Using Strace to Trace Linux Syscalls

When I was younger, I had an interest in reversing and stumbled across Lena's Reversing tutorials... I couldn't quite grasp it back then but I now have a renewed interest. The amount of effort and clarity you put in these videos is amazing. Thank you.

I really like the presentation in these tutorials. It's like you are communicating to us from your secret bunker base--letting the people know how to use the systems that were built for them. I've used strace a bit, and your explanation will make my future use of it even better.

I LOVE this tutorial and presentation. very adhd friendly and adorable. Thank you for taking the time on this video. There are people that appreciate the work you've done. :)

First time i see your channel, love the style and lain inspiration, you got yourself a new subscriber here 💪

I just started learning about it yesterday and surprisingly, you released this video today. 😂

The fact that you don't edit out the "errors" you make on the console while recording makes the video flows perfectly because it feels more real and like a dynamic study session instead of a pre-recorded unreal stuff. Thanks for talking about such very specific subjects.

I'm a RE and malware analysis junkie. About 10 years ago I set up a virtual machine with Windows XP on it, downloaded dozens of gigabytes of malware, set up file + registry + network monitors and just randomly executed malware in the VM. It was a lot of fun. One of the malware samples was a keylogger which stored my keystrokes, and sent it over plain FTP to a server in Nigeria. Through Fiddler I discovered that the username and password for that FTP server was in plain text, so I tried logging in to that server and it worked. Before my eyes, on the FTP server, there were hundreds of folders, each filled with data harvested from victims of the malware. The data included also tons of banking and credit card information. I was able to discover the identity of the man running the Nigerian server and managed to find him on social media. Pretty crazy. Another malware sample I tested launched a little chat window in the middle of the screen and the chatbox literally had the title "You're Now Speaking With Mr. Hacker!"... and the person running the malware backend was typing to me, boasting about how I got haxx0red. I played along and begged him not to do any harm to my computer and he was just laughing in my face. Then I told him it's a virtual machine... and reverted to a clean snapshot. When it comes to reverse engineering, I use IDA Pro and Ghidra to discover how exactly some of my favorite older games work under the hood. Mostly Sega Genesis/Atari ST (Motorola 68000) but also x86. In one case I got in the mood to remake an 1988 game I was reversing, in C/C++, to achieve its compatibility with modern systems and fix some of the gameplay bugs. You can see some of the results of that on my channel :)

Forgot to mention your videos are a great introduction to mobile malware analysis for someone like me, coming from workstation malware analysis, so thank you for them. That damn Fishy tune though lol, I can't get rid of it from my head

Thx for the great videos! Running strace on nmap to see how things are working under the hood. Maybe ill get to reversing some malware sometime.

Beautiful and smart.. love your videos.

Amazing video. Very very usefull !!!

I love your conentent 🎉

It's a nice voice. I like it😀

could you make a video on how you make your videos, I want to know how you make the overlays for copland OS etc

Love it, thank you very much! Can you make the future videos with more zoom on the terminal? Please :)

I find the system call code extremely interesting from a signal path perspective. I got recommended sysinternals by GPT4 for psexec to get a peek inside the kernel. I'm curious if anything in sysinternals or syscalls can do this signal path analysis for AI behaviour, just as deep.
Thanks for the video Laurie.

Great video Laurie, can you do one on GDB?

Você é a programadora mais linda que eu já vi

Could you make a video on ltrace :)

she's such adorbs 🥹

great video, but there are some mistakes, there is pread64 in command at 10:21 so the command didn't worked as intended.

yeah but there is still pread64

Why do you suppose the order of parent/child output is different after executing fork_example with the -f flag versus without?
Is the timing of parent/child process execution indeterminate?

The desktop image with TUX. Please, share it !!

Nicely explained and I like the style :) Sub from me

i love you

wanna be tracer ? 🎵🎵

I need to run an strace to detect the last time I needed to run strace. I wish you well, and I hope you never stop, but just remember that there might be a day when it's gonna be the last time you will ever run strace. You won't realize it, but you will never use strace ever again after that day. Sad...

What do you think of /g/ and Sneed?

I clicked for the Thumbnail and I was mislead. >:(

@LaurieWired , are u maried?) You sooo cute