search

pwndbg / pwndbg

Exploit Development and Reverse Engineering with GDB Made Easy
https://pwndbg.re/
MIT License
7.63k stars 889 forks source link

"set disassembly-flavor intel" Doesn't work on ARM #27

Closed Grazfather closed 8 years ago

Grazfather commented 8 years ago

https://github.com/zachriggle/pwndbg/blob/master/pwndbg/__init__.py#L110

Perhaps should be done conditionally?

zachriggle commented 8 years ago

Turns out it doesn't hurt anything. Do you have an example case where this breaks something?

As a sidebar, pwndbg doesn't actually use GDB's disassembly anyway so it doesn't matter -- I'm just curious if this caused you a problem so that I know about it.

Grazfather commented 8 years ago

It does. For me on an ARM64 machine it prevents context from running every time I hit a bp.

Type "apropos word" to search for commands related to "word"...
Traceback (most recent call last):
  File "/root/pwndbg/gdbinit.py", line 10, in <module>
    import pwndbg
  File "/root/pwndbg/pwndbg/__init__.py", line 125, in <module>
    gdb.execute(line)
gdb.error: No symbol table is loaded.  Use the "file" command.
Reading symbols from forced-puns...(no debugging symbols found)...done.
pwndbg> start
Temporary breakpoint 1 at 0xc94
pwndbg>
Grazfather commented 8 years ago

With that line removed:

Type "apropos word" to search for commands related to "word"...
Loaded 86 commands.  Type pwndbg for a list.
Reading symbols from ctf/forced-puns...(no debugging symbols found)...done.
The program is not being run.
pwndbg> start
Temporary breakpoint 1 at 0xc94
LEGEND: STACK | HEAP | CODE | DATA | RWX | RODATA
[--------------------------------------------------------REGISTERS--------------------------------------------------------]
...
zachriggle commented 8 years ago

I don't run into that issue when debugging aarch64 binaries. I would suggest using a GDB which knows about more than one architecture, eg the gdb-multiarch package on Debian/Ubuntu.

There's no way to conditionally check for support for a given architecture. I suppose we could check when running on Intel, but dynamically setting disassembly-flavor will override whatever the user has put in gdbinit after sourcing Pwndbg.

Either way, I can probably remove this safely since we're using Capstone anyhow. On Sun, May 1, 2016 at 9:10 PM Grazfather notifications@github.com wrote:

With that line removed:

Type "apropos word" to search for commands related to "word"

... Loaded 86 commands. Type pwndbg for a list. Reading symbols from ctf/forced-puns...(no debugging symbols found)...done. The program is not being run. pwndbg> start Temporary breakpoint 1 at 0xc94 LEGEND: STACK | HEAP | CODE | DATA | RWX | RODATA [--------------------------------------------------------REGISTERS--------------------------------------------------------] ...

— You are receiving this because you commented.

Reply to this email directly or view it on GitHub https://github.com/zachriggle/pwndbg/issues/27#issuecomment-216087477

Grazfather commented 8 years ago

Cool I didn't know to use that.

Thanks for fixing it anyway.