wrong arguments on Disasm operand
o Improved Patch command
o Safeseh moved into a PyCommand

New Scripts:

o searchcrypt PyCommand
o stackvars PyCommand

Bug Fixes:

o Solved 'ij' issue inside attach window
o Fixed VCG parser (Blocks display complete address now)
o Fixed traceback error when trying to graph and not attached
o Fixed printfloat() format error
o Fixed ret value of Getaddrfromexp in case of non-existing expression

Version: GnuPG v1.4.6 (GNU/Linux)


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus