Feature parity with GEF

[zachriggle]

These can be enumerated easily via: gdb --nx --nh --command gef/gef.py --ex 'gef'

• aslr -- View/modify GDB ASLR behavior.
• capstone-disassemble -- Use capstone disassembly framework to disassemble code. (alias: cs-dis)
  • We always use Capstone
• canary -- Shows the canary value of the current process. Apply the techique
• capstone-disassemble -- Use capstone disassembly framework to disassemble code. (alias: cs-dis)
  • We always use capstone
• checksec -- Checksec.sh (http://www.trapkit.de/tools/checksec.html) port.
• context -- Display execution context. (alias: ctx)
• ctf-exploit-templater -- Generates a ready-to-use exploit template for CTF.
  • Won't implement, use pwntools's pwn template.
• dereference -- Dereference recursively an address and display information
• dump-memory -- Dump chunks of memory into raw file on the filesystem. Dump file name template can be defined in GEF runtime config
  Won't implement, use the built-in dump command.
• edit-flags -- Edit flags in a human friendly wait (alias: flags)
• elf-info -- Display ELF header informations.
• entry-break -- Tries to find best entry point and sets a temporary breakpoint on it.
  • Use entry
• fd -- Enumerate file descriptors opened by process.
  • Use procinfo
• format-string-helper -- Exploitable format-string helper: this command will set up specific breakpoints at well-known dangerous functions (printf, snprintf, etc.), and check if the - pointer [ ] holding the format string is writable, and therefore susceptible to format string attacks if an attacker can control its content. (alias: fmtstr-helper)
• gef-alias -- GEF defined aliases
  • Not relevant.
• gef-remote -- gef wrapper for the target remote command. This command will automatically download the target binary in the local temporary directory (defaut /tmp) and then source it. Additionally, it will fetch all the /proc/PID/maps and loads all its information.
  • Unnecessary for pwndbg, we do it better, and transparently.
• heap -- Base command to get information about the Glibc heap structure.
• hexdump -- Display arranged hexdump (according to architecture endianness) of memory range. (alias: xd)
• hijack-fd -- ChangeFdCommand: redirect file descriptor during runtime.
  • Shouldn't be necessary, use pwntools to launch
• ida-interact -- IDA Interact: set of commands to interact with IDA.
  This is provided by the $ida magic function, and the IDA module.
• inspect-stack -- Exploiter-friendly top-down stack inspection command (peda-like)
  • Implemented with the telescope command, like PEDA.
• ksymaddr -- Solve kernel symbols from kallsyms table.
• nop -- Patch the instruction(s) pointed by parameters with NOP.
• patch -- Patch the instruction pointed by parameters with NOP. If the return option is specified, it will set the return register to the specific value.
• pattern -- Metasploit-like pattern generation/search
  • Won't implement, use pwndbg and the search functionality.
• pid -- ProcessIdCommand: print the process id of the process being debugged.
• process-search -- List and filter process. (alias: ps)
• process-status -- Extends the info given by GDB info proc, by giving an exhaustive description of the
  • Implemented with procinfo
• registers -- Display full details on one, many or all registers value from current architecture.
• reset-cache -- Reset cache of all stored data.
  • Unnecessary, pwndbg's cache management is automagic.
• search-pattern -- SearchPatternCommand: search a pattern in memory. (alias: grep)
  • Implemented as search.
• shellcode -- ShellcodeCommand uses @JonathanSalwan simple-yet-awesome shellcode API to download shellcodes
  Won't implement, use binjitsu.
• stub -- Stub out the specified function.
• theme -- Customize GEF appearance.
• system -- Invoke an external command and display result.
  • Won't implement, use GDB builtin shell.
• trace-run -- Create a runtime trace of all instructions executed from $pc to LOCATION specified.
• unicorn-emulate -- Unicorn emulate: Use Unicorn-Engine to emulate the behavior of the binary, without affecting the GDB runtime. By default the command will emulate only the next [ - ] instruction, but location and number of instruction can be changed via arguments to the command line. By default, it will emulate the next instruction from current PC. (alias: emulate)
  • Won't implement, we automatically instructions in a transparent manner when using nearpc.
• vmmap -- Display virtual memory mapping
• xfiles -- Shows all libraries (and sections) loaded by binary (Truth is out there).
  • Won't implement, use builtin info files or info sharedlibrary or vmmap.
• xinfo -- Get virtual section information for specific address
  I- mplemented as vmmap.

[zachriggle]

I need to re-evaluate GEF since it has some new stuff since I did this last year.

[vn-ki]

scan, memory-watch and tmux-setup looks like killer features from gef.

https://gef.readthedocs.io/en/master/commands/scan/

https://gef.readthedocs.io/en/master/commands/tmux-setup/

https://gef.readthedocs.io/en/master/commands/memory/

[bet4it]

@vn-ki as for tmux-setup, you can try hyperpwn

[suletm]

scan, memory-watch and tmux-setup looks like killer features from gef.

https://gef.readthedocs.io/en/master/commands/scan/

p2p added in this pull request is similar to "scan": #880

[gsingh93]

@nobodyisnobody let me know here if there's particular features you're interested in.

[nobodyisnobody]

Hi, Ok thanks, I will think if I have some ideas of usefull things to add.

…

-- Envoyé avec Tutanota, la boîte aux lettres sécurisée et sans publicité. 9 déc. 2022, 16:49 de ***@***.***:

@nobodyisnobody <https://github.com/nobodyisnobody>> let me know here if there's particular features you're interested in. — Reply to this email directly, > view it on GitHub <#30 (comment)>> , or > unsubscribe <https://github.com/notifications/unsubscribe-auth/ATBIBF6K6W6ZEMVNIYXMJYDWMOSNLANCNFSM4CDS26TQ>> . You are receiving this because you were mentioned.> Message ID: > <pwndbg/pwndbg/issues/30/1344813235> @> github> .> com>