search

panda-re / panda

Platform for Architecture-Neutral Dynamic Analysis
https://panda.re
Other
2.47k stars 477 forks source link

gdb plugin: Remote communication error. Target disconnected.: Connection reset by peer. #1275

Open hanetzer opened 1 year ago

hanetzer commented 1 year ago

invoking panda from docker as such:

root@a46a483ce2be:/dir# PANDA_PATH=/panda/build /panda/build/i386-softmmu/panda-system-i386 -m 4096 -replay test -os windows-32-7sp0 -panda gdb:on_entry=1

results in:

PANDA[core]:os_familyno=1 bits=32 os_details=7sp0
PANDA[gdb]:adding argument on_entry=1.
PANDA[core]:initializing gdb
loading snapshot
... done.
opening nondet log for read :   ./test-rr-nondet.log
PANDA[core]:loading required plugin osi
PANDA[core]:initializing osi
PANDA[core]:loading required plugin wintrospection
PANDA[core]:initializing wintrospection
PANDA[core]:loading required plugin osi
PANDA[core]:/panda/build/i386-softmmu/panda/plugins/panda_osi.so already loaded
Memory map:
f40000-f81000 1617f0    C:\Windows\system32\wbem\wmiprvse.exe
77af0000-77c2c000 161870    C:\Windows\SYSTEM32\ntdll.dll
77150000-77224000 161b68    C:\Windows\system32\kernel32.dll
75e00000-75e4a000 161c50    C:\Windows\system32\KERNELBASE.dll
774a0000-77540000 1623d8    C:\Windows\system32\ADVAPI32.dll
776e0000-7778c000 1624a0    C:\Windows\system32\msvcrt.dll
76e50000-76e69000 162820    C:\Windows\SYSTEM32\sechost.dll
77c70000-77d11000 162680    C:\Windows\system32\RPCRT4.dll
77540000-77609000 16d908    C:\Windows\system32\USER32.dll
77a20000-77a6e000 16d9d0    C:\Windows\system32\GDI32.dll
77c50000-77c5a000 16da90    C:\Windows\system32\LPK.dll
77640000-776dd000 16db58    C:\Windows\system32\USP10.dll
72f60000-72fbc000 16dbd8    C:\Windows\system32\wbemcomn.dll
75f40000-75fcf000 16df20    C:\Windows\system32\OLEAUT32.dll
77340000-7749c000 16dc58    C:\Windows\system32\ole32.dll
779e0000-77a15000 16dd20    C:\Windows\system32\WS2_32.dll
77c30000-77c36000 16dde0    C:\Windows\system32\NSI.dll
72d80000-72e16000 16e400    C:\Windows\system32\wbem\FastProx.dll
72d60000-72d78000 16e480    C:\Windows\system32\NTDSAPI.dll
71440000-7144f000 16e500    C:\Windows\system32\NCObjAPI.DLL
77230000-7724f000 16e580    C:\Windows\system32\IMM32.DLL
760d0000-7619c000 16e600    C:\Windows\system32\MSCTF.dll
75b90000-75b9c000 16e680    C:\Windows\system32\CRYPTBASE.dll
72ba0000-72bc1000 16e700    C:\Windows\system32\ntmarta.dll
77990000-779d5000 16e780    C:\Windows\system32\WLDAP32.dll
772b0000-77333000 16f980    C:\Windows\system32\CLBCatQ.DLL
72d50000-72d5a000 16fa00    C:\Windows\system32\wbem\wbemprox.dll
756c0000-756d6000 16fa80    C:\Windows\system32\CRYPTSP.dll
75460000-7549b000 16fb00    C:\Windows\system32\rsaenh.dll
75c00000-75c0e000 16fb80    C:\Windows\system32\RpcRtRemote.dll
715b0000-715bf000 16fc00    C:\Windows\system32\wbem\wbemsvc.dll
71540000-71557000 16fc80    C:\Windows\system32\wbem\wmiutils.dll
67920000-67a6a000 16fd80    C:\Windows\system32\wbem\cimwin32.dll
678e0000-67915000 16fe00    C:\Windows\system32\framedynos.dll
75b20000-75b3b000 16fe80    C:\Windows\system32\SspiCli.dll
745d0000-745dd000 16ff00    C:\Windows\system32\WTSAPI32.dll
678d0000-678d7000 170000    C:\Windows\system32\WINBRAND.dll
678c0000-678c3000 170080    C:\Windows\system32\SECURITY.DLL
75840000-75848000 170100    C:\Windows\system32\SECUR32.DLL
75360000-75368000 170180    C:\Windows\system32\credssp.dll
754d0000-7550a000 170280    C:\Windows\system32\schannel.DLL
75ce0000-75dfd000 170300    C:\Windows\system32\CRYPT32.dll
75cb0000-75cbc000 1aa6e0    C:\Windows\system32\MSASN1.dll
744d0000-744e1000 1aa760    C:\Windows\system32\NETAPI32.DLL
744c0000-744c9000 1aa7e0    C:\Windows\system32\netutils.dll
757d0000-757e9000 1aa860    C:\Windows\system32\srvcli.dll
744b0000-744bf000 1aa8e0    C:\Windows\system32\wkscli.dll
744a0000-744af000 1aa960    C:\Windows\system32\SAMCLI.DLL
75510000-75532000 1aa9e0    C:\Windows\system32\LOGONCLI.DLL
67870000-6787d000 1aaa60    C:\Windows\system32\BROWCLI.DLL
67880000-67888000 1aaae0    C:\Windows\system32\SCHEDCLI.DLL
740b0000-740b9000 1aab60    C:\Windows\system32\DSROLE.DLL
722c0000-722cb000 1aabe0    C:\Windows\system32\cscapi.dll
67850000-67868000 1aac60    C:\Windows\System32\dskquota.dll
76df0000-76e47000 1aace0    C:\Windows\system32\SHLWAPI.dll
761a0000-76dea000 1aad60    C:\Windows\system32\SHELL32.dll
Waiting for GDB connection on port 4444...

which looks promising; however, connecting with gdb as such:

i686-w64-mingw32-gdb -ex 'target remote :4444'

results in:

Remote debugging using :4444
Remote communication error.  Target disconnected.: Connection reset by peer.

Am I missing something here?

hanetzer commented 1 year ago

oh, and the docker container was started as such: docker run --rm -it -p 4444:4444 -v `pwd`:/dir pandare/pandadev