Abstract
Конфигурируемый трассировщик системных вызовов в эмуляторе QEMU
Highlights
Sometimes programmers face the task of analyzing the work of a compiled program to find its flaws, defects, and even search for malicious code in it
We offer a new approach to implementing the debugger through system calls, by loading all the information necessary for tracing from the configuration file
Based on the results of the work done, the plugin was developed in the QEMU virtual machine, with which we can trace and debug an application using system calls
Summary
Sometimes programmers face the task of analyzing the work of a compiled program to find its flaws, defects, and even search for malicious code in it. Debugging applications using system tracing can be done inside the operating system, but still a number of problems arise: strong dependence of the debugger on the operating system; impossibility to run several debuggers at the same time; inaccessibility to the privileged execution; necessity to secure the operating system when analyzing programs that have harmful effects. To solve these problems, we can use the virtual machine tools. We can debug applications in a wide range of different operating systems running under different processor architectures
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have