GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

Overview

logo

GEF (pronounced ʤɛf - "Jeff") is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime.

Instant Setup

Simply make sure you have GDB 7.7 or higher compiled with Python3 bindings, then:

> ~/.gdbinit # or alternatively from inside gdb directly $ gdb -q (gdb) pi import urllib.request as u, tempfile as t; g=t.NamedTemporaryFile(suffix='-gef.py'); open(g.name, 'wb+').write(u.urlopen('https://tinyurl.com/gef-master').read()); gdb.execute('source %s' % g.name)">
# via the install script
## using curl
$ bash -c "$(curl -fsSL http://gef.blah.cat/sh)"

## using wget
$ bash -c "$(wget http://gef.blah.cat/sh -O -)"

# or manually
$ wget -O ~/.gdbinit-gef.py -q http://gef.blah.cat/py
$ echo source ~/.gdbinit-gef.py >> ~/.gdbinit

# or alternatively from inside gdb directly
$ gdb -q
(gdb) pi import urllib.request as u, tempfile as t; g=t.NamedTemporaryFile(suffix='-gef.py'); open(g.name, 'wb+').write(u.urlopen('https://tinyurl.com/gef-master').read()); gdb.execute('source %s' % g.name)

Note: to fetch the latest of GEF (i.e. from the dev branch), simply replace in the URL to http://gef.blah.cat/dev.

You can immediately see that GEF is correctly installed by launching GDB:

$ gdb -q /path/to/my/bin
GEF for linux ready, type `gef' to start, `gef config' to configure
80 commands loaded for GDB 9.1 using Python engine 3.8
gef➤  gef help

Note: As of January 2020, GEF doesn't officially support Python 2 any longer, due to Python 2 becoming officially deprecated. If you really need GDB+Python2, use the (not actively maintained) gef-legacy instead.

Community

Discord

Note: For maintenance simplicity, the unified communities on IRC/Gitter/Slack/Discord based MatterBridge are now discontinued. The GEF Discord is now the only way for talking with us!

Highlights

gef-context

A few of GEF features include:

  • One single GDB script
  • Entirely OS Agnostic, NO dependencies: GEF is battery-included and is installable instantly
  • Fast limiting the number of dependencies and optimizing code to make the commands as fast as possible
  • Provides a great variety of commands to drastically change your experience in GDB.
  • Easily extensible to create other commands by providing more comprehensible layout to GDB Python API.
  • Full Python3 support (Python2 support was dropped - see gef-legacy).
  • Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc.
  • Suited for real-life apps debugging, exploit development, just as much as CTF

Check out the Screenshot page for more.

Or try it online (user:gef/password:gef-demo)

Documentation

Unlike other GDB plugins, GEF has an extensive and up-to-date documentation. Users are recommended to refer to it as it may help them in their attempts to use GEF. In particular, new users should navigate through it (see the FAQ for common installation problems), and the problem persists, try to reach out for help on the Discord channel or submit an issue.

Current status

Documentation License Compatibility
ReadTheDocs MIT Python 3

Contribute

To get involved, refer to the Contribution documentation and the guidelines to start.

Another way to contribute to keeping the project alive is by sponsoring it! Check out the sponsoring documentation for details so you can be part of the list of those awesome sponsors.

Happy Hacking

Comments
  • hexdump and dereference start dumping from offset

    hexdump and dereference start dumping from offset

    Your issue will be closed unless you confirm the following:

    • [x] Did you use the latest version of GEF from master branch?
    • [x] Did you read the documentation first?
    • [x] Did you check closed issues?

    Step 1: Describe your environment

    • Operating System: Ubuntu 14.04 4.4.0-137-generic
    • Architecture: x64
    • GDB version (including the Python library version): gdb 8.2, python 2.7.6

    Step 2: Describe your problem

    hexdump and dereference do not print dump of exact address but they apply offset to it that increments after every single call, e.g.

    gef➤  hexdump dword 0xff8c6060
    0xff8c6060│+0x0000   0x00000000
    0xff8c6064│+0x0004   0x00000000
    0xff8c6068│+0x0008   0x00000000
    0xff8c606c│+0x000c   0xf7564af3
    0xff8c6070│+0x0010   0x00000001
    0xff8c6074│+0x0014   0xff8c6104
    0xff8c6078│+0x0018   0xff8c610c
    0xff8c607c│+0x001c   0xf7728e6a
    0xff8c6080│+0x0020   0x00000001
    0xff8c6084│+0x0024   0xff8c6104
    0xff8c6088│+0x0028   0xff8c60a4
    0xff8c608c│+0x002c   0x0804a014
    0xff8c6090│+0x0030   0x0804825c
    0xff8c6094│+0x0034   0xf76f8000
    0xff8c6098│+0x0038   0x00000000
    0xff8c609c│+0x003c   0x00000000
    gef➤  hexdump dword 0xff8c6060
    0xff8c60a0│+0x0040   0x00000000
    0xff8c60a4│+0x0044   0x2e1c68e9
    0xff8c60a8│+0x0048   0x9a49ecf8
    0xff8c60ac│+0x004c   0x00000000
    0xff8c60b0│+0x0050   0x00000000
    0xff8c60b4│+0x0054   0x00000000
    0xff8c60b8│+0x0058   0x00000001
    0xff8c60bc│+0x005c   0x080483e0
    0xff8c60c0│+0x0060   0x00000000
    0xff8c60c4│+0x0064   0xf772e660
    0xff8c60c8│+0x0068   0xf7564a09
    0xff8c60cc│+0x006c   0xf773b000
    0xff8c60d0│+0x0070   0x00000001
    0xff8c60d4│+0x0074   0x080483e0
    0xff8c60d8│+0x0078   0x00000000
    0xff8c60dc│+0x007c   0x08048401
    gef➤
    

    This offset is also applied to hexdump and dereference calls to other address/register targets.

    Steps to reproduce

    Observed Results

    Expected results

    • hexdump and dereference print dump of exact address that is passed as argument.

    Traces

    Another example:

    gef➤  hexdump dword 0xffb75d20
    0xffb75d20│+0x0000   0x00000000
    0xffb75d24│+0x0004   0x00000000
    0xffb75d28│+0x0008   0x00000000
    0xffb75d2c│+0x000c   0xf75c2af3
    0xffb75d30│+0x0010   0x00000001
    0xffb75d34│+0x0014   0xffb75dc4
    0xffb75d38│+0x0018   0xffb75dcc
    0xffb75d3c│+0x001c   0xf7786e6a
    0xffb75d40│+0x0020   0x00000001
    0xffb75d44│+0x0024   0xffb75dc4
    0xffb75d48│+0x0028   0xffb75d64
    0xffb75d4c│+0x002c   0x0804a014
    0xffb75d50│+0x0030   0x0804825c
    0xffb75d54│+0x0034   0xf7756000
    0xffb75d58│+0x0038   0x00000000
    0xffb75d5c│+0x003c   0x00000000
    gef➤  print $edx
    $1 = 0xffb75d54
    gef➤  hexdump dword $edx
    0xffb75d94│+0x0040   0x080483e0
    0xffb75d98│+0x0044   0x00000000
    0xffb75d9c│+0x0048   0x08048401
    0xffb75da0│+0x004c   0x08048494
    0xffb75da4│+0x0050   0x00000001
    0xffb75da8│+0x0054   0xffb75dc4
    0xffb75dac│+0x0058   0x08048560
    0xffb75db0│+0x005c   0x080485d0
    0xffb75db4│+0x0060   0xf7787300
    0xffb75db8│+0x0064   0xffb75dbc
    0xffb75dbc│+0x0068   0x0000001c
    0xffb75dc0│+0x006c   0x00000001
    0xffb75dc4│+0x0070   0xffb7684c
    0xffb75dc8│+0x0074   0x00000000
    0xffb75dcc│+0x0078   0xffb76869
    0xffb75dd0│+0x007c   0xffb7687c
    
    
    bug regression close-when-merged 
    opened by elklepo 28
  • gef fails to provide right context for aarch64 binary

    gef fails to provide right context for aarch64 binary

    Your issue will be closed unless you confirm the following:

    • [X] Did you use the latest version of GEF from master branch?
    • [X] Did you read the documentation first?
    • [X] Did you check closed issues?

    Step 1: Describe your environment

    • Operating System: Debian 10
    • Architecture: x86-64
    • GDB version (including the Python library version): GNU gdb (Debian 8.2.1-2) 8.2.1 Python 3.7.3 (default, Apr 3 2019, 05:39:12)

    Step 2: Describe your problem

    When I load certain aarch64 binaries with gef, it complains about lack of .gnu_debugdata and then it says most features won't work. I would be OK with that if it actually displayed context correctly, but it doesn't. It then believes all code is x86, and proceeds to dereference x86 registers, which of course fails.

    Steps to reproduce

    1. Load aarch64 binary without .gnu_debugdata
    2. Attempt to debug stepping as normal

    Observed Results

    I get the following warning when loading the binary

    GEF for linux ready, type `gef' to start, `gef config' to configure
    76 commands loaded for GDB 8.2.1 using Python engine 3.7
    [*] 4 commands could not be loaded, run `gef missing` to know why.
    [+] Configuration from '/home/user/.gef.rc' restored
    Reading symbols from binary...Reading symbols from .gnu_debugdata for /home/user/binary...(no debugging symbols found)...done.
    [!] '.gnu_debugdata for /home/user/binary' not found/readable
    [!] Failed to get file debug information, most of gef features will not work
    (no debugging symbols found)...done.
    gef➤  
    

    Which probably confuses gef, since it identifies the code as x86:32:

    ────────────────────────────────────────────────────────────────────────────────────────────────── stack ────
    [!] Command 'dereference' failed to execute properly, reason: Unknown register.
    ────────────────────────────────────────────────────────────────────────────────────────────── registers ────
    ──────────────────────────────────────────────────────────────────────────────────────────── code:x86:32 ────
       0x6fc195e880 <Object::Init()+168> b      0x6fc195e868 <_ZN10Object4InitEv+144>
       0x6fc195e884 <Object::Start()+0> ldr    x0,  [x0,  #16]
       0x6fc195e888 <Object::Start()+4> cbz    x0,  0x6fc195e898 <_ZN10Object5StartEv+20>
     → 0x6fc195e88c <Object::Start()+8> ldr    x8,  [x0]
       0x6fc195e890 <Object::Start()+12> ldr    x1,  [x8,  #24]
       0x6fc195e894 <Object::Start()+16> br     x1
    
    But gdb detects the architecture correctly:
    gef➤  show arch
    The target architecture is set automatically (currently aarch64)
    

    Expected results

    As per the warning, I'm not expecting most of gef features to work (although to be honest, I haven't researched why), but I expect the context and registers to be displayed correctly.

    triage 
    opened by pedrib 27
  • `heap` commands no longer works properly when remote debugging

    `heap` commands no longer works properly when remote debugging

    • [x] Did you use the latest version of GEF from dev branch?
    • [x] Is your bug specific to GEF (not GDB)? - Try to reproduce it running gdb -nx
    • [x] Did you read the documentation first?
    • [x] Did you check issues (including the closed ones) - and the PR?

    Step 1: Describe your environment

    • Operating System / Distribution: Ubuntu 20.04.2 LTS
    • Architecture: x86_64
    • GEF version (including the Python library version) run version in GEF.
    gef➤  version
    GEF: (Standalone)
    SHA1(/home/andrew/.gdbinit-gef.py): 3a1557190297912278671d27454d3d1fcda619e5
    GDB: 9.2
    GDB-Python: 3.8
    
    • I'm working on an exploitation challenge from exploit.education (http://exploit.education/fusion/level05/). I haven't tried this any of the other binaries. I can upload it here if you'd like.
    $ file level05
    level05: ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.15, BuildID[sha1]=2cf47809a1a841f6990910071c09e6053e9f57ac, with debug_info, not stripped
    
    • The heap commands works with the 2021.01 release.

    Step 2: Describe your problem

    Steps to reproduce

    1. Start a VM (no hard drive necessary) and boot to the Fusion ISO (https://github.com/ExploitEducation/Fusion/releases/download/v2.0.0/exploit-exercises-fusion-2.iso)
    2. SSH to the VM (use root:godmode for creds) and run gdbserver to attach to process:
    # gdbserver --attach :1234 $(pidof level05)
    
    1. Start gdb & connect to the server:
    $ gdb
    GEF for linux ready, type `gef' to start, `gef config' to configure
    92 commands loaded for GDB 9.2 using Python engine 3.8
    gef➤  file level05
    Reading symbols from level05...
    gef➤  target remote fusion:1234
    Remote debugging using fusion:1234
    ...
    
    1. Use the heap chunks|arenas|bins commands:
    gef➤  heap chunks
    [!] Failed to get the main arena, heap commands may not work properly: There is no member named next_free.
    [!] No valid arena
    gef➤  heap arenas
    [!] Could not find Glibc main arena
    gef➤  heap bins
    [+] No Tcache in this version of libc
    [!] Failed to get the main arena, heap commands may not work properly: There is no member named next_free.
    [!] Invalid Glibc arena
    [!] Failed to get the main arena, heap commands may not work properly: There is no member named next_free.
    [!] Invalid Glibc arena
    [!] Failed to get the main arena, heap commands may not work properly: There is no member named next_free.
    [!] Invalid Glibc arena
    [!] Failed to get the main arena, heap commands may not work properly: There is no member named next_free.
    [!] Invalid Glibc arena
    
    1. Going back to release 2021.01, the heap chunks command works, but heap arenas does not:
    gef➤  heap chunks
    Chunk(addr=0xb7dfd008, size=0x108, flags=PREV_INUSE)
        [0xb7dfd008     08 50 53 b7 10 d1 df b7 b0 54 e0 b7 00 00 00 00    .PS......T......]
    Chunk(addr=0xb7dfd110, size=0x83a0, flags=PREV_INUSE)
        [0xb7dfd110     66 64 74 61 73 6b 00 00 00 00 00 00 00 00 00 00    fdtask..........]
    Chunk(addr=0xb7e054b0, size=0x18b58, flags=PREV_INUSE)  ←  top chunk
    gef➤  heap arenas 
    [!] Command 'heap arenas' failed to execute properly, reason: 'MallocStateStruct' object has no attribute 'nfree'
    gef➤  heap bins
    [+] No Tcache in this version of libc
    ───────────────────────────────────────────── Fastbins for arena 0xb76f0400 ─────────────────────────────────────────────
    Fastbins[idx=0, size=0x10] 0x00
    Fastbins[idx=1, size=0x18] 0x00
    Fastbins[idx=2, size=0x20] 0x00
    Fastbins[idx=3, size=0x28] 0x00
    Fastbins[idx=4, size=0x30] 0x00
    Fastbins[idx=5, size=0x38] 0x00
    Fastbins[idx=6, size=0x40] 0x00
    ────────────────────────────────────────── Unsorted Bin for arena 'main_arena' ──────────────────────────────────────────
    [+] Found 0 chunks in unsorted bin.
    ─────────────────────────────────────────── Small Bins for arena 'main_arena' ───────────────────────────────────────────
    [+] Found 0 chunks in 0 small non-empty bins.
    ─────────────────────────────────────────── Large Bins for arena 'main_arena' ───────────────────────────────────────────
    [+] Found 0 chunks in 0 large non-empty bins.
    

