New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Google Summer of Code 2024 project ideas #2014
Comments
Built-in hex editor like this: #1043DescriptionIt would be nice to be able to more easily edit memory while in GDB, e.g. via hex editor, in some interactive manner, perhaps via ncurses UI. Project information
Expected OutcomeAbility to edit memory within Pwndbg in an interactive hex editor. |
Add LLDB debugger support to PwndbgDescriptionpwndbg is currently tied to a single debugger: GDB. While usually this is not a problem, there are cases when one would want to use the LLDB debugger instead of GDB, for example, for debugging Android apps or services, because according to Android GDB is no longer supported or provided. In this project idea, we would like to refactor Pwndbg to be debugger agnostic and add support for the LLDB debugger. This would require the contributor to:
A part of pwndbg refactoring to make it debugger agnostic has been done by splitting pwndbg codebase into Project information
Expected Outcome
|
jemalloc Heap InspectionDescriptionpwndbg's heap inspector only supports GLIBC's default memory allocator. I think there's appetite for supporting other popular dynamic memory allocators e.g. jemalloc I believe jemalloc is suitable for this project because it can easily integrate into existing development environments, an Project Size & DifficultyI consider this a medium-sized project at ~175 hours.
Expected Outcome
Resourcespwndbg's |
Improve certain commandsThis is a project to improve the following commands:
Project information
|
Enhancing Pwndbg Landing PageDescriptionPwndbg, an open-source debugger for the GNU/Linux platform, plays a critical role in the security community by providing powerful features for reverse engineering and exploit development. As part of this Google Summer of Code project, we aim to enhance the landing page of Pwndbg, making it more accessible, user-friendly, and informative for both new and experienced users. Project information
Expected outcome
|
Dynamic features screenshots with annotations for docsDescriptionThis enhancement aims to provide users with visual guidance and insight into Pwndbg's capabilities, making it easier for them to understand and utilize its powerful debugging functionalities. Project Size & Difficulty:
The project size is medium, requiring proficiency in web development technologies such as HTML, CSS, JavaScript, and Python. Familiarity with libraries for generating and manipulating images, such as Pillow for Python, will be beneficial. Additionally, understanding SVG (Scalable Vector Graphics) documentation and integration will be necessary for creating annotated screenshots. This project offers an exciting opportunity for a motivated student to contribute to Pwndbg while gaining experience in image generation, annotation, and web development. Feature Description:
By implementing this feature, you will contribute to making Pwndbg more user-friendly and accessible, enhancing its educational value and usability for developers and security enthusiasts worldwide. This project will provide you with valuable experience in image generation, annotation, and documentation, as well as exposure to the cybersecurity community and open-source development practices. |
Golden Sample Tests for all pwndbg featuresProject Size & Difficulty:
Feature Description:
This project presents an opportunity to enhance the quality and robustness of Pwndbg, contributing to its reputation as a reliable and trustworthy tool in the cybersecurity community. You will gain valuable experience in test automation, quality assurance, and software engineering best practices, positioning you as a skilled contributor to open-source projects and future software development endeavors. |
I think pwndbg is now successfully accepted under PSF. Mentioned here: https://python-gsoc.org/ideas.html |
@jetchirag Yup, I edited the main post once more to reflect that we are now a sub-org of Python org in GSoC 2024. |
Below I list Pwndbg organization project ideas for Google Summer of Code 2024.
Resolution / EDIT2: Pwndbg is a sub-org for the Python organization in GSoC 2024
Most of the projects here are only about Pwndbg and would require the contributor to write Python code and send PRs to this repository. However, since Pwndbg is a GDB plugin, it would benefit from improving GDB as well. Because of this, we may list a project idea about GDB - which is written in C - and which would require sending patches to it instead of Pwndbg. We would of course mentor these project ideas as well if a contributor decides to do that.
Unless otherwise stated, the projects require knowledge of Python programming language, GDB debugging and a little bit of C or C++.
Linux kernel debugging: more libslub features
Description
When researching Linux kernel bugs it is useful to have an insight into the Linux kernel SLAB/SLUB allocator[s].
