* Fix nearpc command disassembly instruction count
* Add -r parameter to nearpc to set number of previous instructions to show
* Add -t argument to nearpc
* docs
* Remove old comments
* Fix function parameter type for dev docs check
* Correct number of instructions to pull from cache
* Fix if condition edge case
* Rebase and fix typos
* added kmemtrace class
* added ret trace handler
* added lldb ret trace handler
* making the output more colourful
* added the actual command
* storing output
* temp suspend ctx output
* tracing with mutex
* add option to only trace relevant allocations and frees
* cleaned up
* renaming
* docs
* format
* refactored + addressing comments
* added options to specify the num of lines to disass and heuristics for map/prog_idr
* partial recovery for structs relevant to bpf
* added kbpf command
* added array offset recovery
* added verbose option
* added disass support
* refactored
* added flags
* docs
* typos
* klookup
* using lief to create a blank elf and add symbols to it
* added lief in dependencies
* doc
* fixed add_symbol_file
* changes to tuple
* fix tests
* fix compiler warnings
* fix div by 0 issue
* removed redundant bracket
* Add parse-seccomp command using ceccomp or seccomp-tools
* Fix Typo
* generate doc for parse-seccomp command
* remove redundant variable
* move parse-seccomp from Commands.Misc to Commands.Linux
* Shouldn't use partial read, so set partial to be false
* Refine `vmmap` based on shared cache information
* Remove support for partial overlaps of mappings with the shared cache
* Coaless contiguous vmmap ranges
* Omit Shared Cache entries in `vmmap` by default
* Remove nesting in _refine_memory_map
* Document differences between `aglib` and Debugger API `vmmap`
* Change display format
* implement ng-dump
* clarify index
* fix rebase
* add ability for a property to override color
* make color usage more consistent
* handle ansii in descriptions properly
* add ng-dump test
* finish rename
* add --meta-area flag to ng-dump
* remark on the coloring difference in the command description
* clarify nominal size on freed slots
* port test to lldb
* Update scripts/_docs/gen_docs_generic.py
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix function name change
* Update pwndbg/lib/pretty_print.py
* Update pwndbg/commands/mallocng.py
* lint
---------
Co-authored-by: Disconnect3d <dominik.b.czarnota@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* ng-vis add simple dumping and coloring
* highlight all the in-band metadata
* pull out coloring, add legend, add decoration
* better colors
* add config option for default count
* add an ng-vis test
* swap alloc colors
* make coloring consistent in ng-slotu
* move ng-explain to the bottom of the file
* Fix mallocng tests in LLDB
* port vis test to /dbg
---------
Co-authored-by: Matt <4922458+mbrla0@users.noreply.github.com>
* Add offsets to symbol names in LLDB
* Disable context line reservations if colors are disabled
* LLDB: More aggresively verify memory writes
* LLDB: Add support for disabling ASLR
* Add `-a` flag to `plt` command to show all symbols
* Start shellcode execution at next aligned instruction address, instead of current PC
* Improve execution speed for the `nextproginstr` command
* When resolving address expressions in windgb commands, try resolving as symbol firt
* LLDB: Relay exceptions from commands
* LLDB: Capture stderr in addition to stdout when capturing command output
* Move disabling of line reservations to LLDB test host
* Update docs
* recoverying from rm -rf
* refactored kconfig
* collapsing merge history
* cleaning up
* refactored out buddydump and slab type helpers
* improving bud and slub
* improved arch specific symbol handling
* improved handling of vmemmap and vmalloc bases when symbols do not exist
* misc
* doc
* properly naming kernel symbol files
* try except for cases where ptrace_scope is enabled
* fixing test
* clarify offset extra message
* clarify free and avail slots in ng-explain
* clarify hdr reserved == 7
* fix up donated group message
* fixup is_mmaped() check
* make ng-ctx lookup more strict, better UX
* fix our ctx reference becoming stale
* simplify class Mallocng init code
* fix edge case in ng-find
* change shallow=True to always get the outermost group, instead of the first group hit
* add missing type annotations
* ng-metaarea to dump meta_area objects
* ng-ctx: command to dump the __malloc_context object
* autogen docs
* properly bail if we cant find the __malloc_context
* take the p var out of `from_start`
* Add --show-all flag to cymbol to list all custom structure names
* Fix: Apply ruff formatting to cymbol.py
* Fix: Regenerate cymbol docs for --show-all flag
---------
Co-authored-by: parrot <parrot@localhost.localdomain>
* detect the location of __malloc_context
* MallocContext class
* MetaArea class
* implement Mallocng.containing
* traverse nested groups
* add mallocng-find command
* fixup rebase
* add --shallow option to ng-find
* add --metadata option to ng-find
* add --all to ng-find
* autogen docs & lint
* fix from_start() calculation
* make code more portable by getting rid of magic numbers
* update 'belongs to stack' check
* Mallocng.secret becomes bytearray
but MallocContext.secret stays an int because we will be dumping it
* value -> values + move before loop
* fix secret offset
* get rid of hardcoded struct sizes
* use helper function for extracting ints
* add signed int typeinfo and memory util
* constructing the mallocng types
* cleanup a bit
* mallocng-user-slot
* print meta and group with slot
* ng-meta and ng-group commands
* handle corrupt data structures cleanly
* extra uslot annotations
* support multiple lines of extra
* group size corruption check, bit more annotation
* print both meta and group on ng-group and ng-meta
* fix pretty print to use colored_ljust
* fix for lldb; inferior must be loaded for aglib
* autogen docs
* fixup rebase
* ng-uslot -> ng-slotu
* fix idx calculation edge case
* hex() -> :#x
* str(e) -> e
* precalculate strings in PropertyPrinter::add
* lint
* fix perf issues
* add signed int typeinfo and memory util
* constructing the mallocng types
* cleanup a bit
* mallocng-user-slot
* print meta and group with slot
* ng-meta and ng-group commands
* handle corrupt data structures cleanly
* extra uslot annotations
* support multiple lines of extra
* group size corruption check, bit more annotation
* print both meta and group on ng-group and ng-meta
* fix pretty print to use colored_ljust
* fix for lldb; inferior must be loaded for aglib
* autogen docs
* fixup rebase
* ng-uslot -> ng-slotu
* fix idx calculation edge case
* hex() -> :#x
* str(e) -> e
* precalculate strings in PropertyPrinter::add
* lint
* Implements kdmesg for Linux kernels 5.10+.