    Minimalist test case

    // compile with gcc -fPIE -pic -o my_issue.out my_issue.c
    int main(){ return 0; }
    

    Not applicable as this is heap-related. I did, however, create my own test case.

    #include <stdio.h>
    #include <string.h>
    #include <stdlib.h>
    
    int main() {
        char *name = malloc(32);
        strncpy(name, "Drew", 5);
        printf("Name = %s\n", name);
    
        return 0;
    }
    

    Compiled with gcc test.c -o test -g. This one does work.

    $ gdb test 
    GEF for linux ready, type `gef' to start, `gef config' to configure
    92 commands loaded for GDB 9.2 using Python engine 3.8
    Reading symbols from test...
    gef➤  b test.c:7
    Breakpoint 1 at 0x1183: file test.c, line 7.
    gef➤  run
    ...
    gef➤  heap chunks
    Chunk(addr=0x555555559010, size=0x290, flags=PREV_INUSE)
        [0x0000555555559010     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    Chunk(addr=0x5555555592a0, size=0x30, flags=PREV_INUSE)
        [0x00005555555592a0     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    Chunk(addr=0x5555555592d0, size=0x20d40, flags=PREV_INUSE)  ←  top chunk
    gef➤  heap arenas 
    Arena (base=0x7ffff7fb0b80, top=0x5555555592c0, last_remainder=0x0, next=0x7ffff7fb0b80, next_free=0x0, system_mem=0x21000)
    gef➤  heap bins
    ──────────────────────────────────────────────── Tcachebins for thread 1 ────────────────────────────────────────────────
    All tcachebins are empty
    ─────────────────────────────────────────── Fastbins for arena 0x7ffff7fb0b80 ───────────────────────────────────────────
    Fastbins[idx=0, size=0x20] 0x00
    Fastbins[idx=1, size=0x30] 0x00
    Fastbins[idx=2, size=0x40] 0x00
    Fastbins[idx=3, size=0x50] 0x00
    Fastbins[idx=4, size=0x60] 0x00
    Fastbins[idx=5, size=0x70] 0x00
    Fastbins[idx=6, size=0x80] 0x00
    ────────────────────────────────────────── Unsorted Bin for arena 'main_arena' ──────────────────────────────────────────
    [+] Found 0 chunks in unsorted bin.
    ─────────────────────────────────────────── Small Bins for arena 'main_arena' ───────────────────────────────────────────
    [+] Found 0 chunks in 0 small non-empty bins.
    ─────────────────────────────────────────── Large Bins for arena 'main_arena' ───────────────────────────────────────────
    [+] Found 0 chunks in 0 large non-empty bins.
    

    Observed Results

    • What happened? This could be a description, log output, etc.

    See above. Another thing to note is that when attaching to the "level05" process locally instead of remotely (using the latest dev version of GEF), nothing happens with the heap chunks command. Though heap arenas seems to work.

    # gdb -p $(pidof level05)
    GEF for linux ready, type `gef' to start, `gef config' to configure
    92 commands loaded for GDB 9.2 using Python engine 3.8
    Attaching to process 31642
    ...
    gef➤  file /home/andrew/level05/level05
    Reading symbols from /home/andrew/level05/level05...
    gef➤  heap chunks
    gef➤  heap arenas
    Arena (base=0xf7f60740, top=0x57befe48, last_remainder=0x57bdf6f8, next=0xf7f60740, next_free=0x0, system_mem=0x22000)
    

    Expected results

    • What did you expect to happen?

    The heap chunks and heap arenas commands display information on the heap.

    Sorry, but I haven't tested this extensively with other binaries or architectures.

    Traces

    need-more-info triage cannot-reproduce 
    opened by amlamarra 23
  • Let's test both Python 2 and 3 in parallel

    Let's test both Python 2 and 3 in parallel

    Also add flake8 testing

    How Has This Been Tested?

    Has this patch been tested on (example)

    | Architecture | Yes/No | Comments | |--------------|:------------------------:|------------------------| | x86-32 | :heavy_check_mark: | rock'n roll | | x86-64 | :heavy_multiplication_x: | | | ARM | :heavy_check_mark: | | | AARCH64 | :heavy_multiplication_x: | | | MIPS | :heavy_check_mark: | | | POWERPC | :heavy_check_mark: | | | SPARC | :heavy_multiplication_x: | Who uses SPARC anyway? |

    Screenshots (if applicable)

    Types of changes

    • [x] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist

    • [x] My code follows the code style of this project.
    • [ ] My change requires a change to the documentation.
    • [ ] I have updated the documentation accordingly.
    • [x] I have read and agree to the CONTRIBUTING document.
    opened by cclauss 21
  • added support for remotely specifiying debugee and re-running targets

    added support for remotely specifiying debugee and re-running targets

    Hi, I've added a new option to gef-remote so you can tell the gdbserver which executable you want to run. Additionally this patch allows you to restart processes and specify arguments (when you are connected in extended-remote mode).

    Example (server started with gdbserver --multi 0.0.0.0:1337):

    gef➤  gef-remote -f /bin/ls 10.0.0.83:1337
    [+] Connected to '10.0.0.83:1337'
    Reading /bin/ls from remote target...
    warning: File transfers from remote targets can be slow. Use "set sysroot" to access files locally instead.
    Reading /bin/ls from remote target...
    [+] Target is not running, waiting for start
    gef➤  run "/proc"
    `target:/bin/ls' has disappeared; keeping its symbols.
    Starting program: target:/bin/ls "/proc"
    Reading /lib/ld-linux.so.2 from remote target...
    Reading /lib/ld-linux.so.2 from remote target...
    Reading /lib/ld-2.11.2.so from remote target...
    Reading /lib/.debug/ld-2.11.2.so from remote target...
    [+] Targeting PID=3742
    [+] Downloading remote information
    [+] Remote information loaded, remember to clean '/tmp/gef/3742' when your session is over
    Reading /lib/libselinux.so.1 from remote target...
    Reading /lib/librt.so.1 from remote target...
    Reading /lib/libacl.so.1 from remote target...
    Reading /lib/libc.so.6 from remote target...
    Reading /lib/libdl.so.2 from remote target...
    Reading /lib/libpthread.so.0 from remote target...
    Reading /lib/libattr.so.1 from remote target...
    Reading /lib/librt-2.11.2.so from remote target...
    Reading /lib/.debug/librt-2.11.2.so from remote target...
    Reading /lib/libc-2.11.2.so from remote target...
    Reading /lib/.debug/libc-2.11.2.so from remote target...
    Reading /lib/libdl-2.11.2.so from remote target...
    Reading /lib/.debug/libdl-2.11.2.so from remote target...
    Reading /lib/libpthread-2.11.2.so from remote target...
    Reading /lib/.debug/libpthread-2.11.2.so from remote target...
    [Inferior 1 (process 3742) exited normally]
    [*] No debugging session active
    

    And (gdbserver 0.0.0.0:1337 /bin/ls):

    gef➤  gef-remote -E 10.0.0.83:1337
    warning: Could not load vsyscall page because no executable was specified
    try using the "file" command first.
    0xb7fe3850 in ?? ()
    [+] Connected to '10.0.0.83:1337'
    [+] Targeting PID=3747
    [+] Downloading remote information
    [+] Remote information loaded, remember to clean '/tmp/gef/3747' when your session is over
    gef➤  r
    Starting program:  
    warning: Could not load vsyscall page because no executable was specified
    try using the "file" command first.
    [+] Targeting PID=3750
    [+] Downloading remote information
    [+] Remote information loaded, remember to clean '/tmp/gef/3750' when your session is over
    [Inferior 1 (process 3750) exited normally]
    [*] No debugging session active
    

    This works by adding a hook to gdb that downloads the remote info each time "continue" is executed and the PID has changed since the last time.

    One thing I had to change to make this work is that in extended-remote mode, setup_remote_environment no longer uses the file command on the local, downloaded file because then the next run would start the local file instead of the remote one. I hope this doesn't break anything in the other commands.

    enhancement 
    opened by jr64 19
  • heap arenas NoneType + heap-view doesn’t find heap

    heap arenas NoneType + heap-view doesn’t find heap

    • [x] Did you use the latest version of GEF from dev branch?
    • [x] Is your bug specific to GEF (not GDB)? - Try to reproduce it running gdb -nx
    • [x] Did you search through the documentation first?
    • [x] Did you check issues (including the closed ones) - and the PR?

    Step 1: Describe your environment

    • Operating System / Distribution: 5.15.49-1-MANJARO
    • Architecture: amd64
    • GEF version (including the Python library version) run version in GEF.
    gef➤  version
    GEF: (Standalone)
    Blob Hash(/home/raven/.gef-430d9d3f7efab6e55215c07bd1694c3a4c4cb6cd.py): 0653da00ca754d9580d60a330907c988d6468dee
    SHA256(/home/raven/.gef-430d9d3f7efab6e55215c07bd1694c3a4c4cb6cd.py): f14771fa2cafaf7bca7f8b2a53db54c85f6612f42ac8ff80aaaa476fd7553e69
    GDB: 12.1
    GDB-Python: 3.10
    

    Step 2: Describe your problem

    Steps to reproduce

    1. gdb -q ./a.out
    2. start
    3. break *puts
    4. c
    5. Check heap

    Minimalist test case

    // test.c
    // clang test.c
    #include <stdio.h>
    #include <stdlib.h>
    #include <string.h>
    #include <unistd.h>
    
    
    int main(int argc, char **argv) {
      void *p = malloc(0x64);
      void *r = malloc(0x28);
      void *q = malloc(0x64);
    
      puts("Just some filler content to break on");
      fflush(stdout);
    
      return 0;
    }
    

    Observed Results

    gef➤  heap chunks
    Chunk(addr=0x555555559010, size=0x290, flags=PREV_INUSE)
        [0x0000555555559010     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    Chunk(addr=0x5555555592a0, size=0x70, flags=PREV_INUSE)
        [0x00005555555592a0     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    Chunk(addr=0x555555559310, size=0x30, flags=PREV_INUSE)
        [0x0000555555559310     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    Chunk(addr=0x555555559340, size=0x70, flags=PREV_INUSE)
        [0x0000555555559340     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    Chunk(addr=0x5555555593b0, size=0x410, flags=PREV_INUSE)
        [0x00005555555593b0     4a 75 73 74 20 73 6f 6d 65 20 66 69 6c 6c 65 72    Just some filler]
    Chunk(addr=0x5555555597c0, size=0x20850, flags=PREV_INUSE)
        [0x00005555555597c0     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................]
    gef➤  heap arenas
    Arena(base=0x7ffff7f8a400, top=0x0, last_remainder=0x0, next=0x0, next_free=0x0, system_mem=0x0)
    [!] Command 'heap arenas' failed to execute properly, reason: 'NoneType' object has no attribute 'cast'
    gef➤  heap-view
    [!] The heap has not been initialized
    gef➤  vis
    [!] The heap has not been initialized
    gef➤  
    

    What happened? This could be a description, log output, etc.

    Expected results

    • heap arenas should not throw an error on a pointer deref :D
    • heap-view should properly recognize the arena so visualization can take place

    Traces

    image

    bug confirmed 
    opened by 0xricksanchez 17
  • Context fowarding leads to: Turn the logging off and on to make the new setting effective.

    Context fowarding leads to: Turn the logging off and on to make the new setting effective.

    Your issue will be closed unless you confirm the following:

    • [ ] Did you use the latest version of GEF from master branch? ( I used the install script)
    • [x] Did you read the documentation first?
    • [x] Did you check closed issues?

    Step 1: Describe your environment

    • Operating System: Ubuntu 18 (Guest VM), Windows, WSL (Host)
    • Architecture: x86_64
    • GDB version (including the Python library version): GNU gdb (Ubuntu 8.1-0ubuntu3) 8.1.0.20180409-git Python 3.6

    Step 2: Describe your problem

    Using SSH to a VM in two windows: where gef runs in one window and in the other I tried to get the tty which yields: /dev/pts/0. I then used gef config context.redirect /dev/pts/0 to redirect there. It worked for one redraw, but then fails:

    [!] Command 'context' failed to execute properly, reason: Sign not allowed in string format specifier
    [*] gdb is already running
    [Thread debugging using libthread_db enabled]
    Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
    warning: Currently logging to /dev/pts/0.  Turn the logging off and on to make the new setting effective.
    warning: Currently logging to /dev/pts/0.  Turn the logging off and on to make the new setting effective.
    
    

    Now it only shows this error for every redrawing of the context: warning: Currently logging to /dev/pts/0. Turn the logging off and on to make the new setting effective. Strangely, the gef window now contains the context again eventhough the redirect is still active.

    Setting and unsetting the command did not work and I'm not a pro with Linux, so I don't understand what logging this error references. I was unable to find anything useful via Google.

    opened by reijin90 17
  • `$savedip` indicator doesn't work as expected when on top frame

    `$savedip` indicator doesn't work as expected when on top frame

    Following PR #202

    $ gdb -ex start /bin/ls
    

    c2oyimz

    TODO:

    • [x] revert the PR from master until fully tested (commit c758bb5)
    • [ ] live re-tests
    • [ ] tests on non x86 arch
    bug 
    opened by hugsy 17
  • Add 'version' command

    Add 'version' command

    Let's add a version command that dumps the version (git hash, branch, and whether there are local modifications).

    This will be handy for bug reports

    We can make it get dumped automatically when debug is enabled along with runtime environment

    enhancement new feature 
    opened by Grazfather 16
  • gdb_exception_RETURN_MASK_ERROR

    gdb_exception_RETURN_MASK_ERROR

    Step 0:

    Yes, yes, yes

    Step 1: Describe your environment

    • Operating System: Linux 4.9.78-v7+

    • Architecture: armv7l Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 1 Core(s) per socket: 4 Socket(s): 1 Model: 4 Model name: ARMv7 Processor rev 4 (v7l) CPU max MHz: 1200.0000 CPU min MHz: 600.0000 BogoMIPS: 38.40 Flags: half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm crc32

    • GDB version (including the Python library version): Debian 7.12-6+b1, Python 2.7/3.7

    Step 2: Describe your problem

    Attemting to use gef to step (si) through a program unexpectedly aborts at the end of program with the following error:

     ─────[ threads ]────
    [#0] Id 1, Name: "sp_demo", stopped, reason: SINGLE STEP    
    ─────[ trace ]────
    [#0] 0x10064 → Name: exit()
    terminate called after throwing an instance of 'gdb_exception_RETURN_MASK_ERROR'
    Aborted
    

    This behavior is not observed when using peda or pwndbg, which exit normally. This behavior is not observed when just running program:

    Reading symbols from sp_demo...(no debugging symbols found)...done.
    gef➤  run
    Starting program: /home/timmy/ARM/code/sp_demo 
    [Inferior 1 (process 2528) exited normally]
    gef➤  
    

    Steps to reproduce

    1. gdb -q sp_demo
    2. gef> b _start
    3. gef> r
    4. gef> si (until error observed)

    Observed Results

    See above.

    Expected results

     f 0    10068 exit+4
    pwndbg> si
    [Inferior 1 (process 2545) exited normally]
    pwndbg> 
    

    Sample code, sp_demo

    @ Test code, stack pointer example 
    
        .global _start
    
    _start:
       mov r7, #0x30      
       push {r7}          
       mov r7, #0x10      
       pop {r7}           
    
    exit:
        mov r7, #1       
        svc 0
    
    
    opened by feralgibbons 16
  • Add source context where available

    Add source context where available

    I love the gef commands, but when I have source I'd like to be able to see it...

    gdb-dashboard shows source and asm if possible, just asm if not: https://github.com/cyrus-and/gdb-dashboard/blob/master/.gdbinit#L678-L752 which would be ideal...

    enhancement 
    opened by bnagy 16
  • [Bug] `search-pattern` help message is inaccurate

    [Bug] `search-pattern` help message is inaccurate

    GEF+GDB version

    gef➤  version
    GEF: (Standalone)
    Blob Hash(/home/pwn/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py): fa62af51bac37a9ce48b3cabb838745a1676879c
    SHA256(/home/pwn/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py): 5c33a117ba45a4e6faffa39c507153e3421737b9b0a934679e3ee82224cc00f5
    GDB: 12.1
    GDB-Python: 3.10
    

    Operating System

    Ubuntu

    Describe the issue you encountered

    The example in the grep/search-pattern help message is inaccurate.

    gef➤  help search-pattern
    SearchPatternCommand: search a pattern in memory. If given an hex value (starting with 0x)
    the command will also try to look for upwards cross-references to this address.
    Syntax: search-pattern PATTERN [little|big] [section]
    Examples: 
    	
    search-pattern AAAAAAAA
    search-pattern 0x555555554000 little stack
    search-pattern AAAA 0x600000-0x601000
    

    (The following code snippets are taking from the latest version in dev)

    In the given example, the endianness can be omitted from the command (as in search-pattern AAAA 0x600000-0x601000).

    https://github.com/hugsy/gef/blob/d1833d3100f487f10dc806b6561ab8588e2b6274/gef.py#L5706-L5711

    However, in the parsing logic, we just assume that argv[1] must contain the endianness, and argv[2] must contain the section. As such, omitting the endianness in the command is invalid syntax.

    https://github.com/hugsy/gef/blob/d1833d3100f487f10dc806b6561ab8588e2b6274/gef.py#L5817-L5870

    Suggested Solution:

    This command doesn't use the parse_arguments decorator yet. The problem should be resolved once we port this command to use the decorator.

    Opening this issue first so that anyone who is free can do it first. Otherwise I can do it 2 weeks later.

    Do you read the docs and look at previously closed issues/PRs for similar cases?

    Yes

    Architecture impacted

    • [x] X86
    • [x] X64
    • [x] ARM
    • [x] ARM64
    • [x] MIPS
    • [x] MIPS64
    • [x] PPC
    • [x] PPC64
    • [x] RISCV

    Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

    Running something like grep AAAA stack will not give the desired behaviour.

    Minimalist test case

    No response

    Additional context?

    No response

    bug triage 
    opened by daniellimws 0
  • [Bug] gef has unwarp every members in Structural parameter in backtrace

    [Bug] gef has unwarp every members in Structural parameter in backtrace

    GEF+GDB version

    GEF: (Standalone)
    Blob Hash(/root/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py): 83861546049c4c1130503dd0acb802fc8383aa45
    SHA256(/root/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py): a6b9698cdb06eefeb0a2b6ce9d31e706e75e151b4006be8d90cdcaf7f9afa1f1
    GDB: 9.2
    GDB-Python: 3.8
    

    Operating System

    ubuntu 2004

    Describe the issue you encountered

    when I use gdb with gef debug OpenImageIO library, gef has unwarp every members in Structural parameter in backtrace, but when I use bt command, It was normal in output. gef output bt command output

    Do you read the docs and look at previously closed issues/PRs for similar cases?

    No

    Architecture impacted

    • [ ] X86
    • [X] X64
    • [ ] ARM
    • [ ] ARM64
    • [ ] MIPS
    • [ ] MIPS64
    • [ ] PPC
    • [ ] PPC64
    • [ ] RISCV

    Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

    Provide a step-by-step to reproduce your issue.

    1. use gdb with gef debug libOpenImageIO with debug symbol info
    2. run program, gef will unwarp every members in Structural in backtrace

    Minimalist test case

    Use this field for a minimal code to compile and spot the issue:

    #include "include/OpenImageIO/imagebuf.h"
    // #include "include/OpenImageIO/imageio.h"
    #include <iostream>
    using namespace OIIO;
    int main(int, char **) {
      auto buf = ImageBuf("/root/oiiovuln/1.psd");
      for (auto layer = 0; layer < buf.nsubimages(); layer++) {
        // buf.reset("/root/oiiovuln/1.psd", layer);
    
        std::cout << buf.ymax() << std::endl;
      }
      //   auto sf = OpenImageIO_v2_3::ImageBuf("/root/oiiovuln/1.psd");
      return 0;
    }
    
    

    You can also provide a Dockerfile if you prefer

    Additional context?

    • Screenshots
    • Callstack
    • Coredumps
    • If possible and useful, please upload the binary
    bug triage 
    opened by CppXL 0
  • [Bug] Don't error out if disassembling previous instructions fails

    [Bug] Don't error out if disassembling previous instructions fails

    GEF+GDB version

    all
    

    Operating System

    No response

    Describe the issue you encountered

    Context:

    image

    Do you read the docs and look at previously closed issues/PRs for similar cases?

    No

    Architecture impacted

    • [X] X86
    • [X] X64
    • [X] ARM
    • [X] ARM64
    • [X] MIPS
    • [X] MIPS64
    • [X] PPC
    • [X] PPC64
    • [X] RISCV

    Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

    • mmap shellcode, making sure that page N-1 is not valid
    • execute shellcode

    Minimalist test case

    No response

    Additional context?

    No response

    bug enhancement confirmed 
    opened by hugsy 0
  • [Bug] We never use the cached `_pagesize`

    [Bug] We never use the cached `_pagesize`

    GEF+GDB version

    dev
    

    Operating System

    all

    Describe the issue you encountered

    It's simply never checked.

    Why don't these properties use @lru_cache? Why do we explicitly clear them in reset_caches()

    Discovered thanks to #918

    Do you read the docs and look at previously closed issues/PRs for similar cases?

    Yes

    Architecture impacted

    • [X] X86
    • [X] X64
    • [X] ARM
    • [X] ARM64
    • [X] MIPS
    • [X] MIPS64
    • [X] PPC
    • [X] PPC64
    • [X] RISCV

    Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

    inspect code

    Minimalist test case

    No response

    Additional context?

    No response

    bug triage 
    opened by Grazfather 0
  • [Bug] GEF cannot find stack mapping when using info sections

    [Bug] GEF cannot find stack mapping when using info sections

    GEF+GDB version

    dev 9edd73e1
    

    Operating System

    N/A

    Describe the issue you encountered

    When debugging a remote target whose maps I can't read from e.g. procfs, I elected to load the elf directly. This makes gef.mapping.maps use __parse_gdb_info_sections instead of __parse_procfs_maps. This is fine for most sections, but it leaves the stack unmapped since the stack is not specified in the ELF header.

    This breaks the stack view of context.

    ────────────────────────────────────────────────────────────────────── stack ────│       0000000000000094  0000000000000002   A       5     0     2
    [!] Unmapped target address: '0x20041fd8'
    gef➤  x/20wx $sp
    0x20041fd8:     0x00000005      0xd0000000      0x02000000      0x02000000
    0x20041fe8:     0x00000000      0x1000039f      0x10000194      0x20041f01
    0x20041ff8:     0x18000000      0x1000013f      0x00000000      0x00000000
    0x20042008:     0x00000000      0x00000000      0x00000000      0x00000000
    0x20042018:     0x00000000      0x00000000      0x00000000      0x00000000
    

    We could maybe add a way to manually add sections?

    gef➤  pi s = Section(page_start=0x20041800, page_end=0x20042000, offset=0, permission=Permission(0))
    gef➤  pi gef.memory._GefMemoryManager__maps.append(s)
    ────────────────────────────────────────────────────────────────────── stack ────
    0x20041fd8│+0x0000:              ← $sp
    0x20041fdc│+0x0004: 0xd0000000
    0x20041fe0│+0x0008: 0x02000000
    0x20041fe4│+0x000c: 0x02000000
    0x20041fe8│+0x0010: 0x00000000  →  0x20041f00
    0x20041fec│+0x0014: 0x1000039f  →  <main+47> b.n 0x1000038e <main+30>
    0x20041ff0│+0x0018: 0x10000194  →  <wait_for_vector+6> bx r0
    0x20041ff4│+0x001c: 0x20041f01  →  0x214b2fb5
    
    

    Do you read the docs and look at previously closed issues/PRs for similar cases?

    Yes

    Architecture impacted

    • [ ] X86
    • [ ] X64
    • [X] ARM
    • [ ] ARM64
    • [ ] MIPS
    • [ ] MIPS64
    • [ ] PPC
    • [ ] PPC64
    • [ ] RISCV

    Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

    Provide a step-by-step to reproduce your issue.

    Minimalist test case

    Use this field for a minimal code to compile and spot the issue:

    // compile with gcc -fPIE -pic -o my_issue.out my_issue.c
    int main(){ return 0; }
    

    You can also provide a Dockerfile if you prefer

    Additional context?

    • Screenshots
    • Callstack
    • Coredumps
    • If possible and useful, please upload the binary
    bug triage 
    opened by Grazfather 0
  • Fix python command for updating GEF

    Fix python command for updating GEF

    GEF+GDB version

    gef➤  version 
    GEF: (Standalone)
    Blob Hash(/home/pwn-0-dev/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py): 8dc57b700e3c1c85822449033a01c94dfae9e4a6
    SHA256(/home/pwn-0-dev/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py): 63d3e10d38a367c3e4d37de8e0701bcdff2a4e7c9a0a4ec5d83ccb8b2fe6188d
    GDB: 12.1
    GDB-Python: 3.10
    

    Operating System

    Ubuntu 22.04.1

    Describe the issue you encountered

    The command python3 ~/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py --update for updating GEF brings the below error;

    pwn-0-dev@ubuntu:~$ python3 ~/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py --update
    Traceback (most recent call last):
      File "/home/pwn-0-dev/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py", line 117, in <module>
        import gdb  # type:ignore
    ModuleNotFoundError: No module named 'gdb'
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File "/home/pwn-0-dev/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py", line 121, in <module>
        sys.exit(update_gef(sys.argv[2:]))
      File "/home/pwn-0-dev/.gef-2b72f5d0d9f0f218a91cd1ca5148e45923b950d5.py", line 103, in update_gef
        ver = "dev" if "--dev" in argv else GEF_DEFAULT_BRANCH
    NameError: name 'GEF_DEFAULT_BRANCH' is not defined
    

    This issue has been fixed in the GitHub repo but the download link for both curl and wget and retrieving un-updated file.

    Do you read the docs and look at previously closed issues/PRs for similar cases?

    Yes

    Architecture impacted

    • [ ] X86
    • [X] X64
    • [ ] ARM
    • [ ] ARM64
    • [ ] MIPS
    • [ ] MIPS64
    • [ ] PPC
    • [ ] PPC64
    • [ ] RISCV

    Describe your issue. Without a proper reproduction step-by-step, your issue will be ignored.

    Provide a step-by-step to reproduce your issue.

    Minimalist test case

    Use this field for a minimal code to compile and spot the issue:

    // compile with gcc -fPIE -pic -o my_issue.out my_issue.c
    int main(){ return 0; }
    

    You can also provide a Dockerfile if you prefer

    Additional context?

