-
Notifications
You must be signed in to change notification settings - Fork 525
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fulldump problem #1143
Comments
Hey, Yeah I got this issue once and it's very weird. This is because the UI of your shell is to small... Yeah I know it makes no sense, but try to define your shell terminal as full screen size. My guess is that if your terminal is to small, the xmm values does not feet in a line and the peda's parsing failed to parse the value... |
I have the same problem. On the first iteration, after executing this line
According to the output above:
Apparently if we change lines like below:
Now I can save the dump file. But the size of the dump file is different from yours. For example my baby-re.dump file is bigger than yours, however marsanalytica.dump file is smaller than yours. In those conditions solve scripts for baby-re works but for MarsAnalytica's solve script doesn't work. Solve script for Mars Analytica is ending like this:
I think i couldn't fix the peda patch :/ Any help is welcome |
God, I've just checked my 6027 # XMM
6028 #arch, bits = peda.getarch()
6029 #cnt = (8 if bits == 32 else 16)
6030 #for i in range(cnt):
6031 # xmm = peda.execute_redirect("info registers xmm%d" % (i))
6032 # xmm = xmm.splitlines()
6033 # xmm = int(xmm[7].split()[2], 16)
6034 # regs.update({"xmm%d" % (i): xmm} My solution here was probably for years ago and now there is another issue where I ignored it by commenting those line... I will try to fix it. |
Below the new peda patch which will fix this issue: diff --git a/peda.py b/peda.py
index 14a7f5e..215ce3e 100644
--- a/peda.py
+++ b/peda.py
@@ -5998,6 +5998,52 @@ class PEDACmd(object):
return
utils.options = ["int2hexstr", "list2hexstr", "str2intlist"]
+ def fulldump(self, *arg):
+ """
+ Generate a full dump of the current execution
+ Usage:
+ fulldump <filename output>
+ """
+ (filename,) = normalize_argv(arg, 1)
+ if not filename:
+ filename = "fulldump.dump"
+
+ pid = peda.getpid()
+ if not pid:
+ return False
+
+ maps = peda.get_vmmap()
+ if not maps:
+ return False
+
+ memory = list()
+ for s, e, x, f in maps:
+ raw = peda.dumpmem(s, e)
+ memory.append({"start": s, "end": e, "memory": raw, "permissions": x, "name": f})
+
+ # GPR
+ regs = peda.getregs()
+
+ # XMM
+ arch, bits = peda.getarch()
+ cnt = (8 if bits == 32 else 16)
+ for i in range(cnt):
+ xmm = peda.execute_redirect("info registers xmm%d" % (i))
+ offset = xmm.find('uint128')
+ if offset > 0:
+ uint128 = xmm[offset:].replace('\n', '').replace('}', '').split('=')[1]
+ regs.update({"xmm%d" % (i): int(uint128, 16)})
+
+ dump = (regs, memory)
+
+ fd = open(filename, "w")
+ fd.write(repr(dump))
+ fd.close()
+
+ msg("Full dump saved into %s" % (filename))
+
+ return True
+
###########################################################################
class pedaGDBCommand(gdb.Command):
""" I've tested with |
@blue-devil, @0xFF1E071F, can you test the new patch and tell me if it solves the issue on your side too? |
@JonathanSalwan problem is fixed for me. I have checked for both binaries, baby-re and MarsAnalytica. Note on MarsAnalytica: How the did you find/calculate this address -0xc4d42a- on line Thank you very much Jonathan; you have spent your time on this weekend! |
At the beginning, the script was executing the full trace but when I understood that I found the good serial, I just piked up a random address to define it as an end point of execution. You can remove it if you want and it will execute the full trace and prints "Access Granted". But as it takes time to execute I just used this address to stop the execution in order to speedup my unittests workflow. |
@JonathanSalwan +1 I have tried the new patch and it is working. Thank you very much, you can close the issue. |
Hello Jonathan;
I am trying to walk-through baby-re for learning Triton. But i am stuck while creating a fulldump.
I am using ArchLinux + XFCE
gdb: 12.1
python: 3.10.5
peda: 1.2
peda patch from you
This is the output of gdb with baby-re
OK, so no dump file created, unfortunately. And I've opened patched
peda.py
and start searching for the bug. At least on may machine this line is the problem:I've added msg(xmm) lines to find if there is any output. This way, maybe, is so wrong, i don't know but i cannot go further. I cannot get a fulldump of any binary.
The text was updated successfully, but these errors were encountered: