GDB Enhanced Features (a.k.a. GEF)
GEF (pronounced ʤɛf - "Jeff") is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime.
Simply make sure you have GDB 7.7 or higher compiled with Python2 or Python3 bindings, then:
# via the install script $ wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh # manually $ wget -O ~/.gdbinit-gef.py -q https://github.com/hugsy/gef/raw/master/gef.py $ echo source ~/.gdbinit-gef.py >> ~/.gdbinit
Then just start playing:
$ gdb -q /path/to/my/bin gef➤ gef help
A few of
GEF features include:
- One single GDB script.
- Entirely OS Agnostic, NO dependencies:
GEFis battery-included and is installable in 2 seconds (unlike PwnDBG).
- Fast limiting the number of dependencies and optimizing code to make the commands as fast as possible (unlike PwnDBG).
- Provides a great variety of commands to drastically change your experience in GDB.
- Easily extendable to create other commands by providing more comprehensible layout to GDB Python API.
- Works consistently on both Python2 and Python3.
- Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc. (unlike PEDA)
- Suited for real-life apps debugging, exploit development, just as much as CTF (unlike PEDA or PwnDBG)
Check out the Screenshot page for more.
Unlike other GDB plugins, GEF has an extensive and up-to-date documentation. Users are recommended to refer to it as it may help them in their attempts to use GEF. In particular, new users should navigate through it (see the FAQ for common installation problems), and the problem persists, try to reach out for help on the IRC channel or submit an issue.
And special thanks to Pedro "TheZakMan" Araujo for the logo!.