    • Screenshots
    • Callstack
    • Coredumps
    • If possible and useful, please upload the binary
    bug triage 
    opened by iAmG-r00t 0
Releases(2022.06)
  • 2022.06(Jun 26, 2022)

    Changelog: 2022.06 - Upset Constant

    Highlights of Upset Constant

    • The unit testing structure has been re-designed to be more modular and flexible

    • The documentation has been globally updated, moved from ReadTheDocs to GithubPages, and redesigned from mkdocs to mkdocs-material

    • Countless (potential) errors were fixed thanks to more integration of type hinting

    • Debugged file formats (such as ELF) now rely on a abstraction layer. This means GEF can transparently support more file formats including PE or MachO (see gef-extras/os)

    • Remote support has been entirely rewritten and is now fully exposed via the gef.remote namespace. This includes the Qemu (user and system) support.

    • Many commands, relying on external dependencies (such as cs-dis, asm or emulate) were transfered to GEF-Extras. Therefore, GEF now has absolutely no dependency whatsoever, not even optional ones. Refer to the deprecation page of the documentation for a complete overview of the changes.

    • ida-interact has been totally removed and is now entirely of GEF-Extras only. It has also been rewritten to drop Python XMLRPC and relies on the much more advanced rpyc Python library.

    • A new subcommand appeared, gef install which allows to install commands from gef-extras on the fly, if you cannot clone the repository or just need a one-time command.

    • pcustom supports class factory allowing the structure(s) defined to collect information from the runtime

    • Some improvements were added to the stack canary detection

    • On a more personal note, this release marks the 10 years anniversary 🎂 since the first lines of GEF were written!! Thanks for using and contributing to GEF !

    Contributors

    | Author | Number of commits | |:--|--:| | hugsy | 118| | theguy147 | 10| | Grazfather | 3| | Dreg | 3| | Boris-Chengbiao Zhou | 1| | code-byter | 1| | Ebubekir Türker | 1| | Khaotic | 1| | mattadev | 1| | mh4ckt3mh4ckt1c4s | 1| | skysider | 1| | szotsaki | 1| | Teddy Heinen | 1| | Wyatt Neal | 1| | Zion | 1|

    Closed Issues

    Closed Pull Requests

    Commit details

    148 commits since 2021.10

    Commit log

    • 2021-10-22 b982f3chugsy • Fixed minor bug in new-release.py in the git shell command
    • 2021-10-22 83b4934hugsy • Update README.md
    • 2021-10-25 50231d9mh4ckt3mh4ckt1c4s • Fix typo in docs/api.md (#747)
    • 2021-10-31 c10b1e4hugsy • Update README.md
    • 2021-11-02 8fc0583skysider • add number arg for 'heap chunk' command (#745)
    • 2021-11-16 721ad4bmattadev • Use sha256 for gef_hash to quiet static analyzers (#751)
    • 2021-11-27 34a14bchugsy • Remove the assert on get_register (#754)
    • 2021-11-27 152bb0chugsy • fixed typo from #754
    • 2021-11-28 97ad7f7hugsy • [CI] Change test order
    • 2021-11-29 5b91420Teddy Heinen • add support for hex strings to print-format (#758)
    • 2021-12-03 add63datheguy147 • fix typo in GotBaseFunction docs (#761)
    • 2021-12-06 04f847bhugsy • Bound nb_argument when printing guessed arguments (fix #753) (#755)
    • 2021-12-06 702858chugsy • Remove final assert (#756)
    • 2021-12-06 3efb77bhugsy • Adds constants to gef.py for M68K support (in gef-extras) (#757)
    • 2021-12-11 d512ac9hugsy • Added @therealdreg to the sponsors list
    • 2021-12-11 1c9da33hugsy • Update README.md
    • 2021-12-11 d98ffb7Wyatt Neal • Fixes GEF installer bash script #762)
    • 2021-12-11 61782e4hugsy • [Refactor] Adds a global class Gef and instance gef that will be used to make the API simpler and more Pythonic. Also adds memory access (via gef.memory) and settings (via gef.config)
    • 2021-12-11 380412ehugsy • Added GEF compatibility matrix
    • 2021-12-13 cdfdf42hugsy • More changes to a more pythonic version - creates a GefHeapManager class - deprecates many functions to an equivalent more readable - made GlibcArena and GlibcChunk classes iterable
    • 2021-12-13 9f45be8hugsy • Fixed the heap (arena & chunk) iterators
    • 2021-12-13 e36152dhugsy • - Separate gef managers initialization - Add gef.session which includes many runtime info (.pagesize, .canary, .constants, etc.) - Add more docstrings - The GDB command objects are now in the namespace gef.gdb - Adjust some gef functions to check result - Make endian_str, gef_pagesize, gef_read_canary, set_gef_setting and get_gef_setting deprecated APIs
    • 2021-12-13 fbbcc3ahugsyget_memory_alignment() -> gef.arch.ptrsize
    • 2021-12-13 e709aebhugsy • Fixed heap.base_address
    • 2021-12-13 43a9920hugsyget_pid() -> gef.session.pid
    • 2021-12-13 5b20f3chugsy • Fixed canary command
    • 2021-12-13 87e6204hugsy • Fixed elf-info
    • 2021-12-13 52b0646hugsy • Fixed patch qword
    • 2021-12-13 d1aee83hugsy • CI passing w00t
    • 2021-12-13 1f62d53hugsy • test everything
    • 2021-12-13 7698f30hugsy • making linters happy
    • 2021-12-14 b9493f2hugsy • fixed GlibcArena.__eq__
    • 2021-12-15 a98dcb9hugsy • - get_register -> gef.arch.register() - new context manager for output redirection: RedirectOutputContext
    • 2021-12-15 321e104hugsy • added __str__ to Section
    • 2021-12-16 a7ab48etheguy147 • refactor: use Generators and Comprehension (#771)
    • 2021-12-16 f497bc8theguy147 • refactor: replace OSError aliases (#769)
    • 2021-12-25 08f4b28szotsaki • Update dereference.md (#773)
    • 2022-01-05 a697afdhugsy • use avatars for contributors and sponsors in readme and docs/index
    • 2022-01-07 8a27a38theguy147 • refactor: remove utf8 encoding declaration (#770)
    • 2022-01-07 4f6ab0chugsy • Added gef.memory.maps
    • 2022-01-07 d2f5f27hugsy • Merge branch 'gdb_8_py36_code_refactor' of github.com:hugsy/gef into gdb_8_py36_code_refactor
    • 2022-01-07 f0126cehugsy • added gef.session.qemu_mode and gef.session.remote
    • 2022-01-07 8262adchugsy • added a simple helper reset() that allows to entirely reset the gef session using pi reset()
    • 2022-01-07 0ee63e3hugsy__gef_redirect_output_fd__ -> gef.ui.redirect_fd
    • 2022-01-07 df129edhugsy • replaced __gef_int_stream_buffer__ -> gef.ui.stream_buffer
    • 2022-01-07 809c735hugsy • removed global __infos_files__ , was obsolete since we started using lru_cache
    • 2022-01-07 eb7312bhugsy__commands__ --> gef.session.commands
    • 2022-01-07 d83b239hugsyhighlight_table --> gef.ui.highlight_table
    • 2022-01-07 67df573hugsylibc_args_definitions --> gef.session.libc_args_definitions
    • 2022-01-07 93f2b15hugsy • restore commands & functions as globals
    • 2022-01-07 84b00f1hugsy • fixed typo in uimanager
    • 2022-01-07 4bcf19ahugsynew_objfile_handle doesn't need to re-init the managers since we already reset its cache
    • 2022-01-07 b0da3f8hugsy__watches__ -> gef.ui.watches
    • 2022-01-07 f08667bhugsy__context_messages__ -> gef.ui.context_messages
    • 2022-01-07 bf96176hugsy__gef_convenience_vars_index -> gef.session.convenience_vars_index
    • 2022-01-07 10a97c6hugsy • linting
    • 2022-01-07 ece1662hugsy • moved the last globals to gef.session
    • 2022-01-08 b95c4achugsy • making ptrsize static for x86 and x64
    • 2022-01-08 a04cd64hugsy • making ptrsize static for arm, arm64 and mips
    • 2022-01-08 6514ad3hugsy • restoring MIPS64
    • 2022-01-08 bca69dahugsy • hardcoding endianness for x86,64 and arm,64
    • 2022-01-08 32941adhugsy • added a class decorator to register architectures
    • 2022-01-08 d5a3bb6hugsy • changed path to pathlib.Path (#775) added test for download_file
    • 2022-01-08 64e3115hugsy • [arm] fix ptrsize caching
    • 2022-01-09 1a430d5theguy147 • refactor: add type hints (#774)
    • 2022-01-09 8de60ebhugsy • Merge branch 'gdb_8_py36_code_refactor' of github.com:hugsy/gef into gdb_8_py36_code_refactor
    • 2022-01-09 5f641bbhugsy • Replaced GEF_RC to a Path object (#775)
    • 2022-01-10 b653a6ehugsy • Automatically generating gef api (#776)
    • 2022-01-10 f7979f5hugsy • Markdown doc also shows if a function/class is deprecated (#776)
    • 2022-01-10 3179289hugsy • [docs] Partially fix hrefs in api/gef.md
    • 2022-01-10 c25f9c1hugsy • [gef] fixing glibc main arena calculation for arm [docs] @deprecated adds a note in the api doc
    • 2022-01-11 29a9925hugsy • [tests] fixed heap set-arena
    • 2022-01-11 adcc1d4hugsy • Fixed PPC specs URL
    • 2022-01-11 ad51825theguy147 • refactor: use f-strings across codebase (#768)
    • 2022-01-11 8ad0c4fhugsy • Fixed PPC specs URL
    • 2022-01-11 1683fcbhugsy • [docs] Fixed complete API link in api.md
    • 2022-01-11 bf70642hugsy • Merge branch 'dev' into gdb_8_py36_code_refactor
    • 2022-01-12 bdea715hugsy • first run of pr feedback
    • 2022-01-12 2975d5ftheguy147 • [CI] Add tests for heap bins(#780)
    • 2022-01-12 795f51chugsy • [docs] updating docs to stipulate the new minimum requirements for gef
    • 2022-01-12 b442af3hugsy • [elf] fixed duplicate SHT_NUM value
    • 2022-01-16 8ebd7b0hugsy • Apply suggestions from code review
    • 2022-01-16 fa28aa2hugsy • Removed debug info in FormatStringSearchCommand
    • 2022-01-16 e4a77aahugsy • - fixed heap CI failures (defered to #785) - minor type adjustments
    • 2022-01-16 5f31516Grazfather • Merge pull request #779 from hugsy/gdb_8_py36_code_refactor
    • 2022-01-17 9055b65Grazfather • tests: Make sure keystone and capstone tests fail with missing lib (#791)
    • 2022-01-17 599db81hugsy • Fixed bugs in GefSetting that prevented saved values to be loaded (#792)
    • 2022-01-18 67fccb5Zion • updated add_context_pane settings use (#796)
    • 2022-01-18 d162004Grazfather • Use https URLs where we can (#793)
    • 2022-01-18 9560041hugsy@deprecated warning display can be toggled off (#795)
    • 2022-01-20 c6909e1theguy147 • refactor: add missing py3.6 type hints (#797)
    • 2022-01-20 eaf9d11Grazfather • Variadic gef print (#789)
    • 2022-01-21 b4bffdchugsy • Update copyright year (#800)
    • 2022-01-25 779369fhugsy • Complete rewrite of pcustom command (#794)
    • 2022-01-25 364cf44hugsy • ELF class upgrades (#798)
    • 2022-01-27 58f2a2etheguy147 • fix: heap bins commands (#805)
    • 2022-01-29 65daadehugsy • - Regenerated API doc
    • 2022-01-29 a280cfeGrazfather • Re-add lru_cache to __get_register_for_selected_frame (#809)
    • 2022-01-30 545fa28hugsy • fixed theme : use the gef settings manager
    • 2022-01-30 8c8c838hugsy • - changed the try/except for gef restore to indicate which setting name is missing
    • 2022-01-30 283690ahugsy • - added cache management for Architecture
    • 2022-01-30 48d39bbcode-byter • Update gef config parameters of gef-extras installation script (#807)
    • 2022-02-01 c078733Grazfather • Fix RISCV arch detection (#790)
    • 2022-02-01 d1fa00ftheguy147 • fix: make shebang lines portable (#814)
    • 2022-02-04 4365d9chugsy • Fix double loading of external plugins (#816)
    • 2022-02-09 8c0f625hugsy • - create gef.ui.libc_args_table (#821)
    • 2022-02-09 d86e7a0hugsy • Minor follow-up of #821
    • 2022-02-13 82b2570hugsy • Remove ida-interact (#817)
    • 2022-02-13 37bb542hugsy • Add class factory support for pcustom (#819)
    • 2022-02-13 18c7ba4hugsy • Better tests (#813)
    • 2022-02-14 2b7f315Ebubekir Türker • remove unnecessary warnings (#824)
    • 2022-02-21 18c40b6Boris-Chengbiao Zhou • Add mechanism to let architectures specify whether they support a gdb arch (#822)
    • 2022-02-26 0954a16hugsy • New subcommand gef install (#825)
    • 2022-02-26 6e3cd5chugsy • Update gef.md
    • 2022-03-04 7817beahugsy • [docs] http -> https because apparently it's a big deal for debugging stuff
    • 2022-03-04 93f3010hugsy • Merge branch 'dev' of github.com:hugsy/gef into dev
    • 2022-03-07 d540abdhugsy • pushing urgent fix for #831 (even tho get_arch will be deprecated after #827)
    • 2022-04-09 e50af77Khaotic • Improve identifying Stack Canaries (#833)
    • 2022-05-22 7f45550hugsy • Type Hinting Fixes - Part 1 (#827)
    • 2022-06-13 a89f91chugsy • Move 3rd party to extras (#841)
    • 2022-06-13 d7d64a2hugsy • Update generate-docs.yml
    • 2022-06-13 dca3cb1hugsy • Update generate-docs.yml
    • 2022-06-13 a7d8fa5hugsy • Updated documentation appearance
    • 2022-06-13 d836054hugsy • Squashed commit of the following:
    • 2022-06-13 5b468d0hugsy • :bug: forcing docs to run the same version than gdb
    • 2022-06-13 ca67cedhugsy • :bug: Last doc fixes, GEF API is now generated from Actions
    • 2022-06-14 c671bedhugsy • Update install.md
    • 2022-06-14 37ddf86hugsy • Updated gef-extras.sh installation script
    • 2022-06-14 d463f7dhugsy • [docs] hardcoded emojis instead of md
    • 2022-06-16 8ee281dhugsy • Update README.md
    • 2022-06-16 f375efchugsy • Merge branch 'dev' of github.com:hugsy/gef into dev
    • 2022-06-17 a78915dhugsy • remove rtfd cfg file
    • 2022-06-17 1c295fchugsy • restoring temporarily rtfd for redirection to the new docs
    • 2022-06-18 dbf2372hugsy • Remove ida-interact (#842) from GEF, entirely moved to GEF-Extras
    • 2022-06-19 bf959a3hugsy • Type hinting fixes - part 2 (#839)
    • 2022-06-19 0fcd20aDreg • keep x86 and x86_64 FLAGS Register when calls to mprotect. Added pushfd, popfd, pushfq, popfq instructions (#844)
    • 2022-06-20 f890579hugsymaster -> main (#845)
    • 2022-06-23 0100c7bhugsy • New abstraction class for fileformat, but defaults to GEF. This allows PE/MachO fileformat to be supported via gef-extras
    • 2022-06-23 1e8f55fDregprint-format and patch byte commands can work together (#843)
    • 2022-06-24 343cd23Dreg • Fix typo in patch byte help (#848)
    • 2022-06-24 5dd793dhugsy • :bug: fixes - moved prompt init after gef initial loading - added a __str__ for FileFormat - FileFormat also requires a section member
    • 2022-06-25 546f4b1hugsy • Better gef-remote : rewrite and add remote full support (#830)
    • 2022-06-25 9834252hugsy • Better gef-remote - part 2: Remote Qemu (#846)
    • 2022-06-26 09b2f13hugsy • Merge branch 'dev' into allow_new_file_format
    • 2022-06-26 a2a4bfahugsy • Minor update to unittest of print-format after #843 (#852)
    • 2022-06-26 d594eb3hugsy • Fix 850 (#851)
    • 2022-06-26 7925b0ahugsy • Merge branch 'dev' of github.com:hugsy/gef into allow_new_file_format
    • 2022-06-26 06f879ahugsy • [CI] Fixed missing import

