Skip to content

Snippets

Jump to bottom Edit New page
crossbowerbt edited this page Oct 10, 2011 · 27 revisions

For the good and lazy programmers, this section documents the library following the approach "a function - an example".

For every features exposed by the library you will find a brief explanation and an example of how to use it. Let's start.

read_string(address, count)

This function try to read from the process memory an ascii string, no longer than count bytes. So you can provide a large count value since the function recognizes the NULL terminating character.

Example:

rax_address = gdb.parse_and_eval("$rax")
string = gdb_utils.read_string(rax_address, 1024)
print string

In the example we first read the address of the string pointed by RAX register, and then read the actual string passing the numeric address to the function. The result can be safely printed.

execute_output(command)

This is perhaps the most important function of the library, on which the majority of the other functions are built.

Its behavior is very similar to gdb.execute(), since both functions allow to execute a GDB command, but execute_output also returns the output of the command.

This is extremely important because it permits to exploit many GDB features, which are not exported in the standard gdb python library.

Example:

output = gdb_utils.execute_output('info registers')
print output

The result will be:

rax            0x610	1552
rbx            0x8000	32768
rcx            0x60f020	6352928
rdx            0x8000	32768
rsi            0x610000	6356992
rdi            0x10000	0
...

You can use this function to examine process status, control its execution or set GDB options: the possibilities are endless...

execute_external(command) and execute_external_output(command)

These functions are just utilities, since they do not use GDB. They simply execute an external shell command with the possibility to capture its output.

They can be useful if you want to call an external program to analyze system status, or other useful things that help the debugging activity.

Example:

execute_external('kill -9 <pid>')

output = execute_external('free')
print output

For the second call the result will be similar to:

             total       used       free     shared    buffers     cached
Mem:       4062352     819340    3243012          0      36244     336448
-/+ buffers/cache:     446648    3615704
Swap:            0          0          0
Add a custom footer
Add a custom sidebar
Clone this wiki locally