This commit adds a `xinfo` command that calculates the offset of a
specified address to other interesting locations within the address
space:
* In the most general case, simply the offset of the pointer into the
current mapping is displayed.
* If the address specified is a stack adress, the offsets to the top and
the bottom of the stack, as well as to the current stack pointer,
frame pointer and stack canary are displayed.
* If the address points into a memory mapped file, the command
additionally shows the offset to the beginning of the file in memory and
on disk.
* Add elf.find_elf_magic() and remove duplicate code
* Add pwndbg.abi.LinuxOnly decorator
* Support bare metal environment
Use @pwndbg.abi.LinuxOnly and pwndbg.abi.linux to disable
several util functions which search the memory to find
the AUXV, the ELF header, or the page bound.
* Fixes `u` command `module object is not callable` (#310)
pwndbg> u 0x404030
'u': Starting at the specified address, disassemble
N instructions (default 5).
Traceback (most recent call last):
File "/home/dc/installed/pwndbg/pwndbg/commands/__init__.py", line 99, in __call__
return self.function(*args, **kwargs)
File "/home/dc/installed/pwndbg/pwndbg/commands/__init__.py", line 191, in _OnlyWhenRunning
return function(*a, **kw)
File "/home/dc/installed/pwndbg/pwndbg/commands/windbg.py", line 292, in u
pwndbg.commands.nearpc(where, n)
TypeError: 'module' object is not callable
* Fix malloc chunk names (#318)
* heap: respect rename of malloc_chunk fields
newer glibc uses different names for the fields of malloc_chunk
* move value_from_type to typeinfo and rename to read_gdbvalue
* add comment about renaming of `[prev_]size`
* Workaround for gdb remote target search bug described in #321 (#322)
* Fixes issue when we try to display context while selected thread is running #299 (#331)
* Fix tag_release (#348)
* Fix "dt" offsets which are sometimes floating-point (#355)
* Fixes#362 - broken entry command (#363)
This is a simple typo, but the error message that GDB gave was interesting:
Previously, if you stopped on an instruction that does an indirect jump, like
this:
```
jmp [ecx*4 + 0xdeadbeef]
```
then pwndbg would the following exception:
```
gdb.error: evaluation of this expression requires the program to have a function "malloc".
```
The reason is that the code used `memory_sz` and passed that to gdb.Value, thus
creating a string value. When casting the string to a pointer later, GDB tries
to allocate a string in the inferior which failed since malloc is not available.
The fix is, of course, to use the correct function (`memory`) that returns an
int and not a string.
* Fix hard error when something else (not IDA) listens on IDA's port
The default IDA port is 8888 and it can happen that some other program (such as
a jupyter notebook) is listening on that address. This made pwndbg unusable,
because it would crash trying to connect to IDA.
* add timeout to ida connect
* Fix withHexrays decorator not returning wrapper function
* IDA xmlrpc: add cfuncptr_t marshaller & better errors
* IDA xmlrpc server: add shutdown() which can be used for dev
* Small refactor of context.py
* Fix context Hexrays decompiled code display
* Added --all flag to dumpargs command
This gives possibility to dump all register argument even
if we failed to resolve arguments from metadatas.
* Display info when dumpargs not resolved call args
* Dumpargs: changed --all to --force
* Revert telescope changes as it fails when we are not on call instruction.
* Fix isort
* Fix malloc chunk names (#318)
* heap: respect rename of malloc_chunk fields
newer glibc uses different names for the fields of malloc_chunk
* move value_from_type to typeinfo and rename to read_gdbvalue
* add comment about renaming of `[prev_]size`
* Workaround for gdb remote target search bug described in #321 (#322)
Canary command:
* Displays telescope result of places where canaries are located
* Moved to its own file (`pwndbg/commands/canary.py`)
* Moved to `ArgparsedCommand` (as discussed in https://github.com/pwndbg/pwndbg/issues/244)
* added command got to display status of the got table
Signed-off-by: degrigis <degrigis@gmail.com>
* return when checksec is not available and added decorator OnlyWhenRunning
Signed-off-by: degrigis <degrigis@gmail.com>
* removed duplicated code for pie and not pie binaries
Signed-off-by: degrigis <degrigis@gmail.com>
* inserted support function to get checksec output and performed all requirements check initially
Signed-off-by: degrigis <degrigis@gmail.com>
* corrected typo
Signed-off-by: degrigis <degrigis@gmail.com>
* reorganized the command got splitting the code in library routines and moved the checksec internal function in a separate module
Signed-off-by: degrigis <degrigis@gmail.com>
* handled exception directly inside functions and enhanced code
Signed-off-by: degrigis <degrigis@gmail.com>
* extracted only column in readelf output and enhanced exception handling
Signed-off-by: degrigis <degrigis@gmail.com>
* fix exception handling returning subprocess error
Signed-off-by: degrigis <degrigis@gmail.com>
* removed unused import and reordered
Signed-off-by: degrigis <degrigis@gmail.com>
* reordered imports
Signed-off-by: degrigis <degrigis@gmail.com>
* added wrappers module and refactored some code
Signed-off-by: degrigis <degrigis@gmail.com>
* removed not useful comment
Signed-off-by: degrigis <degrigis@gmail.com>