    File diff

    .ci/mlc_config.json                           |     3 -
     .editorconfig                                 |    21 +
     .github/CONTRIBUTING.md                       |    10 +-
     .github/ISSUE_TEMPLATE/bug_report.md          |     2 +-
     .github/PULL_REQUEST_TEMPLATE.md              |    41 +-
     .github/workflows/discord-notify.yml          |    28 +-
     .github/workflows/docs-link-check.yml         |   Bin 367 -> 998 bytes
     .github/workflows/generate-docs.yml           |    32 +
     .github/workflows/run-tests.yml               |    17 +-
     .gitignore                                    |     3 +-
     .pylintrc                                     |   886 +
     .readthedocs.yml                              |     6 +-
     LICENSE                                       |     2 +-
     Makefile                                      |    45 +-
     README.md                                     |    70 +-
     docs/api.md                                   |   288 +-
     docs/api/gef.md                               | 22909 ++++++++++++++++++++++++
     docs/commands.md                              |    57 -
     docs/commands/assemble.md                     |    67 -
     docs/commands/capstone-disassemble.md         |    26 -
     docs/commands/checksec.md                     |     2 +-
     docs/commands/dereference.md                  |     6 +-
     docs/commands/gef-remote.md                   |   142 +-
     docs/commands/gef.md                          |    51 +-
     docs/commands/heap-analysis-helper.md         |     2 +-
     docs/commands/heap.md                         |    16 +-
     docs/commands/ida-interact.md                 |    53 -
     docs/commands/patch.md                        |     9 +
     docs/commands/pcustom.md                      |    66 +-
     docs/commands/print-format.md                 |    18 +-
     docs/commands/ropper.md                       |     9 -
     docs/commands/set-permission.md               |    51 -
     docs/commands/stub.md                         |     4 +-
     docs/commands/syscall-args.md                 |     6 +-
     docs/commands/trace-run.md                    |     8 +-
     docs/commands/unicorn-emulate.md              |    44 -
     docs/commands/vmmap.md                        |     2 +-
     docs/commands/xfiles.md                       |     2 +-
     docs/compat.md                                |    14 +
     docs/config.md                                |   109 +-
     docs/deprecated.md                            |    15 +
     docs/faq.md                                   |    80 +-
     docs/functions/base.md                        |    15 +
     docs/functions/bss.md                         |    15 +
     docs/functions/got.md                         |    15 +
     docs/functions/heap.md                        |    15 +
     docs/functions/stack.md                       |    16 +
     docs/index.md                                 |   154 +-
     docs/install.md                               |   171 +
     docs/obsolete/docs/index.md                   |     9 +
     docs/obsolete/mkdocs.yml                      |     6 +
     docs/obsolete/requirements.txt                |     1 +
     docs/requirements.txt                         |     3 +-
     docs/testing.md                               |   122 +
     gef.py                                        | 10252 +++++------
     mkdocs.yml                                    |   137 +-
     pytest.ini                                    |    15 +
     requirements.txt                              |     8 -
     scripts/gef-extras.sh                         |    21 +-
     scripts/gef.sh                                |    11 +-
     scripts/generate-api-docs.sh                  |    48 +
     scripts/ida_gef.py                            |   343 -
     scripts/new-release.py                        |     8 +-
     tests/__init__.py                             |     0
     tests/api/__init__.py                         |     0
     tests/api/deprecated.py                       |    36 +
     tests/api/gef_arch.py                         |    24 +
     tests/api/gef_heap.py                         |    79 +
     tests/api/gef_session.py                      |    42 +
     tests/api/misc.py                             |    71 +
     tests/binaries/Makefile                       |     4 +-
     tests/binaries/heap-bins.c                    |    18 +
     tests/binaries/pcustom.c                      |    33 +
     tests/binaries/syscall-args.c                 |    50 +
     tests/binaries/unicorn.c                      |    14 -
     tests/binaries/utils.h                        |     4 +
     tests/commands/__init__.py                    |     0
     tests/commands/aliases.py                     |    27 +
     tests/commands/aslr.py                        |    50 +
     tests/commands/canary.py                      |    18 +
     tests/commands/checksec.py                    |    30 +
     tests/commands/context.py                     |    16 +
     tests/commands/dereference.py                 |    23 +
     tests/commands/edit_flags.py                  |    52 +
     tests/commands/elf_info.py                    |    16 +
     tests/commands/entry_break.py                 |    19 +
     tests/commands/format_string_helper.py        |    22 +
     tests/commands/functions.py                   |    19 +
     tests/commands/gef.py                         |   122 +
     tests/commands/gef_remote.py                  |    40 +
     tests/commands/got.py                         |    32 +
     tests/commands/heap.py                        |   178 +
     tests/commands/heap_analysis.py               |    27 +
     tests/commands/hexdump.py                     |    26 +
     tests/commands/highlight.py                   |    29 +
     tests/commands/hijack_fd.py                   |    18 +
     tests/commands/ksymaddr.py                    |    19 +
     tests/commands/memory.py                      |    63 +
     tests/commands/name_break.py                  |    24 +
     tests/commands/nop.py                         |    67 +
     tests/commands/patch.py                       |    62 +
     tests/commands/pattern.py                     |    73 +
     tests/commands/pcustom.py                     |   108 +
     tests/commands/pie.py                         |    61 +
     tests/commands/print_format.py                |    40 +
     tests/commands/process_search.py              |    29 +
     tests/commands/process_status.py              |    22 +
     tests/commands/registers.py                   |    33 +
     tests/commands/reset_cache.py                 |    17 +
     tests/commands/scan.py                        |    24 +
     tests/commands/search_pattern.py              |    17 +
     tests/commands/shellcode.py                   |    41 +
     tests/commands/smart_eval.py                  |    23 +
     tests/commands/stub.py                        |    22 +
     tests/commands/syscall_args.py                |    89 +
     tests/commands/theme.py                       |    49 +
     tests/commands/trace_run.py                   |    24 +
     tests/commands/version.py                     |    18 +
     tests/commands/vmmap.py                       |    20 +
     tests/commands/xfiles.py                      |    17 +
     tests/commands/xinfo.py                       |    20 +
     tests/commands/xor_memory.py                  |    26 +
     tests/config/__init__.py                      |    23 +
     tests/functions/__init__.py                   |     0
     tests/functions/elf_sections.py               |    81 +
     tests/helpers.py                              |   161 -
     tests/perf/__init__.py                        |     0
     tests/perf/benchmark.py                       |    39 +
     tests/perf/context_times.sh                   |    32 +-
     tests/regressions/__init__.py                 |     0
     tests/regressions/registers_register_order.py |    43 +
     tests/requirements.txt                        |     5 +
     tests/run-remote.sh                           |    26 -
     tests/runtests.py                             |  1020 --
     tests/utils.py                                |   369 +
     135 files changed, 32446 insertions(+), 8107 deletions(-)
    
    Source code(tar.gz)
    Source code(zip)
    gef.py(380.84 KB)
  • 2022.01(Jan 30, 2022)

    Changelog: 2022.01 - Irritating Cookie

    Highlights of Irritating Cookie

    Important update: starting this release, GEF now requires GDB 8+ compiled with a Python 3.6+. If you cannot meet this requirements, you can still use previous versions of GEF, or also gef-legacy. Check out the compatibility matrix for more details.

    Major changes:

    • Internal code restructuring now exposes a bunch of new API via the gef namespace. See the API docs for complete reference
    • As a consequence, many existing functions available to gef and other plugins based on gef became obsolete and are now deprecated. Using those API will show a warning message in gef (which can be toggled off)
    • The Architecture base class has been reviewed and improved to allow new architectures to be (more) easily pluggable via a new decorator (@register_architecture)
    • Type hinting (with Python 3.6 compatibility) support, which makes the code globally more readable
    • Bunch of bugs squashed thanks to the type hinting
    • Taking advantage of Python 3.6 (again) allows to reduce code size by relying more on builtin Python classes
    • The pcustom command was entirely rewritten to allow external ctypes structures to be used by any other plugin or via the command line
    • More tests added, and the documentation updated.

    Contributors

    | Author | Number of commits | |:--|--:| | hugsy | 79| | theguy147 | 9| | Grazfather | 5| | mattadev | 1| | mh4ckt3mh4ckt1c4s | 1| | skysider | 1| | szotsaki | 1| | Teddy Heinen | 1| | Wyatt Neal | 1| | Zion | 1|

