Thursday, May 20, 2010

Jsunpack-n update 0.3.2b Custom Spidermonkey and Google Code Subversion

I now distribute my own modifications to Spidermonkey with the project. This allows you to easily compile it with my preferred modifications. If you want to see what modifications I make, read the INSTALL.spidermonkey or INSTALL.spidermonkey.shellcode files.

You can now get the source code for the project from (instead of my website).

Updates 2010-05-20 version 0.3.2b

1) added INSTALL.spidermonkey.shellcode instructions. This adds improved shellcode detection.
2) updated jsunpack class options structure. New options will always use file contents instead of filenames (where possible). Also, rules are now part of the options structure.
3) socket defaulttimeout now part of jsunpack class (it was global before). If you import jsunpack, make sure to set a timeout on your own.
4) you can use jsunpack.version to get the current version string
5) new performance option (-f "fasteval") for disabling non-critical features in favor of performance
6) fixed a bug in redoevaltime option affecting performance of malicious scripts
7) fixed a pdf parsing bug for /Page related to testcase samples/pdf-numPages.file

Wednesday, May 5, 2010

Three days ... of bug hunting (and a new release) I blame python

This is the worst bug related to the project that I've encountered so far and I just spent a few days trying to find what went wrong... Well, I just found and fixed it!

I'd highly recommend NOT using version 0.3.2 because of this bug, version 0.3.2a has only a few new features but YOU SHOULD UPGRADE immediately if you use 0.3.2. Version 0.3.2 is the only version affected by this bug and it prevents jsunpack-n timeouts from killing the SpiderMonkey process (if the script never terminates).

Updates 2010-05-05 version 0.3.2a
1) implemented this.numPages, getPageNthWord, and getPageNumWords
2) fixed bug (python 2.6 only) for log_ips functionality
3) fixed REALLY BAD performance bug related to python dynamic types. This is why type checking is a good thing and why python sucks at it. Most of my python bugs are because I redefine another variable, wipe out a loop variable, or otherwise use a bad type.