* Add vmlinux command to load kernel syms from bzImage/vlinux
This commit implements the `vmlinux` command that loads kernel debug
symbols from a `bzImage` or `vmlinux` files. It works by loading it
through `vmlinux-to-elf` tool that needs to be in `$PATH` or provided as
`--tool <path>` argument.
I am not sure but for some reason it doesn't work for me that the tool
is in `$PATH` and I have to pass it as argument.
Then the `vmlinux` command extracts the kernel ELF from the kernel
object file and then loads it at appropriate kernel base address
detected by Pwndbg.
This then makes commands such as `kmod` to work correctly.
This is still WIP, but can be merged in current form.
It needs:
1. Vendoring of vmlinux-to-elf tool.
1. Caching of the resulting kernel ELF file as we currently re-create it
on each call to `vmlinux` command.
* add docs
* small print change
* lint fixup
* Fix nearpc command disassembly instruction count
* Add -r parameter to nearpc to set number of previous instructions to show
* Add -t argument to nearpc
* docs
* Remove old comments
* Fix function parameter type for dev docs check
* Correct number of instructions to pull from cache
* Fix if condition edge case
* Rebase and fix typos
* added kmemtrace class
* added ret trace handler
* added lldb ret trace handler
* making the output more colourful
* added the actual command
* storing output
* temp suspend ctx output
* tracing with mutex
* add option to only trace relevant allocations and frees
* cleaned up
* renaming
* docs
* format
* refactored + addressing comments
* added options to specify the num of lines to disass and heuristics for map/prog_idr
* partial recovery for structs relevant to bpf
* added kbpf command
* added array offset recovery
* added verbose option
* added disass support
* refactored
* added flags
* docs
* typos
* klookup
* using lief to create a blank elf and add symbols to it
* added lief in dependencies
* doc
* fixed add_symbol_file
* changes to tuple
* fix tests
* fix compiler warnings
* fix div by 0 issue
* removed redundant bracket
* Add parse-seccomp command using ceccomp or seccomp-tools
* Fix Typo
* generate doc for parse-seccomp command
* remove redundant variable
* move parse-seccomp from Commands.Misc to Commands.Linux
* Shouldn't use partial read, so set partial to be false
* Refine `vmmap` based on shared cache information
* Remove support for partial overlaps of mappings with the shared cache
* Coaless contiguous vmmap ranges
* Omit Shared Cache entries in `vmmap` by default
* Remove nesting in _refine_memory_map
* Document differences between `aglib` and Debugger API `vmmap`
* Change display format
* implement ng-dump
* clarify index
* fix rebase
* add ability for a property to override color
* make color usage more consistent
* handle ansii in descriptions properly
* add ng-dump test
* finish rename
* add --meta-area flag to ng-dump
* remark on the coloring difference in the command description
* clarify nominal size on freed slots
* port test to lldb
* Update scripts/_docs/gen_docs_generic.py
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix function name change
* Update pwndbg/lib/pretty_print.py
* Update pwndbg/commands/mallocng.py
* lint
---------
Co-authored-by: Disconnect3d <dominik.b.czarnota@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* ng-vis add simple dumping and coloring
* highlight all the in-band metadata
* pull out coloring, add legend, add decoration
* better colors
* add config option for default count
* add an ng-vis test
* swap alloc colors
* make coloring consistent in ng-slotu
* move ng-explain to the bottom of the file
* Fix mallocng tests in LLDB
* port vis test to /dbg
---------
Co-authored-by: Matt <4922458+mbrla0@users.noreply.github.com>
* Add offsets to symbol names in LLDB
* Disable context line reservations if colors are disabled
* LLDB: More aggresively verify memory writes
* LLDB: Add support for disabling ASLR
* Add `-a` flag to `plt` command to show all symbols
* Start shellcode execution at next aligned instruction address, instead of current PC
* Improve execution speed for the `nextproginstr` command
* When resolving address expressions in windgb commands, try resolving as symbol firt
* LLDB: Relay exceptions from commands
* LLDB: Capture stderr in addition to stdout when capturing command output
* Move disabling of line reservations to LLDB test host
* Update docs
* recoverying from rm -rf
* refactored kconfig
* collapsing merge history
* cleaning up
* refactored out buddydump and slab type helpers
* improving bud and slub
* improved arch specific symbol handling
* improved handling of vmemmap and vmalloc bases when symbols do not exist
* misc
* doc
* properly naming kernel symbol files
* try except for cases where ptrace_scope is enabled
* fixing test
* clarify offset extra message
* clarify free and avail slots in ng-explain
* clarify hdr reserved == 7
* fix up donated group message
* fixup is_mmaped() check
* make ng-ctx lookup more strict, better UX
* fix our ctx reference becoming stale
* simplify class Mallocng init code