    Closed Issues

    Closed Pull Requests

    Commit details

    100 commits since 2021.10

    Commit log

    • 2021-10-22 b982f3chugsy • Fixed minor bug in new-release.py in the git shell command
    • 2021-10-22 83b4934hugsy • Update README.md
    • 2021-10-25 50231d9mh4ckt3mh4ckt1c4s • Fix typo in docs/api.md (#747)
    • 2021-10-31 c10b1e4hugsy • Update README.md
    • 2021-11-02 8fc0583skysider • add number arg for 'heap chunk' command (#745)
    • 2021-11-16 721ad4bmattadev • Use sha256 for gef_hash to quiet static analyzers (#751)
    • 2021-11-27 34a14bchugsy • Remove the assert on get_register (#754)
    • 2021-11-27 152bb0chugsy • fixed typo from #754
    • 2021-11-28 97ad7f7hugsy • [CI] Change test order
    • 2021-11-29 5b91420Teddy Heinen • add support for hex strings to print-format (#758)
    • 2021-12-03 add63datheguy147 • fix typo in GotBaseFunction docs (#761)
    • 2021-12-06 04f847bhugsy • Bound nb_argument when printing guessed arguments (fix #753) (#755)
    • 2021-12-06 702858chugsy • Remove final assert (#756)
    • 2021-12-06 3efb77bhugsy • Adds constants to gef.py for M68K support (in gef-extras) (#757)
    • 2021-12-11 d512ac9hugsy • Added @therealdreg to the sponsors list
    • 2021-12-11 1c9da33hugsy • Update README.md
    • 2021-12-11 d98ffb7Wyatt Neal • Fixes GEF installer bash script #762)
    • 2021-12-11 61782e4hugsy • [Refactor] Adds a global class Gef and instance gef that will be used to make the API simpler and more Pythonic. Also adds memory access (via gef.memory) and settings (via gef.config)
    • 2021-12-11 380412ehugsy • Added GEF compatibility matrix
    • 2021-12-13 cdfdf42hugsy • More changes to a more pythonic version - creates a GefHeapManager class - deprecates many functions to an equivalent more readable - made GlibcArena and GlibcChunk classes iterable
    • 2021-12-13 9f45be8hugsy • Fixed the heap (arena & chunk) iterators
    • 2021-12-13 e36152dhugsy • - Separate gef managers initialization - Add gef.session which includes many runtime info (.pagesize, .canary, .constants, etc.) - Add more docstrings - The GDB command objects are now in the namespace gef.gdb - Adjust some gef functions to check result - Make endian_str, gef_pagesize, gef_read_canary, set_gef_setting and get_gef_setting deprecated APIs
    • 2021-12-13 fbbcc3ahugsyget_memory_alignment() -> gef.arch.ptrsize
    • 2021-12-13 e709aebhugsy • Fixed heap.base_address
    • 2021-12-13 43a9920hugsyget_pid() -> gef.session.pid
    • 2021-12-13 5b20f3chugsy • Fixed canary command
    • 2021-12-13 87e6204hugsy • Fixed elf-info
    • 2021-12-13 52b0646hugsy • Fixed patch qword
    • 2021-12-13 d1aee83hugsy • CI passing w00t
    • 2021-12-13 1f62d53hugsy • test everything
    • 2021-12-13 7698f30hugsy • making linters happy
    • 2021-12-14 b9493f2hugsy • fixed GlibcArena.__eq__
    • 2021-12-15 a98dcb9hugsy • - get_register -> gef.arch.register() - new context manager for output redirection: RedirectOutputContext
    • 2021-12-15 321e104hugsy • added __str__ to Section
    • 2021-12-16 a7ab48etheguy147 • refactor: use Generators and Comprehension (#771)
    • 2021-12-16 f497bc8theguy147 • refactor: replace OSError aliases (#769)
    • 2021-12-25 08f4b28szotsaki • Update dereference.md (#773)
    • 2022-01-05 a697afdhugsy • use avatars for contributors and sponsors in readme and docs/index
    • 2022-01-07 8a27a38theguy147 • refactor: remove utf8 encoding declaration (#770)
    • 2022-01-07 4f6ab0chugsy • Added gef.memory.maps
    • 2022-01-07 d2f5f27hugsy • Merge branch 'gdb_8_py36_code_refactor' of github.com:hugsy/gef into gdb_8_py36_code_refactor
    • 2022-01-07 f0126cehugsy • added gef.session.qemu_mode and gef.session.remote
    • 2022-01-07 8262adchugsy • added a simple helper reset() that allows to entirely reset the gef session using pi reset()
    • 2022-01-07 0ee63e3hugsy__gef_redirect_output_fd__ -> gef.ui.redirect_fd
    • 2022-01-07 df129edhugsy • replaced __gef_int_stream_buffer__ -> gef.ui.stream_buffer
    • 2022-01-07 809c735hugsy • removed global __infos_files__ , was obsolete since we started using lru_cache
    • 2022-01-07 eb7312bhugsy__commands__ --> gef.session.commands
    • 2022-01-07 d83b239hugsyhighlight_table --> gef.ui.highlight_table
    • 2022-01-07 67df573hugsylibc_args_definitions --> gef.session.libc_args_definitions
    • 2022-01-07 93f2b15hugsy • restore commands & functions as globals
    • 2022-01-07 84b00f1hugsy • fixed typo in uimanager
    • 2022-01-07 4bcf19ahugsynew_objfile_handle doesn't need to re-init the managers since we already reset its cache
    • 2022-01-07 b0da3f8hugsy__watches__ -> gef.ui.watches
    • 2022-01-07 f08667bhugsy__context_messages__ -> gef.ui.context_messages
    • 2022-01-07 bf96176hugsy__gef_convenience_vars_index -> gef.session.convenience_vars_index
    • 2022-01-07 10a97c6hugsy • linting
    • 2022-01-07 ece1662hugsy • moved the last globals to gef.session
    • 2022-01-08 b95c4achugsy • making ptrsize static for x86 and x64
    • 2022-01-08 a04cd64hugsy • making ptrsize static for arm, arm64 and mips
    • 2022-01-08 6514ad3hugsy • restoring MIPS64
    • 2022-01-08 bca69dahugsy • hardcoding endianness for x86,64 and arm,64
    • 2022-01-08 32941adhugsy • added a class decorator to register architectures
    • 2022-01-08 d5a3bb6hugsy • changed path to pathlib.Path (#775) added test for download_file
    • 2022-01-08 64e3115hugsy • [arm] fix ptrsize caching
    • 2022-01-09 1a430d5theguy147 • refactor: add type hints (#774)
    • 2022-01-09 8de60ebhugsy • Merge branch 'gdb_8_py36_code_refactor' of github.com:hugsy/gef into gdb_8_py36_code_refactor
    • 2022-01-09 5f641bbhugsy • Replaced GEF_RC to a Path object (#775)
    • 2022-01-10 b653a6ehugsy • Automatically generating gef api (#776)
    • 2022-01-10 f7979f5hugsy • Markdown doc also shows if a function/class is deprecated (#776)
    • 2022-01-10 3179289hugsy • [docs] Partially fix hrefs in api/gef.md
    • 2022-01-10 c25f9c1hugsy • [gef] fixing glibc main arena calculation for arm [docs] @deprecated adds a note in the api doc
    • 2022-01-11 29a9925hugsy • [tests] fixed heap set-arena
    • 2022-01-11 adcc1d4hugsy • Fixed PPC specs URL
    • 2022-01-11 ad51825theguy147 • refactor: use f-strings across codebase (#768)
    • 2022-01-11 8ad0c4fhugsy • Fixed PPC specs URL
    • 2022-01-11 1683fcbhugsy • [docs] Fixed complete API link in api.md
    • 2022-01-11 bf70642hugsy • Merge branch 'dev' into gdb_8_py36_code_refactor
    • 2022-01-12 bdea715hugsy • first run of pr feedback
    • 2022-01-12 2975d5ftheguy147 • [CI] Add tests for heap bins(#780)
    • 2022-01-12 795f51chugsy • [docs] updating docs to stipulate the new minimum requirements for gef
    • 2022-01-12 b442af3hugsy • [elf] fixed duplicate SHT_NUM value
    • 2022-01-16 8ebd7b0hugsy • Apply suggestions from code review
    • 2022-01-16 fa28aa2hugsy • Removed debug info in FormatStringSearchCommand
    • 2022-01-16 e4a77aahugsy • - fixed heap CI failures (defered to #785) - minor type adjustments
    • 2022-01-16 5f31516Grazfather • Merge pull request #779 from hugsy/gdb_8_py36_code_refactor
    • 2022-01-17 9055b65Grazfather • tests: Make sure keystone and capstone tests fail with missing lib (#791)
    • 2022-01-17 599db81hugsy • Fixed bugs in GefSetting that prevented saved values to be loaded (#792)
    • 2022-01-18 67fccb5Zion • updated add_context_pane settings use (#796)
    • 2022-01-18 d162004Grazfather • Use https URLs where we can (#793)
    • 2022-01-18 9560041hugsy@deprecated warning display can be toggled off (#795)
    • 2022-01-20 c6909e1theguy147 • refactor: add missing py3.6 type hints (#797)
    • 2022-01-20 eaf9d11Grazfather • Variadic gef print (#789)
    • 2022-01-21 b4bffdchugsy • Update copyright year (#800)
    • 2022-01-25 779369fhugsy • Complete rewrite of pcustom command (#794)
    • 2022-01-25 364cf44hugsy • ELF class upgrades (#798)
    • 2022-01-27 58f2a2etheguy147 • fix: heap bins commands (#805)
    • 2022-01-29 65daadehugsy • - Regenerated API doc
    • 2022-01-29 a280cfeGrazfather • Re-add lru_cache to __get_register_for_selected_frame (#809)
    • 2022-01-30 545fa28hugsy • fixed theme : use the gef settings manager
    • 2022-01-30 8c8c838hugsy • - changed the try/except for gef restore to indicate which setting name is missing

    File diff

    .github/workflows/discord-notify.yml  |    28 +-
     .github/workflows/docs-link-check.yml |     9 +-
     .github/workflows/run-tests.yml       |     9 +-
     LICENSE                               |     2 +-
     README.md                             |    15 +-
     docs/api.md                           |   281 +-
     docs/api/gef.md                       | 23244 ++++++++++++++++++++++++++++++++
     docs/commands.md                      |     5 +-
     docs/commands/assemble.md             |     2 +-
     docs/commands/checksec.md             |     2 +-
     docs/commands/dereference.md          |     6 +-
     docs/commands/heap-analysis-helper.md |     2 +-
     docs/commands/heap.md                 |    16 +-
     docs/commands/print-format.md         |     5 +-
     docs/commands/stub.md                 |     4 +-
     docs/commands/syscall-args.md         |     6 +-
     docs/commands/trace-run.md            |     6 +-
     docs/commands/vmmap.md                |     2 +-
     docs/commands/xfiles.md               |     2 +-
     docs/compat.md                        |    14 +
     docs/config.md                        |     5 +-
     docs/faq.md                           |    41 +-
     docs/index.md                         |    18 +-
     gef.py                                |  7837 +++++------
     mkdocs.yml                            |     1 +
     scripts/gef.sh                        |     3 +
     scripts/generate-api-docs.sh          |    48 +
     scripts/new-release.py                |     8 +-
     tests/binaries/Makefile               |     2 +
     tests/binaries/heap-bins.c            |    18 +
     tests/binaries/pcustom.c              |    33 +
     tests/helpers.py                      |    28 +
     tests/runtests.py                     |   198 +-
     33 files changed, 27740 insertions(+), 4160 deletions(-)
    

    New Contributors

    • @mh4ckt3mh4ckt1c4s made their first contribution in https://github.com/hugsy/gef/pull/747
    • @skysider made their first contribution in https://github.com/hugsy/gef/pull/745
    • @mattadev made their first contribution in https://github.com/hugsy/gef/pull/751
    • @tcheinen made their first contribution in https://github.com/hugsy/gef/pull/758
    • @wyattearp made their first contribution in https://github.com/hugsy/gef/pull/762
    • @szotsaki made their first contribution in https://github.com/hugsy/gef/pull/773

    Full Changelog: https://github.com/hugsy/gef/compare/2021.10...2022.01

    Source code(tar.gz)
    Source code(zip)
  • 2021.10(Oct 17, 2021)

    Changelog: 2021.10 - Royal Kill

    Highlights of Royal Kill

    • 93 commits, 5 Issues & 25 PRs closed
    • Massive background re-work by @theguy147 , which includes (but not limited):
      • Better and more CI tests
      • Code coverage
      • Documentation refreshing
    • The elf-info command was entirely rewrote (@Kileak) elf-info
    • GEF now supports custom context panes (thanks to @mahaloz ) which allow to create custom (external) commands, and have them displayed as part of the break context
    • Heap stuff: heap chunks can now also display chunks in any/all arenas, fixed alignment issues (@theguy147 ) heap-stuff
    • Fixed many bugs in unicorn-emulate and capstone-disassemble commands (@theguy147 ) - with better CI to detect failures faster unicorn
    • Thanks to donations the CI has been massively improved for picking bugs quickly and in a cross-platform manner
      • CI - runner AARCH64 CI - runner AARCH64
      • CI - runner ARMv7 CI - runner ARMv7
    • And a lot more...

    Contributors

    | Author | Number of commits | |:--|--:| | theguy |37 | | hugsy |31 | | Grazfather |7 | | Zion |5 | | Ammar Faizi |3 | | Kileak |2 | | CptGibbon |1 | | irontigran |1 | | plop |1 | | RafaelLeeImg |1 | | Simon Segars |1 |

