diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 6d6901277..917041759 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1,22 +1,27 @@ -## Contributing to GEF ## +## Contributing to GEF -### License ### +## License -`gef` is placed under [MIT license](https://github.com/hugsy/gef/blob/main/LICENSE) which provides Open-Source access to the code and its use. +`gef` is placed under [MIT license](https://github.com/hugsy/gef/blob/main/LICENSE) which provides +Open-Source access to the code and its use. -By contributing to `gef` code through the _Pull Requests_ mechanism, you accept to release the code written by you under the said license. +By contributing to `gef` code through the _Pull Requests_ mechanism, you accept to release the code +written by you under the said license. +## Submitting a Patch -### Submitting a Patch ### - -1. Fork `gef` repository (requires GitHub account). Sending a patch from the +1. Fork `gef` repository (requires GitHub account). Sending a patch from the `patch` or `git diff --patch` commands is not accepted. -1. Write the changes in your local repo. - * Respect the coding style (same indentation format, explicit names as possible) - * Comment your code - * If you add a new feature/GDB command, also write the adequate - documentation (in [`docs/`](docs/)) -1. Submit a pull request, make sure it is made against the `main` branch -1. The contributors will review your patch. If it is approved, the change will +1. All the packages required for testing and documenting are listed in `tests/requirements.txt` +1. Adjust your development environment to GEF's: this is achieved using + [`pre-commit`](https://pre-commit.com/), and getting setup is simply done by +1. Installing `pre-commit` PIP package (part of the `requirements.txt` file) +1. Setup `pre-commit` : `pre-commit install` +1. Write the changes in your local repo making sure to respect the coding style (same indentation + format, explicit names as possible), comment your code sufficiently so it becomes maintainable by + someone other than you. Finally if you add a new feature/GDB command, also write the adequate + documentation (in [`docs/`](docs/)) +1. Submit a pull request +1. The contributors will review your patch. If it is approved, the change will be merged via the GitHub, and you will be seen as contributors. If it needs additional work, the repo owner will respond with useful comments. diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 2a00b2ecc..590b1d6f0 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,4 +1,3 @@ # These are supported funding model platforms github: [hugsy,] - diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml index 34c94821f..fab7c7857 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -7,7 +7,7 @@ body: id: md_welcome attributes: value: | - Complete this form is for reporting bugs in GEF. Incomplete/invalid report will simply being ignored or closed. + Complete this form is for reporting bugs in GEF. Incomplete/invalid report will simply being ignored or closed. Also note that this is not the place to ask installation or usage problem. Use the Discord channel for that. - type: textarea attributes: @@ -38,9 +38,9 @@ body: multiple: false options: - "No" - - "Yes" + - "Yes" validations: - required: true + required: true - type: checkboxes attributes: label: Architecture impacted diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index b99543f55..e3b0184c1 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,31 +1,20 @@ - -## Description/Motivation/Screenshots +## Description - - - + -## Against which architecture was this tested ? - -"Tested" indicates that the PR works *and* the unit test (see `docs/testing.md`) run passes without issue. + - * [ ] x86-32 - * [ ] x86-64 - * [ ] ARM - * [ ] AARCH64 - * [ ] MIPS - * [ ] POWERPC - * [ ] SPARC - * [ ] RISC-V + + -- [ ] My code follows the code style of this project. -- [ ] My change includes a change to the documentation, if required. -- [ ] If my change adds new code, [adequate tests](docs/testing.md) have been added. -- [ ] I have read and agree to the **CONTRIBUTING** document. +- [ ] My code follows the code style of this project. +- [ ] My change includes a change to the documentation, if required. +- [ ] If my change adds new code, [adequate tests](docs/testing.md) have been added. +- [ ] I have read and agree to the **CONTRIBUTING** document. diff --git a/.github/stale.yml b/.github/stale.yml index da21e6947..6613a7de7 100644 --- a/.github/stale.yml +++ b/.github/stale.yml @@ -20,6 +20,6 @@ closeComment: > complete description; or create a new issue. Thank you for your contributions. # Set to true to ignore issues in a milestone (defaults to false) -exemptMilestones: true +exemptMilestones: true # Set to true to ignore issues with an assignee (defaults to false) exemptAssignees: true diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index aad63519d..9dba299df 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -2,13 +2,14 @@ name: CI Coverage for PR on: pull_request: - types: [opened, edited] jobs: coverage: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + with: + fetch-depth: '0' - name: Run test coverage id: get_coverage @@ -28,10 +29,14 @@ jobs: new_score=$(cat docs/coverage/gef_py.html | grep pc_cov | sed 's?.