Pentest Tools
Published on February 26th, 2018 📆 | 4848 Views ⚑
0gef v2018.02 releases: Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers
GEF – GDB Enhanced Features
GEF
is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly by exploiters and reverse-engineers, to provide additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development.
It has full support for both Python2 and Python3 indifferently (as more and more distros start pushing gdb
compiled with Python3 support).
Feature
- One single GDB script.
- Entirely OS Agnostic, NO dependencies:
GEF
is battery-included and is installable in 2 seconds (unlike PwnDBG). - Fast limiting the number of dependencies and optimizing code to make the commands as fast as possible (unlike PwnDBG).
- Provides more than 50 commands to drastically change your experience in GDB.
- Easily extendable to create other commands by providing more comprehensible layout to GDB Python API.
- Works consistently on both Python2 and Python3.
- Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc. (unlike PEDA)
- Suited for real-life apps debugging, exploit development, just as much as CTF (unlike PEDAor PwnDBG)
Changelog 2018.02
Installation
Emulating code in GDB via Unicorn-Engine (x86-64)
Displaying ELF information, memory mapping and using Capstone/Keystone integration (ARM v6)
Automatic dereferencing of registers values and identifying binary protections (PowerPC)
Showing current context and heap information (MIPS)
Playing with Capstone engine (SPARC v9)
Copyright (c) 2013-2017 crazy rabbidz
Source: https://github.com/hugsy/gef
Gloss