* removed unused import
Signed-off-by: degrigis <degrigis@gmail.com>
* moved comments in docstring
Signed-off-by: degrigis <degrigis@gmail.com>
* refactored code to use partial functions, simplified code
Signed-off-by: degrigis <degrigis@gmail.com>
* simplified a loc
Signed-off-by: degrigis <degrigis@gmail.com>
* capslock char fixed
Signed-off-by: degrigis <degrigis@gmail.com>
* removed unuseful pwndbg.arch.ptrsize check
Signed-off-by: degrigis <degrigis@gmail.com>
* refactored code and added the new module wrapper that contains every new wrapper module
Signed-off-by: degrigis <degrigis@gmail.com>
* used class style decorator for wrapper and improved code style
Signed-off-by: degrigis <degrigis@gmail.com>
* changed return with print for errors
Signed-off-by: degrigis <degrigis@gmail.com>
* removed prints debug and statically linked check moved at the top of the got function
Signed-off-by: degrigis <degrigis@gmail.com>
* refactored OnlyWithCommand decorator
Signed-off-by: degrigis <degrigis@gmail.com>
* wrappers are OnlyWithFile now
Signed-off-by: degrigis <degrigis@gmail.com>
* redirected stderr to stdout in subprocess.check_output and memoized the wrappers for readelf/file/checksec
Signed-off-by: degrigis <degrigis@gmail.com>
* reordered an import
Signed-off-by: degrigis <degrigis@gmail.com>
* removed pdb
Signed-off-by: degrigis <degrigis@gmail.com>
* fixed format string and removed desc from got command
Signed-off-by: degrigis <degrigis@gmail.com>
* consolidated decorators
Signed-off-by: degrigis <degrigis@gmail.com>
* merging
Signed-off-by: degrigis <degrigis@gmail.com>
* reordered import for travis
Signed-off-by: degrigis <degrigis@gmail.com>
* refactored some code
Signed-off-by: degrigis <degrigis@gmail.com>
* resolve travis complains
Signed-off-by: degrigis <degrigis@gmail.com>
* docstring for _extract_jumps
Signed-off-by: degrigis <degrigis@gmail.com>
* fixed isort
Signed-off-by: degrigis <degrigis@gmail.com>
* f*** isort
Signed-off-by: degrigis <degrigis@gmail.com>
pwndbg> u 0x404030
'u': Starting at the specified address, disassemble
N instructions (default 5).
Traceback (most recent call last):
File "/home/dc/installed/pwndbg/pwndbg/commands/__init__.py", line 99, in __call__
return self.function(*args, **kwargs)
File "/home/dc/installed/pwndbg/pwndbg/commands/__init__.py", line 191, in _OnlyWhenRunning
return function(*a, **kw)
File "/home/dc/installed/pwndbg/pwndbg/commands/windbg.py", line 292, in u
pwndbg.commands.nearpc(where, n)
TypeError: 'module' object is not callable
* Fix got command when using pwntool
Fixes `got` command by changing `call_program` wrapper to pipe stderr to stdout.
This is because there are two `checksec`s:
* the checksec script
* checksec script from pwntools
The latter prints output into stderr and because of that we couldn't detect proper RELRO status (as ggot command parsed an empty string).
* Fix got command error paths
* Got command _extract_jumps comment
* Add documentation for pwndbg.search
* Filter mappings in search command, provide an error message
* Fix issue when searching for strings
* Fix mapping vs mappings confusion
* added command got to display status of the got table
Signed-off-by: degrigis <degrigis@gmail.com>
* return when checksec is not available and added decorator OnlyWhenRunning
Signed-off-by: degrigis <degrigis@gmail.com>
* removed duplicated code for pie and not pie binaries
Signed-off-by: degrigis <degrigis@gmail.com>
* inserted support function to get checksec output and performed all requirements check initially
Signed-off-by: degrigis <degrigis@gmail.com>
* corrected typo
Signed-off-by: degrigis <degrigis@gmail.com>
* reorganized the command got splitting the code in library routines and moved the checksec internal function in a separate module
Signed-off-by: degrigis <degrigis@gmail.com>
* handled exception directly inside functions and enhanced code
Signed-off-by: degrigis <degrigis@gmail.com>
* extracted only column in readelf output and enhanced exception handling
Signed-off-by: degrigis <degrigis@gmail.com>
* fix exception handling returning subprocess error
Signed-off-by: degrigis <degrigis@gmail.com>
* removed unused import and reordered
Signed-off-by: degrigis <degrigis@gmail.com>
* reordered imports
Signed-off-by: degrigis <degrigis@gmail.com>
* added wrappers module and refactored some code
Signed-off-by: degrigis <degrigis@gmail.com>
* removed not useful comment
Signed-off-by: degrigis <degrigis@gmail.com>
* removed unused import
Signed-off-by: degrigis <degrigis@gmail.com>
* moved comments in docstring
Signed-off-by: degrigis <degrigis@gmail.com>
* refactored code to use partial functions, simplified code
Signed-off-by: degrigis <degrigis@gmail.com>
* simplified a loc
Signed-off-by: degrigis <degrigis@gmail.com>
* capslock char fixed
Signed-off-by: degrigis <degrigis@gmail.com>
* removed unuseful pwndbg.arch.ptrsize check
Signed-off-by: degrigis <degrigis@gmail.com>
* Clean up some unnecessary closures in pwndbg.commands
* A bit of cleanup, and a change to split_args
* Move SystemExit except block
* Actually fix command crashes
* A bit of docs
* Attempt to make exception handling a little bit better
* More better errors
* Fix docs
Disconnect3d
Julian Kirsch
Meng-Huan Yu
Devin Neal
Zach Riggle
KillPinguin
Zach Riggle
Benno Fünfstück
Jonny Balls
Aaron Sedlacek
degrigis
Disconnect3d
Levente Polyak
pyllyukko