*\([^%]*\)%?\1?g') diff_score=$(python -c "print(${new_score} - ${current_score})") commit=$(git rev-parse HEAD) + include_tests=$(git diff ${{ github.event.before }} ${{ github.event.after }} --compact-summary | egrep --count '^ tests/' || true) + include_docs=$(git diff ${{ github.event.before }} ${{ github.event.after }} --compact-summary | egrep --count '^ docs/' || true) echo "commit=${commit}" >> $GITHUB_OUTPUT echo "new_coverage_score=${new_score}" >> $GITHUB_OUTPUT echo "current_coverage_score=${current_score}" >> $GITHUB_OUTPUT echo "diff_score=${diff_score}" >> $GITHUB_OUTPUT + echo "include_tests=${include_tests}" >> $GITHUB_OUTPUT + echo "include_docs=${include_docs}" >> $GITHUB_OUTPUT - uses: actions/github-script@v6 env: @@ -41,12 +46,54 @@ jobs: SCORE_DIFF: ${{ steps.get_coverage.outputs.diff_score }} with: script: | + const tests_changes = ${{ steps.get_coverage.outputs.include_tests }}; + const docs_changes = ${{ steps.get_coverage.outputs.include_docs }}; const comment = `## 🤖 Coverage Update * Commit: ${process.env.COMMIT} * Current Coverage: ${process.env.SCORE_OLD}% * New Coverage: ${process.env.SCORE_NEW}% * Diff: ${process.env.SCORE_DIFF} + + To this point, this PR: + * ${(tests_changes == 0) ? "**does not** include" : "includes"} changes to tests + * ${(docs_changes == 0) ? "**does not** include" : "includes"} changes to documentation + `; + const { owner, repo, number } = context.issue; await github.rest.issues.createComment({ owner, repo, issue_number: number, body: comment }); + + try { + if(docs_changes > 0) { + await github.rest.issues.addLabels({ + owner: owner, + repo: repo, + issue_number: number, + labels: ['documentation'] + }); + } else { + await github.rest.issues.removeLabel({ + owner: owner, + repo: repo, + issue_number: number, + name: 'documentation' + }); + } + + if(tests_changes > 0) { + await github.rest.issues.addLabels({ + owner: owner, + repo: repo, + issue_number: number, + labels: ['automation/ci'] + }); + } else { + await github.rest.issues.removeLabel({ + owner: owner, + repo: repo, + issue_number: number, + name: 'automation/ci' + }); + } + } catch (err) {} diff --git a/.github/workflows/docs-link-check.yml b/.github/workflows/docs-link-check.yml deleted file mode 100644 index 41acf0bb3..000000000 Binary files a/.github/workflows/docs-link-check.yml and /dev/null differ diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 147c82c6e..f6300b23b 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -67,8 +67,3 @@ jobs: run: | make -C tests/binaries -j ${{ env.GEF_CI_NB_CPU }} python${{ env.PY_VER }} -m pytest --forked -n ${{ env.GEF_CI_NB_CPU }} -v -k "not benchmark" tests/ - - - name: Run linter - run: | - python${{ env.PY_VER }} -m pylint --rcfile=$(pwd)/.pylintrc gef.py tests/*/*.py - diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml new file mode 100644 index 000000000..0c1f52670 --- /dev/null +++ b/.github/workflows/validate.yml @@ -0,0 +1,31 @@ +name: Validation + +on: + pull_request: + branches: + - main + +jobs: + pre_commit: + name: Check formatting + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-python@v3 + - uses: pre-commit/action@v3.0.0 + + docs_link_check: + name: Check URLs in docs + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: checkout + uses: actions/checkout@v2 + - name: Check links + uses: lycheeverse/lychee-action@v1.4.1 + env: + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + with: + args: --exclude-mail --accept=401 --no-progress 'docs/**/*.md' + fail: false diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 000000000..3e018b9d2 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,25 @@ +default_stages: [pre-commit, pre-push] +fail_fast: false +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + + - repo: https://github.com/pycqa/pylint + rev: v3.0.0a6 + hooks: + - id: pylint + + - repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.35.0 + hooks: + - id: markdownlint-docker + args: + - --config=docs/.markdownlint.yaml + - --ignore=docs/api/gef.md + - --ignore=docs/obsolete/docs/index.md + - --ignore=docs/index.md + - --ignore=README.md + - "docs/**/*.md" diff --git a/README.md b/README.md index 14db12dab..8f3d3e5c7 100644 --- a/README.md +++ b/README.md @@ -15,12 +15,11 @@ development. Application developers will also benefit from it, as GEF