A part of this is already implemented as a
slab
command in Pwndbg. We want this extended further with more features by integrating or porting the features from https://github.com/nccgroup/libslub into Pwndbg.For what is worth, we have an established chat with libslub developers and they would help mentor this project if its choosen.
Ideally this would be done in such a way that the new module could be used as a mostly standalone tool (for instance to allow use by gef users), while still leveraging pwndbg API. Ideally the module would also be fully integrated into pwndbg as a regular module for pwndbg users. There is already a WIP fork that partially integrates into pwndbg, however completing this work would also involve modularizing core parts of pwndbg to make it possible to work standalone without conflicting with other plugins. The existing WIP fork also adds significant number of kernel tests, which could be further improved.
Project information
Expected Outcome
slab {list,info,contains}
commands to support use cases available in libslubLinux kernel debugging: load kernel symbols from kallsyms
Description
Our users sometimes debug Linux kernel without debug symbols, e.g., during a CTF security competition or when debugging a kernel dumped from an embedded device.
Most Linux kernels keep track of its symbol addresses and allows reading them from the
/proc/kallsyms
file. This means that the symbol information is somewhere in the Linux kernel memory and can be fetched with us to provide better UX.This loading should be implemented as a
kallsyms
command.Project information
Expected Outcome
kallsyms -l|--load <file>
command that would parse a kallsyms file from a given path and set up its symbols in the current debugging sessionkallsyms
commandResources
kallsyms
commandAnnotate dissassembly code for architecture through emulation
Pwndbg uses Capstone disassembler which provides lots of metadata information about instructions, e.g., whether an instruction is a jump. This is currently used mostly to determine which instructions are jumps or calls so that we can emulate code up until the branch and show the user whether a branch is taken or not.
However, we can do better than that: since we are emulating the code up until a branch anyway, we can show the values of certain registers or memory locations in the disassembly.
Such a feature has already been developed in #2001 for the X86-64 architecture which will be soon reviewed and merged.
The idea of this project is to do the same, but for other architectures that are supported by Pwndbg and Capstone: arm, arm64 (aarch64), risc-v (and maybe some other too).
This may be a big effort project and ideally, some of the code can probably be abstract/put in a base class to be used by many architectures.
Project information
Expected Outcome
Improve
procinfo
displayThe main idea of this project is to improve the information provided by the Pwndbg's
procinfo
command by:The Pwndbg's
procinfo
command shows various process information that can normally be seen in procfs (/proc/$pid/) files including a list of file descriptors that the process has opened. This list, apart from listing the file descriptor numbers, also shows the target filepaths or connection information for TCP sockets.An example output can be seen below (for
gdb nc
+run onet.pl 80
):Here, we can see that fds=0-2 points to /dev/pts/1 and that fd=3 corresponds to a TCP connection with the given IP and port data.
For sockets, we can do better for Netlink sockets and for Unix domain sockets (UDS) by:
All of this would be very useful when debugging a new target for the first time and investigating what are all the file descriptors - files, sockets etc. - it interacts at a given time. It can be useful when looking at things like Chrome and Firefox and figuring out the IPCs they talk to.
Optionally, this project can be extended further by moving the relevant feature of parsing procfs files and returning specific information to a separate library and using this library as a dependency in Pwndbg. This would allow other Python projects to benefit from the same code.
Project information
Expected Outcome
procinfo
command display with more process information such as: seccomp mode, NoNewPrivs flag, linux namespaces information, user namespaces mappings (uid_map, gid_map), linux capabilitiesprocinfo
command display for socket file descriptors[GDB?] Add an option to ask user if a fork follows parent or child
It would be nice if Pwndbg would have an option to stop on
fork
calls and ask the user if they want to continue debugging the child, or, the parent.Note that there is a
set follow-fork-mode [parent|child]
option in GDB that does this, but here we want a better UX by giving the user a choice before the fork happens.I mark this as
[GDB?]
since this can be implemented either in Pwndbg, as a command that will be executed beforefork
syscalls, or, in GDB which could be another option offollow-fork-mode
.This would have to be discussed with GDB folks but I am pretty sure they would accept such an option.
Project information
Expected Outcome
The text was updated successfully, but these errors were encountered: