Before this commit, running `asm mov rax, 0xdeadbeef` would not work on amd64 targets because the default arch was set in the argparse default argument value and it was populated once.
Now, this `default=...` kwarg is not set and instead we fetch current arch inside the `asm` command directly when the user did not pass any architecture value.
using the "PIP_NO_CACHE_DIR" env with pip install, make sure downloaded packages by pip don't cache on the system. This is a best practice that makes sure to fetch from a repo instead of using a local cached one. Further, in the case of Docker Containers, by restricting caching, we can reduce image size. In terms of stats, it depends upon the number of python packages multiplied by their respective size. e.g for heavy packages with a lot of dependencies it reduces a lot by don't cache pip packages.
Further, more detailed information can be found at
https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6
Signed-off-by: Pratik Raj <rajpratik71@gmail.com>
* Add a helper command to find valid one_gadget for current context
* Refactor the function for getting section address
* Rename the command to onegadget for more convenient typing
* Make the output format cleaner
* Add a simple cache mechanism for the one_gadget output
* Update the warning message
* Use MD5 instead of BLAKE2 for computing the file hash
I thought that BLAKE2 was faster than MD5, but it doesn't seem correct here somehow (probably because of the implementation of Python!?)
Here's the script I used for benchmarking:
```python
import hashlib
import timeit
def compute_file_hash_1() -> str:
h = hashlib.blake2b()
with open("/lib/x86_64-linux-gnu/libc.so.6", "rb") as f:
h.update(f.read())
return h.hexdigest()
def compute_file_hash_2() -> str:
h = hashlib.md5()
with open("/lib/x86_64-linux-gnu/libc.so.6", "rb") as f:
h.update(f.read())
return h.hexdigest()
print(timeit.timeit(compute_file_hash_1, number=1000))
print(timeit.timeit(compute_file_hash_2, number=1000))
```
I executed the above script on various machines, and the results seem to show that MD5 outperforms BLAKE2 in this scenario. (On my x86 VM running through QEMU on my M1 MacBook, BLAKE2 even takes almost twice as long as MD5.)
* Add the tests for `onegadget` command
* Fix lint issue
* Try to cover more code
* Fix lint issue
* Fix illogical tests
* Rename one_gadget to onegadget
* Use `pwndbg.lib.tempfile.cachedir` for `onegadget`
* Call `pwndbg.lib.tempfile.cachedir` only once
* Add support for breaking on UAF
* Small fixes and documentation
* Add a command to enable and disable tracking, better diagnostics
* Add initial support for calloc and realloc
* Better safeguard against matching ld.so malloc
* Small fixes
* Better interface for managing the heap tracker. More terse and information dense diagnostics
* Add warning and fix lints
* Update poetry lock
* add missing install dep for shfmt
* if we're given an ubuntu version and its not 20.04.. then install shfmt
* fix broken check for if no argument was passed to install_apt
This commit adds a `[filename]` argument to the `cyclic` command.
This makes it possible to do things like `cyclic 100 input` and `run < input` which was a feature Peda users used in the past.
Here is the full new help for cyclic command:
```
pwndbg> help cyclic
usage: cyclic [-h] [-a charset] [-n length] [-l lookup_value | count] [filename]
Cyclic pattern creator/finder.
positional arguments:
count Number of characters to print from the sequence (default: print the
entire sequence) (default: 100)
filename Name (path) of the file to save the cyclic pattern to (default: )
options:
-h, --help show this help message and exit
-a charset, --alphabet charset
The alphabet to use in the cyclic pattern (default:
abcdefghijklmnopqrstuvwxyz)
-n length, --length length
Size of the unique subsequences (defaults to the pointer size for the
current arch)
-l lookup_value, -o lookup_value, --offset lookup_value, --lookup lookup_value
Do a lookup instead of printing the sequence (accepts constant values
as well as expressions)
```
It turned out that in some cases - e.g. when installing Pwndbg on Fedora 39 which uses Python 3.12, Pwndbg does not work failing with:
```
Traceback (most recent call last):
File "/home/hhlp/.pwndbg/gdbinit.py", line 74, in <module>
import pwndbg # noqa: F401
^^^^^^^^^^^^^
File "/home/hhlp/.pwndbg/pwndbg/__init__.py", line 9, in <module>
import pwndbg.commands
File "/home/hhlp/.pwndbg/pwndbg/commands/__init__.py", line 24, in <module>
from pwndbg.heap.ptmalloc import DebugSymsHeap
File "/home/hhlp/.pwndbg/pwndbg/heap/ptmalloc.py", line 18, in <module>
import pwndbg.disasm
File "/home/hhlp/.pwndbg/pwndbg/disasm/__init__.py", line 14, in <module>
import capstone
File "/home/hhlp/.pwndbg/.venv/lib/python3.12/site-packages/capstone/__init__.py", line 326, in <module>
import distutils.sysconfig
ModuleNotFoundError: No module named 'distutils'
(gdb)
```
It turns out that `distutils` package was removed in Python 3.12 and it is now provided by the `setuptools` module.
This commit fixes this issue by adding `setuptools` as a direct Pwndbg dependency.
Liu Jiayin
Gulshan Singh
Disconnect3d
Pratik Raj
Niko
patryk4815
Alan Li
Matt
smiley
Nguyen Viet Dung
Albert Gierlach
Hubert Jasudowicz
∂ω∂
Niko