Pentest Tools

Published on April 15th, 2016 📆 | 4757 Views ⚑

0

GEF — GDB Enhanced Features


Text to Speech

Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers

 


GEF is aimed to be used mostly by exploiters and reverse-engineers. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis or exploit development. GEF fully relies on GDB API and other Linux specific source of information (such as /proc/pid). As a consequence, some of the features might not work on custom or harden systems such as GrSec. It has fully support for Python2 and Python3 indifferently (as more and more distro start pushing gdb compiled with Python3 support).


[adsense size='1']

Dependencies

There are none: GEF works out of the box! However, to enjoy all the coolest features, it is recommended to install:

Note: if you are using GDB with Python3 support, you cannot use ROPgadget as Python3 support has not implemented yet.Capstone and radare2-python will work just fine. Capstone is packaged for Python 2 and 3 with pip. So a quick install is

$ pip2 install capstone    # for Python2.x
$ pip3 install capstone    # for Python3.x

And same goes for ropgadget

$ pip[23] install ropgadget

The assemble command relies on the binary rasm2 provided by radare2.

 

GEF-ARM

 

GDB Enhanced Features quick start

Simply make sure you’re having a GDB 7.x+.

 $ wget -q -O- https://github.com/hugsy/gef/raw/master/gef.sh | sh

Then just start playing (for local files):

$ gdb -q /path/to/my/bin
gef> gef help

Or (for remote debugging)

remote:~ $ gdbserver 0.0.0.0:1234 /path/to/file

And

local:~ $ gdb -q
gef> gef-remote your.ip.address:1234

 

Source && Download

https://github.com/hugsy/gef



Leave a Reply

Your email address will not be published.