Rearranged the Registers for the gdbstub

Wenzel / pyvmidbg

LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger

GNU General Public License v3.0

217 stars 25 forks source link

Rearranged the Registers for the gdbstub #29

Closed pwnosaur closed 4 years ago

pwnosaur commented 4 years ago

The gdb stub requires the registers to be sent in a specific order.

‘eax’ through ‘edi’ plus ‘eip’ for i386

‘rax’ through ‘r15’ plus ‘rip’ for amd64

‘eflags’, ‘cs’, ‘ss’, ‘ds’, ‘es’, ‘fs’, ‘gs’

‘st0’ through ‘st7’

‘fctrl’, ‘fstat’, ‘ftag’, ‘fiseg’, ‘fioff’, ‘foseg’, ‘fooff’ and ‘fop’

Wenzel commented 4 years ago

Thanks for your PR. As we discussed before, GDB register parsing a bit more complicated. This PR should fix it: https://github.com/Wenzel/pyvmidbg/pull/31