Version alpha

lecture: Tracing Struct Accesses with Struct Stalker

A Foray Into the Darkness of LLDB Scripting

Event large

Struct Stalker is an LLDB script that instruments processes to trace struct/object accesses in C/C++ applications. It recursively walks
through all fields in a targeted variable variable to make each each one inaccessible through page permissions, and catches and processes all ensuing page faults to track memory accesses. This talk will cover the Struct Stalker tool and will additionally include a brief
introduction to LLDB scripting that covers a bunch of useful stuff that the LLDB "documentation" does not.


Day: 2018-06-16
Start time: 10:00
Duration: 00:30
Room: Grand salon
Track: Software Reverse Engineering



Concurrent Events