Ragweed

by tduehr, crohlf, and tqbf
http://chargen.matasano.com

DESCRIPTION:

  • Ragweed is a set of scriptable debugging tools written in native ruby.

  • Where required the FFI and Win32API libraries are used to interface the machine and OS native system calls.

  • There are no third party dependencies

Supported Platforms

Ragweed is supported and has been tested on the following platforms (32bit intel only):

Windows XP, 7
Linux Ubuntu 9.04 -> 11.04
Mac OS X 10.5, 10.6

Ragweed works with Ruby 1.8.7, 1.9.1 and 1.9.2 and should work with any Ruby that includes FFI support on 32bit WinXP, Win7, Linux 2.6 and OSX 10.6. We are actively investigating 64 bit support for each platform. Unfortunately, this will require significant changes to Ragweed.

  • We have completed switching from Ruby/DL to FFI in 0.2.0. There should be no incompatibilities as a result of this switch. Additionally, ragweed may now work on rubies that include FFI support (jruby, ree, rbx), this has not yet been tested.

FEATURES/PROBLEMS:

  • This suite is currently fairly piecemeal. Each OS has it’s own set of tools. The most complete set is for Win32.

  • Work is ongoing to complete and unify the OSX and Linux portions.

  • Struct’s Nerve is an example of the API we are heading toward

SYNOPSIS:

require 'debuggerosx'
d = Debuggerosx.new(514) # pid of process to trace

Please see the examples directory for more. There are hit tracers for each platform.

REQUIREMENTS:

  • FFI - This was required to get around the limitations of Ruby/DL. If you’re using Ragweed from jRuby, this should be free.

INSTALL:

sudo gem install ragweed

# yep, thats it. you're done.

LICENSE:

Copyright 2009-2011 Matasano Security, LLC All Rights Reserved