initial

author: Root THC 2026-02-24 12:42:47 +0000
committer: Root THC 2026-02-24 12:42:47 +0000
commit: c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch)
tree: aefc355416b561111819de159ccbd86c3004cf88 /other/burneye2/doc/IDEAS
parent: 073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff)
1 files changed, 41 insertions, 0 deletions
diff --git a/other/burneye2/doc/IDEAS b/other/burneye2/doc/IDEAS
new file mode 100644
index 0000000..7534e56
--- /dev/null
+++ b/other/burneye2/doc/IDEAS
@@ -0,0 +1,41 @@
+Code obfuscation
+        - add dataflow analysis caps to ia32-decode (macros: REG_SQUASH and
+          REG_ACCESS) to encode implicit instruction requirements/outputs
+        - do basic block level reg use analysis
+        - do function level reg use analysis
+        - do bblock/function level obfuscation
+=====
+GNU lightning "risc to machine code" dynamic code generation library
+        - create a simple ia32 to risc converter for the 10 most used
+          instructions
+        - create a simple code obfuscation engine for this risc level
+        - generate machine code by using the GNU lightning library
+=====
+(from uclibc faq)
+When I run 'ldd' to get a list of the library dependencies for a uClibc
+binary, ldd segfaults! What should I do?
+        Use the ldd that is built by uClibc, not your system's one. When your
+system's ldd looks for library dependencies, it actually _runs_ that program.
+This works fine -- usually. It generally will not work at all when you have
+been cross compiling (which is why ldd segfaults). The ldd program created by
+uClibc is cross platform and doesn't even try to run the target program (like
+your system one does). So use the uClibc one and it will do the right thing,
+and it won't segfault even when you are cross compiling.
+        - maybe exploit that to gain privs when people run "ldd file"
+=====
+file overflow
+        - write a reliable exploit that could be used to seize control (just
+          make eh_shentsize very large, direct stack overflow)
author	Root THC	2026-02-24 12:42:47 +0000
committer	Root THC	2026-02-24 12:42:47 +0000
commit	c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch)
tree	aefc355416b561111819de159ccbd86c3004cf88 /other/burneye2/doc/IDEAS
parent	073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff)

diff --git a/other/burneye2/doc/IDEAS b/other/burneye2/doc/IDEAS new file mode 100644 index 0000000..7534e56 --- /dev/null +++ b/other/burneye2/doc/IDEAS
@@ -0,0 +1,41 @@
	1
	2	Code obfuscation
	3
	4	- add dataflow analysis caps to ia32-decode (macros: REG_SQUASH and
	5	REG_ACCESS) to encode implicit instruction requirements/outputs
	6	- do basic block level reg use analysis
	7	- do function level reg use analysis
	8	- do bblock/function level obfuscation
	9
	10	=====
	11
	12	GNU lightning "risc to machine code" dynamic code generation library
	13
	14	- create a simple ia32 to risc converter for the 10 most used
	15	instructions
	16	- create a simple code obfuscation engine for this risc level
	17	- generate machine code by using the GNU lightning library
	18
	19	=====
	20
	21	(from uclibc faq)
	22	When I run 'ldd' to get a list of the library dependencies for a uClibc
	23	binary, ldd segfaults! What should I do?
	24
	25	Use the ldd that is built by uClibc, not your system's one. When your
	26	system's ldd looks for library dependencies, it actually _runs_ that program.
	27	This works fine -- usually. It generally will not work at all when you have
	28	been cross compiling (which is why ldd segfaults). The ldd program created by
	29	uClibc is cross platform and doesn't even try to run the target program (like
	30	your system one does). So use the uClibc one and it will do the right thing,
	31	and it won't segfault even when you are cross compiling.
	32
	33	- maybe exploit that to gain privs when people run "ldd file"
	34
	35	=====
	36
	37	file overflow
	38	- write a reliable exploit that could be used to seize control (just
	39	make eh_shentsize very large, direct stack overflow)
	40
	41