    Closed Issues

    Closed Pull Requests

    Commit details

    93 commits since 2021.07

    Commit log

    • 2021-07-05 65a8ccfhugsy • improved the new-release script, now in python, and polls some data directly from github
    • 2021-07-05 f1d3e38hugsy • removed old release script
    • 2021-07-06 5eb3b24Ammar Faizi • x86-64: Preserve RCX and R11 when calling mprotect_asm (syscall)
    • 2021-07-07 a2b93a7Ammar Faizi • search-pattern: Don't stop searching when read_memory fails
    • 2021-07-07 593b5d3Ammar Faizi • test set-permission: Improve the test case
    • 2021-07-17 1e52006hugsy • Multiple fixes: - fixed syntax error in discord-notify - updated new-release.py to include stats of code addition/removal - added credit for gef logo in docs/index.md
    • 2021-07-22 e9614abtheguy • fix python version in unicorn-emulate
    • 2021-07-22 590f2b9theguy • remove pip2 instructions from documentation
    • 2021-07-22 57d8450theguy147 • dereference: add option to use reference address for offset calculation (#676)
    • 2021-07-23 a5ddc67theguy • use PYTHONBIN across the source
    • 2021-07-23 c8dca47hugsy • Merge pull request #678 from theguy147/py3
    • 2021-07-23 7e3bb6fhugsy • marked ida-interact as obsolete, will be replaced soon
    • 2021-07-26 0b6d816Grazfather • Make docs install instructions match readme
    • 2021-07-26 296f9f2hugsy • Merge branch 'dev' of github.com:hugsy/gef into dev
    • 2021-07-26 f5e8cebhugsy • [docs] Fixing #680 : auto install scripts don't use sh anymore but bash
    • 2021-07-26 48a9fd7Grazfather • Update config & index docs
    • 2021-07-28 880f8b8theguy147 • Fix memory watch to use new argparse syntax of hexdump cmd (#684)
    • 2021-07-28 8cb298btheguy147 • Add git blob hash to version cmd (#683)
    • 2021-07-28 77889d8theguy147 • fix typo in version docs (#688)
    • 2021-07-31 29cc794theguy • memory watch unit tests for checking memory content
    • 2021-07-31 a8addf5theguy • fix size argument for hexdump cmd
    • 2021-07-31 44b00a8theguy • Fixed typo in pull request template
    • 2021-07-31 dddb7bftheguy • Fix heap commands when the glibc arena has not set all expected members
    • 2021-07-31 f25ba5fGrazfather • Fix syntax for ASLR
    • 2021-07-31 90c4634Grazfather • Fix docs for patch (aliases in gef-extras)
    • 2021-07-31 c21fe01Grazfather • Fix docs for 'memory'
    • 2021-07-31 04408d2Grazfather • nop: Fix default arg and docs
    • 2021-08-03 11bd6a7theguy • Mimic glibc's MALLOC_ALIGNMENT for heap chunks
    • 2021-08-03 477086etheguy • Fix usage of wrong var in output
    • 2021-08-03 c590f71theguy • Allow unaligned heap chunks as option
    • 2021-08-04 2a47ff8theguy • Add optional flags to disable auto-alignment of heap chunks
    • 2021-08-04 d5e958atheguy • Update heap cmd docs
    • 2021-08-03 2517616hugsy • Update discord-notify.yml
    • 2021-08-06 ec114a6hugsy • [doc] Updated print-format.md
    • 2021-08-07 b33316atheguy • Change 'LOCATION' to 'address'
    • 2021-08-10 8ed91f6hugsy • Merge pull request #696 from hugsy/fix_nop
    • 2021-08-10 ea5ecffhugsy • Update nop.md
    • 2021-08-10 0b7c616hugsy • Merge pull request #697 from theguy147/heap-malloc-align
    • 2021-08-11 05520e2Simon Segars • gef.sh: check if cURL or wget exist on the system
    • 2021-08-15 5a9b2a2theguy147 • Fix gef-remote: retrieve pid of inferior process after having connected to target (#686)
    • 2021-08-21 e152a34hugsy • Merge pull request #700 from BadSugar/ubuntu_fix_gef_sh
    • 2021-08-21 1ca68c4hugsy • Unittest: - added test for gef_get_auxiliary_values - added test for gef_convenience - fixed test for memory_watch
    • 2021-08-21 4554aa0hugsy • Added a new decorator only_if_current_arch_in and its doc
    • 2021-08-21 76c060fhugsy • Added unittest for parse_address
    • 2021-08-21 2fb1b10hugsy • Update run-tests.yml
    • 2021-08-21 90d2c8chugsy • Fixed test of test_cmd_memory_watch: no need for scanf, which makes testing more hazardous
    • 2021-08-23 dcfa6f2theguy147 • Fix capstone-disassemble command and documentation (#695)
    • 2021-08-23 6300e75theguy147 • Fix assemble command including docs and tests (#694)
    • 2021-08-24 5e5c638theguy147 • Update break commands (#702)
    • 2021-08-25 4f9bd61hugsy • [ci] added ubuntu-18.04 to the list of CI targets
    • 2021-08-25 b56e8cchugsy • [ci] added ubuntu-18.04 to the list of CI targets (duh)
    • 2021-08-25 5beef62hugsy • [ci] in test bins, replaced int3 with __builtin_trap()
    • 2021-08-25 c942736hugsy • followup on 4f9bd616238a
    • 2021-08-25 00bb124hugsy • [ci] added decorators to include/exclude test for specific architecture(s)
    • 2021-09-02 169e6e6plop • fix typo in search-pattern help (#705)
    • 2021-09-04 c4a4f58theguy147 • Fix name-break address parsing (#708)
    • 2021-09-05 8c5abfcKileak • Fix namebreak and add additional unit tests (#710)
    • 2021-09-05 139830fhugsy • 📕 adding new sponsors on readme
    • 2021-09-05 0bc68bbhugsy • 📕 fixed xinfo screenshot
    • 2021-09-07 1f208cctheguy147 • Update docs for several commands (#703)
    • 2021-09-07 f02e9aetheguy147 • Update and fix heap command (#701)
    • 2021-09-07 f1ffad0theguy147 • Add test for gef-remote cmd (#712)
    • 2021-09-08 620ca60CptGibbon • Correct have_fastchunks arena adjustment (#704)
    • 2021-09-08 3bc42eftheguy147 • Fix unicorn-emulate cmd (#713)
    • 2021-09-11 3fc237ctheguy147 • Fix 'heap chunks' command for non-main arenas (#706) (#709)
    • 2021-09-14 90ffa6bhugsy • Use pytest on top of unittest to allow multi-proc execution (#714)
    • 2021-09-15 44c12c6RafaelLeeImg • Fix error where breakpoint.location is None (#715)
    • 2021-09-19 f37d0ffKileak • Backport Elf / ElfInfoCommand updates (#717)
    • 2021-09-20 1c80677theguy147 • Fix error on help (#721)
    • 2021-09-20 11a68a2theguy147 • Fix heap chunks cmd for multiple heaps per arena (#716)
    • 2021-09-21 915ff91hugsy • Configuration for the stale bot (#718)
    • 2021-09-21 860facfirontigran • Add test for printing chunks with multiple heaps (#711)
    • 2021-09-21 f5df117theguy147 • Add feature to print heap chunks of all arenas (#722)
    • 2021-09-21 1df157etheguy147 • refactor: use parse_address whenever appropriate (#723)
    • 2021-09-24 143e60ahugsy • Adding unit tests for non-x86 architectures (#720)
    • 2021-09-25 6400ef7Grazfather • CI: Lint: Add more linters to test files (#725)
    • 2021-09-26 55f9090hugsy • [ci] adjusted heap-multiple-heaps to use the universal DebugBreak so non x86 test can successfully be triggered
    • 2021-09-27 3b0d9daZion • Support for custom contexts in ContextCommand (#727)
    • 2021-09-29 a4a9033hugsy • [CI] Use Actions to check URL links in the documentation (#731)
    • 2021-09-29 5baa128Zion • Allow empty context titles (#732)
    • 2021-09-30 970a6d3theguy147 • fix: cleanly close opened files (#737)
    • 2021-09-30 5ecaadbtheguy147 • Review (#733)
    • 2021-10-02 fac4e7dtheguy147 • fix: DeprecationWarning for unicode-escape decoding (#736)
    • 2021-10-08 467273ftheguy147 • fix: create tempdir before first usage (#740)
    • 2021-10-08 078ce33theguy147 • feat: allow tests to be run in other places than /tmp (#739)
    • 2021-10-10 ed413d1theguy147 • feat: measure coverage (#738)
    • 2021-10-13 8719457Zion • Fix a max() call on None in print_guessed_arguments (#742)
    • 2021-10-13 48ed480Zion • Resolve Context Trace Symbols (#743)
    • 2021-10-13 5c2fe28Zion • add thread symbol resolving like traces (#744)
    • 2021-10-14 2becf7bhugsy • Update docs/requirements.txt
    • 2021-10-16 63ffc67hugsy • Fixed a few bugs and added minor improvements to scripts/new-release.py
    • 2021-10-16 8074f88hugsy • Merge fix
    • 2021-10-16 278e84dhugsy • Merge branch 'master' into dev

    File diff

     .ci/mlc_config.json                   |    3 +
     .github/PULL_REQUEST_TEMPLATE.md      |    2 +-
     .github/stale.yml                     |   25 ++
     .github/workflows/discord-notify.yml  |   10 +-
     .github/workflows/docs-link-check.yml |   16 ++
     .github/workflows/run-tests.yml       |   23 +-
     .gitignore                            |    5 +-
     Makefile                              |   58 +++--
     README.md                             |    4 +-
     docs/api.md                           |  154 +++++++++--
     docs/commands.md                      |   90 +++----
     docs/commands/aliases.md              |    4 +-
     docs/commands/assemble.md             |   62 ++++-
     docs/commands/capstone-disassemble.md |   12 +-
     docs/commands/context.md              |   12 +
     docs/commands/dereference.md          |   21 +-
     docs/commands/elf-info.md             |   57 ++++-
     docs/commands/functions.md            |   33 ++-
     docs/commands/gef-remote.md           |   48 ++--
     docs/commands/heap-analysis-helper.md |    2 +
     docs/commands/heap.md                 |   77 +++---
     docs/commands/help.md                 |    8 +-
     docs/commands/hexdump.md              |   46 ++--
     docs/commands/ida-interact.md         |    3 +-
     docs/commands/ksymaddr.md             |    4 +
     docs/commands/memory.md               |    4 +-
     docs/commands/name-break.md           |   14 +-
     docs/commands/nop.md                  |    9 +-
     docs/commands/patch.md                |    8 +-
     docs/commands/pattern.md              |   48 ++--
     docs/commands/pie.md                  |   74 +++---
     docs/commands/print-format.md         |   18 +-
     docs/commands/process-search.md       |   27 +-
     docs/commands/process-status.md       |    2 +-
     docs/commands/registers.md            |   20 +-
     docs/commands/reset-cache.md          |    5 +-
     docs/commands/scan.md                 |   25 +-
     docs/commands/set-permission.md       |   25 +-
     docs/commands/stub.md                 |   12 +-
     docs/commands/tmux-setup.md           |   16 +-
     docs/commands/unicorn-emulate.md      |   36 +--
     docs/commands/version.md              |   36 +++
     docs/commands/vmmap.md                |    2 +-
     docs/commands/xinfo.md                |    2 +-
     docs/config.md                        |   38 ++-
     docs/faq.md                           |    5 +-
     docs/index.md                         |   81 +++---
     docs/requirements.txt                 |    2 +-
     docs/screenshots.md                   |   24 +-
     gef.py                                | 1436 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------------------------
     mkdocs.yml                            |    1 +
     requirements.txt                      |    3 +
     scripts/gef.sh                        |   35 ++-
     scripts/new-release.py                |  145 +++++++++++
     scripts/new-release.sh                |   13 -
     tests/binaries/Makefile               |   10 +-
     tests/binaries/bss.c                  |    3 +-
     tests/binaries/heap-fastbins.c        |   34 +--
     tests/binaries/heap-multiple-heaps.c  |   54 ++++
     tests/binaries/heap-non-main.c        |    3 +-
     tests/binaries/heap-tcache.c          |    3 +-
     tests/binaries/heap.c                 |    6 +-
     tests/binaries/memwatch.c             |   12 +
     tests/binaries/nested.c               |    3 +-
     tests/binaries/nested2.c              |    3 +-
     tests/binaries/set-permission.c       |    4 +-
     tests/binaries/unicorn.c              |   14 +
     tests/binaries/utils.h                |   44 ++++
     tests/helpers.py                      |  158 ++++++++----
     tests/runtests.py                     |  569 +++++++++++++++++++++++++++++++----------
     70 files changed, 2832 insertions(+), 1033 deletions(-)
    
    Source code(tar.gz)
    Source code(zip)
  • 2021.07(Jul 6, 2021)

    Changelog: 2021.07 - Impractical Information

    Highlights of Impractical Information

    • New unified command argument parser
    • Better aliasing (thanks @hoefler02)
    • More documentation (thanks @plan-do-break-fix )
    • Updated the pattern command to strictly follow its usage in pwntools
    • Bug fixes in AARCH64 (thanks @borismol )
    • Improved CI & CD (Actions, Pylint, regressions)
    • Bug fix in heap bin tcache for multi-threaded execution (thanks @irontigran )
    • Started moving support for IDA/Binary Ninja interface to gef-extras, by leveraging rpyc
    • Removed more Python2 legacy code

    Contributors

    | Name | Number of commits | |--|--| | Boris Molodenkov | 6 | | Grazfather | 4 | | hugsy | 79 | | Jacob Heybey | 1 | | Jeffrey Swan | 1 | | Michael Hoefler | 14 | | Simon Wörner | 1 |

