Hi, I'd like to introduce the scanmem package from devel:tools to you with the hope to get it included in openSUSE:Factory. === Description === Scanmem is a simple interactive debugging utility for Linux, used to locate the address of a variable in an executing process. This can be used for the analysis or modification of a hostile process on a compromised machine, user-space live-patching, reverse engineering, or as a "pokefinder" to cheat at video games. Since version 0.8, scanmem includes a GUI called GameConqueror. But the devel:tools maintainers decided not to provide it due to security reasons (requires pkexec, contains most bugs). Upstream: https://github.com/scanmem/scanmem Upstream maintainer: Sebastian Parschauer (me) Development model: single maintainer homebrew FOSS License: GPLv3 === Purpose of having the package === To be honest, the tool is mostly used for game cheating. All other distributions already have it. openSUSE is an ideal platform for game cheating due to often no hardening of games and no ptrace() restrictions by default. This is why two other users have packaged it for openSUSE already. It can also help in some tricky L3s, for the work in the security team, or for secure programming. === Maintainability === Maintaining the package without GameConqueror is really easy for me. The scanmem executable uses an absolute path to libscanmem. So the lib is packaged to be located outside of any library search path with /usr/lib(64)/scanmem/. All that is C code. Upstreaming fixes is easy as I'm the upstream maintainer as well. I have a strong passion for homebrew FOSS and game cheating. There are multiple active contributors. So development will move on. We've achieved a lot already since I took over upstream maintenance. Performance is tested by scripting scanmem commands and profiling. It is gradually improved by inlining functions and avoiding slow ptrace() where /proc/$pid/mem can be used. Security is checked by security professionals who review the code and regular Coverity Scan runs. Most bugs are located in the Python 2/3 GTK 3 GUI this way. === Special features === The tool also helps to detect the types of memory regions and to bypass ASLR with its knowledge about the ELF format. It shows the load address of every writable memory region and provides a match offset so that the current load address can be re-added the next target process run. This is used by game trainers with ASLR/PIC/PIE support. The match offsets of the executable match "objdump -D" output of PIE executables. I miss such stuff often with user-space crashes without core dump. If the process is already dead, then a randomized address is quite worthless. ================ Cheers, Sebastian from the L3 team -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org