* Minor optimizations and fixes to kdmesg.
* Fix lint errors
* Add test_command_kdmesg() to test_commands_kernel.py to test kdmesg.
* Fix lint errors
* Add docs
* Docs
* Improved documentation
* Lint fixes
* Improve documentation
* Fix lint errors
* Add functionality for -T, --ctime argument to print time in human readable format
* Fix lint errors
* Docs update
* Add test for -T arg in kdmesg
* Fix lint errors
* Fix -T arg to reflect current time, not offset
* Fix lint errors
* Bugfix for older versions of the kernel
* Fix lint errors
* Error checks
* Fix lint errors
* Test fix
* Fix lint errors
* page walks
* implemented pagewalk
* added pagewalk test
* improved testing / output
* added docs
* renaming
* actually adding the remamed file
* adding decoration for cpu arch
* Revert "adding decoration for cpu arch"
This reverts commit 84aa120f68.
* added arch check for pagewalk
* refactored pagewalk helpers
* improved pagewalk helper function signature
* refactored a bit more
* refactored a bit more
* removed changes to kernel/vmmap
* add short intro to configuration
* spruce up attachp message
* move notes and examples to appropriate sections, and assert that
* leakfind upd and add probeleak
* track-heap: report chunk size as hex
* add more commands to docs
* add comment to the profiler
* add docstrings for each top-level module
* highlight in profiler description
* fix attachp test
* pwndbg isn't an lldb plugin, mention bata24/gef, update sizes
* rephrase one readme line
* make what about... section more concise
* add a reference to original blog post
* lengthen description for dev-dump-instruction
* unbork go debugging page
* rename misc -> tutorials
* ida integration
* update context command description
* add video example to context docs
* add more clear separation in configuration docs
* proper capitalization on GDB, Pwndbg, LLDB in docs
* lint :P
* upd readme line
* fix tests and more clear grammar
* use `pwndbg` in gif instead of `gdb --quiet`
* update contributing/making-a-gif
* cwatch: move example from features to source
* also mention syscall in dumpargs
* move FEATURES.md to docs/ and factor out stuff
* move integrations out
* move disasm+emu/ redo heap section
* pwndbg->Pwndbg, lldb, windbg, commands section, remove qemu-user section
* commands section
* clarify slab command
* cleanup: readme link, formatting, del extra file
* reduce some screenshot sizes
* Add the rebase address for elf command.
* linting
* linting
* Add file offset and rel address in memory. Build a table for display
* Modify the display information table. Add the coloring based output
* generate docs
* cleanly handle parameter differences
* cleanly handle command differences
* cleanly handle function differences
* add note about supported debuggers for commands and parameters
* reduce h1 bottom margin
* make it more obvious we only support functions in gdb
* autogen docs
* fixup buddydump
* uppercase debugger name in supported debuggers message
* update docs
* added/modified registers for kernel pwning
* added a RegisterContext class for more complex register context handling
* cleaned up register context selection and flag bits
* further cleaned up register context selection
* fixing None deref issue
* handling NoneType registers
* linting
* removed most of the extra register classes
* fully removed extra register classes in commands/context.py
* renamed var so that the linter doesn't confuse the var name with dataclass type name
* some comments on newly added classes
* fixed issues based on suggestions
* fixed issues when debug symbols are not present in x64 kernel
* added full buddy allocator debugging support and abstracted indent context
* added options for pcplist
* added dynamic arg checking and implemented __len__ for GDBValue
* added new ParsedBuddyArgs class and THBs support and improved overall handling
* handling function params using a class to cleanly pass values around such that can find free pages
* added help info
* added comments for newly added classes
* changed cmd name and added test
* added reference and linting
* added docs
* fixed typo
* fixed quotes
* supporting filter by numa node index
* actually filtering by node index
k4lizen
OBarronCS
jxuanli
marywinter3
dbgbgtf
Matt.
patryk4815
Allen Chang
Rachit Kumar Pandey
sh4dowkey
An0nAN4N7
1anp3sk