    Closed Issues

    Closed Pull Requests

    Commit details

    106 commits since 2021.04

    Commits

    • 2021-04-07 013ba5eMichael Hoefler • Added alias options: add, remove, list
    • 2021-04-07 3477d39Michael Hoefler • fixed typo
    • 2021-04-12 29368d0Michael Hoefler • subcommands / tab completion
    • 2021-04-12 46b24aaMichael Hoefler • clearer code
    • 2021-04-12 1cb15f4Michael Hoefler • update docs for aliases command
    • 2021-04-14 df34985Michael Hoefler • suggested changes
    • 2021-04-14 908db30Michael Hoefler • unit test
    • 2021-04-16 0ad5f99Jacob Heybey • Upgrade the tcache command to work for all threads
    • 2021-04-28 5ff0bdcJeffrey Swan • Fix some typos in the docs
    • 2021-05-18 2479d6aGrazfather • ida_gef: Add api map for DelBpt
    • 2021-05-21 4ae9dbbSimon Wörner • fix address underflow on disassemble (#652)
    • 2021-06-05 c032bf6Boris Molodenkov • Fix aarch64 tbz, tbnz, cbz and cbnz instructions estimation
    • 2021-06-06 fac0fb4Michael Hoefler • minor changes
    • 2021-06-07 03bb804Michael Hoefler • remove automatic saves
    • 2021-06-08 aa38365hugsy • implemented argparsing using argparse, applied on unicorn-emulate
    • 2021-06-08 0f7a5e5Michael Hoefler • fix alias tests
    • 2021-06-09 bd8e338hugsy • * improved command argparsing * ported a few functions to use it * updated unit tests to reflect the syntax change
    • 2021-06-09 08946bdhugsy • - switched emulate to use the new argparser
    • 2021-06-09 34b15d6hugsy • implemented argparsing using argparse, applied on unicorn-emulate
    • 2021-06-09 6482690hugsy • * improved command argparsing * ported a few functions to use it * updated unit tests to reflect the syntax change
    • 2021-06-09 2892d15hugsy • - switched emulate to use the new argparser
    • 2021-06-09 0b503b5hugsy • merge fix
    • 2021-06-10 bd65e81hugsy • [argparse] allowing positional arguments to pass default values as list
    • 2021-06-11 d6fd038hugsy • New addition for #659 : - added pattern command - changed the default period to 4 for better compat with pwntools (fixed #658) - updated unit tests
    • 2021-06-12 bbe84dbhugsy • Added argparsing support and unit test for processlisting (#659)
    • 2021-06-12 782dd88hugsy • - added RemoteCommand for argparsing (#659) - fixed ArgumentParser prog name (#659)
    • 2021-06-14 2ed2373Michael Hoefler • gef command documentation
    • 2021-06-14 9e27f9eMichael Hoefler • fix period
    • 2021-06-15 d0a01daMichael Hoefler • gef subcommand documentation
    • 2021-06-15 50ea000Michael Hoefler • fixes + line wrapping
    • 2021-06-20 5d167f8hugsy • * Addresses most of the concerns raised in the review of PR #661 * Added the possibility to use short flags * Updated the documentation to provide relevant examples
    • 2021-06-20 7e47e8fhugsy • Updated example of print-format to reflect short flag
    • 2021-06-20 f52183fhugsy • [printf-format] fixed incorrect syntax
    • 2021-06-20 eda454bhugsy • Doc: added an example for parse_arguments to illustrate how to use positional arguments with a list of option (as suggested in #661)
    • 2021-06-21 abe837ehugsy • Making @Grazfather happy again 😀(issue #661)
    • 2021-06-22 9f9b9b9hugsy • [copy_to_clipboard] using context (see #661)
    • 2021-06-22 202a185hugsy • Fixed issue #664 : adding an acknowledgement section to project sponsors
    • 2021-06-22 7e62ddahugsy • [gef-remote] fixed missing incorrect option name
    • 2021-06-22 a652786hugsy • [capstone-disassemble] using new argparsing (see ##661)
    • 2021-06-22 5f5ba01hugsy • [registers] using new argparsing (issue #661)
    • 2021-06-22 c5644b1hugsy • [elf-info] using new argparsing (issue #661)
    • 2021-06-22 9ffe5cdhugsy • [name-break] using new argparsing (issue #661)
    • 2021-06-22 e38f7ddhugsy • [hexdump] using new argparsing (issue #661)
    • 2021-06-22 556aa92hugsy • [patch] using new argparsing (issue #661)
    • 2021-06-23 4661f81hugsy • [discord-notify] using embeds to make things more explicit, bumped to 0.3.2
    • 2021-06-24 a6d2bafhugsy • [discord-notify] fixed json typo + removed unsupported hyperlink
    • 2021-06-24 b335d3dhugsy • [discord-notify] better formatting using embeds
    • 2021-06-24 de053b8hugsy • [discord-notify] fixed typo
    • 2021-06-24 6acab61hugsy • [discord-notify] fixed syntax error
    • 2021-06-24 417f7b0hugsy • [discord-notify] using the proper syntax for Ilshidur/action-discord
    • 2021-06-24 71dbaddhugsy • [discord-notify] typo
    • 2021-06-25 762e73dBoris Molodenkov • Restore selected frame after context_threads
    • 2021-06-24 7b2a0a2hugsy • [discord-notify] bye bye trash Ilshidur/action-discord , hello sarisia/actions-status-discord
    • 2021-06-24 8b04ca3hugsy • [discord-notify] syntax
    • 2021-06-24 847949bhugsy • [discord-notify] last touch
    • 2021-06-24 ba88941hugsy • [discord-notify] last touch
    • 2021-06-25 ee3564ahugsy • [discord-notify] fixed syntax error in issue notification
    • 2021-06-26 0749012Boris Molodenkov • Fix incorrect lru_cache usage
    • 2021-06-26 ac545fehugsy • [ci] caching libs for test runs - #660
    • 2021-06-26 527b840hugsy • [ci] better jobs splitting - #660
    • 2021-06-26 e83dafchugsy • [ci] fixed yaml syntax error - #660
    • 2021-06-27 75223e5Boris Molodenkov • Fix frame level in context_trace and highlight selected frame
    • 2021-06-28 cdb4896Boris Molodenkov • Fix context regs order (#670)
    • 2021-06-30 15ffa33hugsy • Improvement of get_register after #669 to restore some decent level of caching
    • 2021-06-30 cbaf9d7hugsy • Merge branch 'dev' of github.com:hugsy/gef into dev
    • 2021-06-30 42c7e51hugsy • added regression tests for the PRs #670 and #668
    • 2021-06-30 62b7a04hugsy • added regression tests for the PRs #670 and #668
    • 2021-06-30 1e9b7dehugsy • removed useless todo
    • 2021-06-30 686ff82hugsy • fixed pylint
    • 2021-07-01 39503dfhugsy • turn pylint into something actionable
    • 2021-07-01 4d4a813hugsy • minor pylint suggested improvements
    • 2021-07-01 ee81a62hugsy • minor pylint fixes (no-space-after-comma)
    • 2021-07-01 42d524chugsy • [pylint] add missing-import exceptions
    • 2021-07-01 05d244fhugsy • [actions] fixing gh action cache
    • 2021-07-01 6ba3867hugsy • [actions] fixed missing path for gh action cache
    • 2021-07-01 185fa0chugsy • [actions] fixed bad archive path
    • 2021-07-01 2b5bb29hugsy • [actions] caching is hard
    • 2021-07-01 5fb2e90hugsy • adding parse_arguments for pie * commands (#659)
    • 2021-07-03 c9b0bdahugsy • Merge branch 'dev' of github.com:hugsy/gef into dev
    • 2021-07-03 ab0edc5hugsy • [ci] Fixed a bug inrun-test.yml that prevented cache to be correctly collected
    • 2021-07-05 7d1ab00Boris Molodenkov • Add missing aarch64 condition codes (#671)
    • 2021-07-05 80c768aGrazfather • Remove more python2-specific stuff
    • 2021-07-05 e95b072Grazfather • Fix caching in CI tests
    Source code(tar.gz)
    Source code(zip)
  • 2021.04(Apr 11, 2021)

    April 2021 Release with improvements that include:

    • better performance by improving caching system
    • better Qemu-user support
    • made the code more Python3 friendly
    • some UI improvements

    Enjoy 🍻

    Source code(tar.gz)
    Source code(zip)
  • 2021.01(Jan 23, 2021)

  • 2020.06(Jun 14, 2020)

    Incomparable Evil

    Features / improvements:

    • Glibc 2.32 heap safe linking support added
    • pcustom: now supports recursive structure
    • Rewrite of gef-binja, and is now a plugin available from the Binary Ninja Plugin Store

    And as usual many fixes, ~60 commits, 3 new committers, etc. etc.

    Enjoy 🍻!

    Source code(tar.gz)
    Source code(zip)
    gef.py(348.23 KB)
  • 2020.03-1(Mar 9, 2020)

  • 2020.03(Mar 1, 2020)

    GEF - v2020.03 - Pythonic Apocalypse

    This release marks a special milestone, as Python 2 officially becomes unsupported by GEF. The main reason behind this change after 7 (!!) years of both Python 2 and 3 support is of course the fact that Python 2 has become officially unsupported since January 1st, 2020.

    This release therefore reflects the change, by making the code lighter (and faster) due to the removal of the compatibility layer. Functionally speaking, if you're already a GDB+Py3 users nothing will change for you.

    For those poor souls still obliged to use GDB + Python2 several options are open for you:

    • use the GEF remote debugging functionality to connect to your target from a GDB+Py3 client
    • use GEF-Legacy
    • just give up and enjoy a good beer.

    In addition to make GEF even cooler (especially for those who've never tried it), here are some cool goodies:

    • we are opening today a live demo environment. Young but functional locked-down environment, this will allow you to try GEF functionalities on a simple x64 ELF binaries. The credentials are gef/gef-demo.
    • this was made possible by some people asking for a Docker GEF and also a very simple Bash script that will prepare for you a nice GoTTY web shell with GEF running in it. You can now try GEF and learn debugging / pwning in literally 2 command lines.

    As usual, we hope you enjoy the changes and fixes, and feel free to drop by our IRC channel to say hi, ask questions, share cool tricks, or even just say thanks (believe or not, it does go a long way to keep us motivated to continue).

    Have fun, and happy debugging!

    🍻 🍻 🍻

    Source code(tar.gz)
    Source code(zip)
  • 2019.04(Apr 8, 2019)

    GEF - v2019.04 - Moral Police

    GEF-(Gray)

    What changed ?

    Not much, mostly code improvements, bug fixes.

    Quick stats

    • 62 commits
      • 23 hugsy
      • 10 Grazfather
      • 6 William Bowling
      • 6 daniellimws
      • 4 Daniel Lim Wee Soong
      • 4 Reagan Kirby
      • 3 Luke Biery
      • 1 HexRabbit
      • 1 Kileak
      • 1 Maxim Ivanov
      • 1 Vita Pluvia
      • 1 degrigis
      • 1 waveburst
    • 24 files changed, 973 insertions(+), 188 deletions(-)

    And a new logo (thanks to Pedro "TheZakMan" Araujo) !

    Enjoy

    :beers: :beers: :beers:

    Source code(tar.gz)
    Source code(zip)
  • 2018.10(Oct 29, 2018)

    GEF - v2018.10 - Silurian Seeker

    Contributors

    This new release is the result of almost 5 months of hard work. So I'll just start by thanking those who made the projects alive: GEF reaches 29 contributors and a special thanks goes to:

    The first timer(s):

    The regular(s):

    And the legendary

    If you like gef and meet one of those person, feel free to buy them a beer 🍺

    New features

    • Support for RISC-V architecture (@dlrobertson )
    • Brand new skin, designed by our own @Grazfather
    • New command print-format
    • New convenience variables / functions ($_pie , $_heap) by @wbowling
    • Better AARCH64 support
    • All command outputs are now buffered, so less IO, more perf
    • "Repeatable" commands are in
    • PyEnvsupport (@hazedic)
    • Ditched Travis-CI for Circle-CI
    • Glibc Tcache bins support
    • Colorized hexdump byte (pwntools-like)

    Changelog

    With about 1100 lines changed, the

    • Bugfix in x86 EFLAGS parsing
    • Better and more unit tests
    • More caching (on key functions, settings, etc.)
    • Fixed the doc
    • (ARM) Auto. adjust GEF mode from cspr flag
    • Bugfix in capstone integration
    • Fixed minor issues in format-string-helper
    • Fixed IDA integration, thx @cclauss
    • And more minor bugfixes, and speed improvement

    The future

    GEF will progressively stops supporting GDB+Python2, since Python2 is due to die soon anyway.

    Source code(tar.gz)
    Source code(zip)
  • 2018.04(Apr 3, 2018)

    New features:

    • A new dedicated repository for external scripts gef-extras is now free for all to use and contribute!
    • GEF (finally) displays arguments when hitting function call instructions (see the context documentation for more details)
    • Improved heap-analysis and heap commands
    • More customizable via the theme command
    • Documentation was clarified
    • About 25-40% faster (use of more Pythonic structure and more caching of frequently used functions) !!
    • And as usual, plenty of bug fixed (see git log)

    Huge thanks to the contributors:

    :beers: :beers: :beers:

    Source code(tar.gz)
    Source code(zip)
  • 2018.02(Feb 23, 2018)

Owner
hugsy
Yet another crazy rabbidz (Discord: hugsy#0766)
hugsy
GDB plugin for streaming defmt messages over RTT from e.g. JLinkGDBServer

Defmt RTT plugin from GDB This small plugin runs defmt-print on the RTT stream produced by JLinkGDBServer, so that you can see the defmt logs in the G

Gaute Hope 1 Dec 30, 2021
Debugging manhole for python applications.

Overview docs tests package Manhole is in-process service that will accept unix domain socket connections and present the stacktraces for all threads

Ionel Cristian Mărieș 332 Dec 7, 2022
A toolbar overlay for debugging Flask applications

Flask Debug-toolbar This is a port of the excellent django-debug-toolbar for Flask applications. Installation Installing is simple with pip: $ pip ins

null 863 Dec 29, 2022
Never use print for debugging again

PySnooper - Never use print for debugging again PySnooper is a poor man's debugger. If you've used Bash, it's like set -x for Python, except it's fanc

Ram Rachum 15.5k Jan 1, 2023
A powerful set of Python debugging tools, based on PySnooper

snoop snoop is a powerful set of Python debugging tools. It's primarily meant to be a more featureful and refined version of PySnooper. It also includ

Alex Hall 874 Jan 8, 2023
Cyberbrain: Python debugging, redefined.

Cyberbrain1(电子脑) aims to free programmers from debugging.

laike9m 2.3k Jan 7, 2023
VizTracer is a low-overhead logging/debugging/profiling tool that can trace and visualize your python code execution.

VizTracer is a low-overhead logging/debugging/profiling tool that can trace and visualize your python code execution.

null 2.8k Jan 8, 2023
A package containing a lot of useful utilities for Python developing and debugging.

Vpack A package containing a lot of useful utilities for Python developing and debugging. Features Sigview: press Ctrl+C to print the current stack in

volltin 16 Aug 18, 2022
A web-based visualization and debugging platform for NuPIC

Cerebro 2 A web-based visualization and debugging platform for NuPIC. Usage Set up cerebro2.server to export your model state. Then, run: cd static py

Numenta 24 Oct 13, 2021
Hypothesis debugging with vscode

Hypothesis debugging with vscode

Oliver Mannion 0 Feb 9, 2022
Fully Automated YouTube Channel ▶️with Added Extra Features.

Fully Automated Youtube Channel ▒█▀▀█ █▀▀█ ▀▀█▀▀ ▀▀█▀▀ █░░█ █▀▀▄ █▀▀ █▀▀█ ▒█▀▀▄ █░░█ ░░█░░ ░▒█░░ █░░█ █▀▀▄ █▀▀ █▄▄▀ ▒█▄▄█ ▀▀▀▀ ░░▀░░ ░▒█░░ ░▀▀▀ ▀▀▀░

sam-sepiol 249 Jan 2, 2023
AnonStress-Stored-XSS-Exploit - An exploit and demonstration on how to exploit a Stored XSS vulnerability in anonstress

AnonStress Stored XSS Exploit An exploit and demonstration on how to exploit a S

صلى الله على محمد وآله 3 Jun 22, 2022
Qt-creator-boost-debugging-helper - Qt Creator Debugging Helper for Boost Library

Go to Tools > Options > Debugger > Locals & Expressions. Paste the script path t

Dmitry Bravikov 2 Apr 22, 2022
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games.

PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games. However, it can be used for any reverse-engi

Korcan Karaokçu 1.5k Jan 1, 2023
A Trace Explorer for Reverse Engineers

Tenet - A Trace Explorer for Reverse Engineers Overview Tenet is an IDA Pro plugin for exploring execution traces. The goal of this plugin is to provi

null 1k Jan 2, 2023
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

neeraj 95 Dec 26, 2022
ScanTailor Advanced is the version that merges the features of the ScanTailor Featured and ScanTailor Enhanced versions, brings new ones and fixes.

ScanTailor Advanced The ScanTailor version that merges the features of the ScanTailor Featured and ScanTailor Enhanced versions, brings new ones and f

null 952 Dec 31, 2022
Discord-Lite - A light weight discord client written in Python, for developers, by developers.

Discord-Lite - A light weight discord client written in Python, for developers, by developers.

Sachit 142 Jan 7, 2023
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Log4Shell RCE Exploit fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP

null 258 Jan 2, 2023