Open disconnect3d opened 1 year ago
disconnect3d
commented
1 year ago Btw if we do this by looking for some strings in memory, in order to be efficient, we may need to e.g. search only for read-only mappings or read-write or something like that -- depending on where the searched string is to be expected in.
disconnect3d
commented
1 year ago This may be useful here as well: https://github.com/marin-m/vmlinux-to-elf
chrf01
commented
5 months ago disconnect3d
commented
5 months ago Yes, we should use symbol addition API it when it lands in a GDB release but even when it does, we will still want to support older GDB versions. (Thx @mbrla0 for working on this API :))
On Mon, 25 Mar 2024 at 11:38, charif @.***> wrote:
may be useful: https://sourceware.org/pipermail/gdb-patches/2023-January/195589.html
— Reply to this email directly, view it on GitHub https://github.com/pwndbg/pwndbg/issues/1836#issuecomment-2017696140, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACMLWCVGYROOKFLD3HWTZXTYZ75DLAVCNFSM6AAAAAA2XT3F6SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMJXGY4TMMJUGA . You are receiving this because you authored the thread.Message ID: @.***>
chrf01
commented
5 months ago I'll take a look at this
I am not sure if this is doable, but if someone debugs a kernel with KASLR it would be nice to be able to find and parse kallsyms from within Pwndbg and then either set symbols or at least be able to print/fetch them via some Pwndbg API.
Here is a project that shows how one could deal with this: https://github.com/pagabuc/kallsyms-extractor/ although I am not sure if this works with latest kernels.