Howdy one and all. It's been a long time since I posted (or lurked) here. But, I kept receiving the quarterly (monthly?) updates in my email. I have a small issues I've been working on, and when I got the note yesterday, I thought "here's a new avenue...." When I logged in today, the software said that I was last logged in back in 2006 sometime. Wow.

Anyway, I've finished taking the SANS Security 504 class (as I do a lot of incident response.) I was able to do almost everything in the class from my Ubuntu (7.0.4) laptop, even though they recommend Red Hat. There's only a few tools I couldn't find from the repositories. One in particular, Hydan, I had to download, and compile manually. No big deal, though the compilation threw a bunch of errors. I don't know a lot about the errors, and I was hoping someone might know better where the problem lies. Is it Ubuntu? Something else? Easily fixed?

After downloading, I unzipped the tarball. From there, I just followed the directions in the README, and ran make in the directory. Here are the errors that were output:

Code:
cd libdisasm/src/arch/i386/libdisasm && make libdisasm
make[1]: Entering directory `/test/hydan/libdisasm/src/arch/i386/libdisasm'
gcc -I.  -O3 -ggdb   -c -o libdis.o libdis.c
gcc -I.  -O3 -ggdb   -c -o i386_invariant.o i386_invariant.c
i386_invariant.c: In function ‘disasm_invariant_modrm’:
i386_invariant.c:45: warning: incompatible implicit declaration of built-in function ‘memset’
i386_invariant.c:52: warning: incompatible implicit declaration of built-in function ‘memset’
i386_invariant.c:55: warning: incompatible implicit declaration of built-in function ‘memset’
i386_invariant.c: In function ‘disasm_invariant_decode’:
i386_invariant.c:155: warning: incompatible implicit declaration of built-in function ‘memset’
i386_invariant.c:165: warning: incompatible implicit declaration of built-in function ‘memcpy’
i386_invariant.c: In function ‘disasm_invariant’:
i386_invariant.c:233: warning: incompatible implicit declaration of built-in function ‘memcpy’
gcc -I.  -O3 -ggdb   -c -o vm.o vm.c
vm.c: In function ‘vm_add_regtbl_entry’:
vm.c:17: warning: incompatible implicit declaration of built-in function ‘strncpy’
gcc -I.  -O3 -ggdb   -c -o bastard.o bastard.c
bastard.c: In function ‘addrexp_get’:
bastard.c:22: warning: incompatible implicit declaration of built-in function ‘memcpy’
bastard.c: In function ‘addrexp_new’:
bastard.c:40: warning: incompatible implicit declaration of built-in function ‘calloc’
gcc -I.  -O3 -ggdb   -c -o i386.o i386.c
# make .a
ar rc libdisasm.a libdis.o i386_invariant.o vm.o bastard.o i386.o
ranlib libdisasm.a
make[1]: Leaving directory `/test/hydan/libdisasm/src/arch/i386/libdisasm'
gcc -Wall -Ilibdisasm/src/arch/i386/libdisasm -g  -DVARBITS    -c -o hdn_common.o hdn_common.c
In file included from hdn_common.h:12,
                 from hdn_common.c:9:
hydan.h:24:25: error: openssl/evp.h: No such file or directory
hdn_common.c: In function ‘hdn_disassemble_all’:
hdn_common.c:32: warning: pointer targets in assignment differ in signedness
hdn_common.c:37: warning: pointer targets in passing argument 1 of ‘x86_disasm’ differ in signedness
make: *** [hdn_common.o] Error 1
So, if anyone sees anything I might try, let me know. I'd love to get Hydan working.