其他
Pwndbg+tmux真乃天作之合
本文为看雪论坛优秀文章
看雪论坛作者ID:OneShell
◆tmux new -s test
:创建一个名为test的session
◆Ctrl + B,然后"
:水平切割当前的pane
◆Ctrl + B,然后%
:垂直切割当前pane
set context-clear-screen on
set follow-fork-mode parent
source /home/user/splitmind/gdbinit.py
python
import splitmind
(splitmind.Mind()
.tell_splitter(show_titles=True)
.tell_splitter(set_title="Main")
.right(display="backtrace", size="25%")
.above(of="main", display="disasm", size="80%", banner="top")
.show("code", on="disasm", banner="none")
.right(cmd='tty; tail -f /dev/null', size="65%", clearing=False)
.tell_splitter(set_title='Input / Output')
.above(display="stack", size="75%")
.above(display="legend", size="25")
.show("regs", on="legend")
.below(of="backtrace", cmd="ipython", size="30%")
).build(nobanner=True)
end
set context-code-lines 30
set context-source-code-lines 30
set context-sections "regs args code disasm stack backtrace"
.above(of="main", display="disasm", size="80%", banner="top")
,就是对main进行切割,展示pwndbg的disasm区域,并且控制所占据的大小为80%。context-sections
变量控制:◆regs:寄存器
◆disasm:反汇编
◆code:源代码
◆ghidra:Ghidra相关(未使用过)
◆stack:栈
◆backtrace:调用栈
◆expressions:表达式跟踪,非常强大,可用于动态根据某个变量、内存、或者是自定义的值类型
◆context-code-lines
:在disasm中展示的反汇编行数
◆context-source-code-lines
:在code中展示的源代码行数
◆context-stack-lines
:在stack中展示的栈行数
pwndbg/pwndbg/commands/context.py
去查询含义以及默认值。了解section和控制section大小的环境变量可以让我们更好自定义属于自己的gdb界面。◆s:源代码模式,可用于直接调试源码
◆d:汇编模式,用于调试反汇编
◆m:同时显示源码和汇编语句
source /home/utest/app/pwndbg/gdbinit.py
source /home/utest/app/splitmind/gdbinit.py
# 调试过程是否每次输入一条指令都清屏,我选择否这样可以在main区域看到程序输出
set context-clear-screen off
set debug-events off
# python执行区域
python
sections = "regs" # sections控制所要展示的所有区域,先初始化只有寄存器regs
mode = input("source/disasm/mixed mode:?(s/d/m)") or "d" # 读取调试模式
import splitmind # 导入splitmind库
spliter = splitmind.Mind() # 创建一个spliter
spliter.select("main").right(display="regs", size="50%")
legend_on = "code"
if mode == "d":
legend_on = "disasm"
sections += " disasm"
spliter.select("main").above(display="disasm", size="70%", banner="none")
gdb.execute("set context-code-lines 30")
elif mode == "s":
sections += " code"
spliter.select("main").above(display="code", size="70%", banner="none")
gdb.execute("set context-source-code-lines 30")
else:
sections += " disasm code"
spliter.select("main").above(display="code", size="70%")
spliter.select("code").below(display="disasm", size="40%")
gdb.execute("set context-code-lines 8")
gdb.execute("set context-source-code-lines 20")
sections += " args stack backtrace expressions"
spliter.show("legend", on=legend_on)
spliter.show("stack", on="regs")
spliter.show("backtrace", on="regs")
spliter.show("args", on="regs")
spliter.show("expressions", on="args")
# 自定义的一些gdb环境变量
gdb.execute("set context-stack-lines 10")
gdb.execute("set context-sections \"%s\"" % sections)
spliter.build()
end
看雪ID:OneShell
https://bbs.kanxue.com/user-home-846098.htm
# 往期推荐
3、安卓加固脱壳分享
球分享
球点赞
球在看