rustig
pwninit
Our great sponsors
| rustig | pwninit | |
|---|---|---|
| 9 | 2 | |
| 215 | 782 | |
| 0.0% | - | |
| 0.0 | 0.0 | |
| over 2 years ago | 4 months ago | |
| Rust | Rust | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rustig
-
Is there something like "super-safe" rust?
There is also rustig though it seems quite dead.
-
Is Rust really safe? How to identify functions that can potentially cause panic
There’s the rustig tool (https://github.com/Technolution/rustig) that looks for code paths leading to the panic handler. Not sure if it still works though.
-
My thoughts on Rust and C++
That's fair. I think I may just be a bit sore that Rustig was allowed to bit-rot and findpanics hasn't seen a commit since 2020.
- What improvements would you like to see in Rust or what design choices do you wish were reconsidered?
-
Things I hate about Rust, redux
There's Rustig which does it for panics, though it seems unmaintained and uses inspection of the final binary rather than source code/AST inspection.
You might be interested in this: https://github.com/Technolution/rustig
-
Three Things Go Needs More Than Generics
> Doesnt Rust have implicit panics on indexing out of bounds?
It does yes. A fair number of other constructs can panic as well.
> I wonder if any codebases lint those away.
Clippy has a lint for indexing so probably.
For the general case, it's almost impossible unless you're working on very low-level software (embedded, probably kernel-rust eventually) e.g. `std` assumes allocations can't fail, so any allocation will show up as a panic path.
https://github.com/Technolution/rustig can actually uncover panic paths, but because of the above the results are quite noisy, and while it's possible to uncover bugs thanks to rustig it requires pretty ridiculous amounts of filtering.
-
Linus Torvalds on Rust support in kernel
This comment is strongly confused.
> [1] https://github.com/Technolution/rustig
That's a binary analysis tool. It is only approximate, and does not claim to be an accurate analysis like unsafe-checking and typechecking are:
https://github.com/Technolution/rustig#limitations
> All paths leading to panic! from one of those functions (whether actually used or not) will be reported.
It also only works on x86_64 binaries.
Panics are an ugly leftover from the bad old days before Rust had nice monad-like syntax for Result error-handling (the "?" syntax). It's time for panic to sunset.
pwninit
-
[Tips] Use pwninit to run libc
And so, I found a tool that hasn't been mentioned here before! It's called https://github.com/io12/pwninit and solved the problem for me. It also has a few more cool features, like generating a template exploit.py automatically and stuff.
-
How to determine the correct linker (ld-file) from a binary and libc-file, so you can use patchelf --set-interpreter ./<ld-file> ./<binary> to run the binary properly as otherwise it will abort with a segmentation fault.
There is a great tool called pwninit https://github.com/io12/pwninit (I didn't write it or anything) (I actually used it for cache me outside) I Hope this helps
What are some alternatives?
Rust-for-Linux - Adding support for the Rust language to the Linux kernel.
cargo-binstall - Binary installation for rust projects
go101 - An up-to-date (unofficial) knowledge base for Go programming self learning
nue - I/O and binary data encoding for Rust
bastion - Highly-available Distributed Fault-tolerant Runtime
goblin - An impish, cross-platform binary parsing crate, written in Rust
kani - Kani Rust Verifier
bincode - A binary encoder / decoder implementation in Rust.
gdbstub - An ergonomic, featureful, and easy-to-integrate implementation of the GDB Remote Serial Protocol in Rust (with no-compromises #![no_std] support)
rustysd - A service manager that is able to run "traditional" systemd services, written in rust
go - The Go programming language
intruducer - A Rust crate to load a shared library into a Linux process without using ptrace.