* fix edge case in ng-find
* change shallow=True to always get the outermost group, instead of the first group hit
* add missing type annotations
* ng-metaarea to dump meta_area objects
* ng-ctx: command to dump the __malloc_context object
* autogen docs
* properly bail if we cant find the __malloc_context
* take the p var out of `from_start`
* Add --show-all flag to cymbol to list all custom structure names
* Fix: Apply ruff formatting to cymbol.py
* Fix: Regenerate cymbol docs for --show-all flag
---------
Co-authored-by: parrot <parrot@localhost.localdomain>
* detect the location of __malloc_context
* MallocContext class
* MetaArea class
* implement Mallocng.containing
* traverse nested groups
* add mallocng-find command
* fixup rebase
* add --shallow option to ng-find
* add --metadata option to ng-find
* add --all to ng-find
* autogen docs & lint
* fix from_start() calculation
* make code more portable by getting rid of magic numbers
* update 'belongs to stack' check
* Mallocng.secret becomes bytearray
but MallocContext.secret stays an int because we will be dumping it
* value -> values + move before loop
* fix secret offset
* get rid of hardcoded struct sizes
* use helper function for extracting ints
* add signed int typeinfo and memory util
* constructing the mallocng types
* cleanup a bit
* mallocng-user-slot
* print meta and group with slot
* ng-meta and ng-group commands
* handle corrupt data structures cleanly
* extra uslot annotations
* support multiple lines of extra
* group size corruption check, bit more annotation
* print both meta and group on ng-group and ng-meta
* fix pretty print to use colored_ljust
* fix for lldb; inferior must be loaded for aglib
* autogen docs
* fixup rebase
* ng-uslot -> ng-slotu
* fix idx calculation edge case
* hex() -> :#x
* str(e) -> e
* precalculate strings in PropertyPrinter::add
* lint
* fix perf issues
* add signed int typeinfo and memory util
* constructing the mallocng types
* cleanup a bit
* mallocng-user-slot
* print meta and group with slot
* ng-meta and ng-group commands
* handle corrupt data structures cleanly
* extra uslot annotations
* support multiple lines of extra
* group size corruption check, bit more annotation
* print both meta and group on ng-group and ng-meta
* fix pretty print to use colored_ljust
* fix for lldb; inferior must be loaded for aglib
* autogen docs
* fixup rebase
* ng-uslot -> ng-slotu
* fix idx calculation edge case
* hex() -> :#x
* str(e) -> e
* precalculate strings in PropertyPrinter::add
* lint
* Implements kdmesg for Linux kernels 5.10+.
* Minor optimizations and fixes to kdmesg.
* Fix lint errors
* Add test_command_kdmesg() to test_commands_kernel.py to test kdmesg.
* Fix lint errors
* Add docs
* Docs
* Improved documentation
* Lint fixes
* Improve documentation
* Fix lint errors
* Add functionality for -T, --ctime argument to print time in human readable format
* Fix lint errors
* Docs update
* Add test for -T arg in kdmesg
* Fix lint errors
* Fix -T arg to reflect current time, not offset
* Fix lint errors
* Bugfix for older versions of the kernel
* Fix lint errors
* Error checks
* Fix lint errors
* Test fix
* Fix lint errors
* page walks
* implemented pagewalk
* added pagewalk test
* improved testing / output
* added docs
* renaming
* actually adding the remamed file
* adding decoration for cpu arch
* Revert "adding decoration for cpu arch"
This reverts commit 84aa120f68.
* added arch check for pagewalk
* refactored pagewalk helpers
* improved pagewalk helper function signature
* refactored a bit more
* refactored a bit more
* removed changes to kernel/vmmap
* add short intro to configuration
* spruce up attachp message
* move notes and examples to appropriate sections, and assert that
* leakfind upd and add probeleak
* track-heap: report chunk size as hex
* add more commands to docs
* add comment to the profiler
* add docstrings for each top-level module
* highlight in profiler description
* fix attachp test
* pwndbg isn't an lldb plugin, mention bata24/gef, update sizes
* rephrase one readme line
* make what about... section more concise
* add a reference to original blog post
* lengthen description for dev-dump-instruction
* unbork go debugging page
* rename misc -> tutorials
* ida integration
* update context command description
* add video example to context docs
* add more clear separation in configuration docs
* proper capitalization on GDB, Pwndbg, LLDB in docs
* lint :P
* upd readme line
* fix tests and more clear grammar
* use `pwndbg` in gif instead of `gdb --quiet`
* update contributing/making-a-gif
* cwatch: move example from features to source
* also mention syscall in dumpargs
* move FEATURES.md to docs/ and factor out stuff
* move integrations out
* move disasm+emu/ redo heap section
* pwndbg->Pwndbg, lldb, windbg, commands section, remove qemu-user section
* commands section
* clarify slab command
* cleanup: readme link, formatting, del extra file
* reduce some screenshot sizes
jxuanli
k4lizen
Disconnect3d
OBarronCS
marywinter3
dbgbgtf
Matt.
patryk4815
Allen Chang
Rachit Kumar Pandey
sh4dowkey
An0nAN4N7