lifts a gr GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime. -## Instant Setup ## +## Instant Setup Simply make sure you have [GDB 8.0 or higher](https://www.gnu.org/s/gdb) compiled with Python3.6+ bindings, then: - ```bash # via the install script ## using curl @@ -44,18 +43,18 @@ You can immediately see that GEF is correctly installed by launching GDB: A few of `GEF` features include: -* **One** single GDB script -* Entirely **architecture agnostic**, **NO** dependencies: `GEF` is battery-included and [is +* **One** single GDB script +* Entirely **architecture agnostic**, **NO** dependencies: `GEF` is battery-included and [is installable instantly](https://hugsy.github.io/gef/#setup) -* **Fast** limiting the number of dependencies and optimizing code to make the commands as fast as +* **Fast** limiting the number of dependencies and optimizing code to make the commands as fast as possible -* Provides a great variety of commands to drastically change your experience in GDB. -* [**Easily** extensible](https://hugsy.github.io/gef/api/) to create other commands by providing +* Provides a great variety of commands to drastically change your experience in GDB. +* [**Easily** extensible](https://hugsy.github.io/gef/api/) to create other commands by providing d more comprehensible layout to GDB Python API. -* Full Python3 support ([Python2 support was +* Full Python3 support ([Python2 support was dropped](https://github.com/hugsy/gef/releases/tag/2020.03) - see [`gef-legacy`](https://github.com/hugsy/gef-legacy)). -* Built around an architecture abstraction layer, so all commands work in any GDB-supported +* Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc. * Suited for real-life apps debugging, exploit development, just as much as CTF * And a lot more commands contributed by the community available on @@ -64,8 +63,7 @@ d more comprehensible layout to GDB Python API. Check out the [Screenshot page](docs/screenshots.md) for more or [try it online](https://demo.gef.blah.cat) (user:`gef`/password:`gef-demo`) - -## Documentation ## +## Documentation Unlike other GDB plugins, GEF has an extensive and up-to-date [documentation](https://hugsy.github.io/gef/). Users are recommended to refer to it as it may help @@ -73,25 +71,22 @@ them in their attempts to use GEF. In particular, new users should navigate thro [FAQ](https://hugsy.github.io/gef/faq/) for common installation problems), and the problem persists, try to reach out for help on the Discord channel or submit an issue. - -## Current status ## +## Current status | Documentation |License | Compatibility | CI Tests (`main`) | |:---:|:---:|:---|--| | [![Documentation](https://github.com/hugsy/gef/actions/workflows/generate-docs.yml/badge.svg)](https://github.com/hugsy/gef/actions/workflows/generate-docs.yml) | [![MIT](https://img.shields.io/packagist/l/doctrine/orm.svg?maxAge=2592000?style=plastic)](https://github.com/hugsy/gef/blob/main/LICENSE) | [![Python 3](https://img.shields.io/badge/Python-3-green.svg)](https://github.com/hugsy/gef/) | [![CI Test for GEF](https://github.com/hugsy/gef/actions/workflows/run-tests.yml/badge.svg)](https://github.com/hugsy/gef/actions/workflows/run-tests.yml) | - -## Contribute ## +## Contribute To get involved, refer to the [Contribution documentation](https://hugsy.github.io/gef/#contribution) and the [guidelines](https://github.com/hugsy/gef/blob/main/.github/CONTRIBUTING.md) to start. -## Sponsors ## +## Sponsors Another way to contribute to keeping the project alive is by sponsoring it! Check out [the sponsoring documentation](https://hugsy.github.io/gef/#sponsors) for details so you can be part of the list of those [awesome sponsors](https://github.com/sponsors/hugsy). - -## Happy Hacking 🍻 ## +## Happy Hacking 🍻 diff --git a/docs/.markdownlint.yaml b/docs/.markdownlint.yaml index 8e74f3862..86c6c61ad 100644 --- a/docs/.markdownlint.yaml +++ b/docs/.markdownlint.yaml @@ -1,3 +1,6 @@ +# +# Rules: https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md +# # Default state for all rules default: true @@ -10,7 +13,7 @@ MD001: true # MD002/first-heading-h1/first-header-h1 - First heading should be a top-level heading MD002: # Heading level - level: 1 + level: 2 # MD003/heading-style/header-style - Heading style MD003: @@ -161,7 +164,7 @@ MD032: true # MD033/no-inline-html - Inline HTML MD033: # Allowed elements - allowed_elements: [] + allowed_elements: ["img"] # MD034/no-bare-urls - Bare URL used MD034: true @@ -195,7 +198,7 @@ MD040: # MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading MD041: # Heading level - level: 1 + level: 2 # RegExp for matching title in front matter front_matter_title: "^\\s*title\\s*[:=]" @@ -203,13 +206,7 @@ MD041: MD042: true # MD043/required-headings/required-headers - Required heading structure -MD043: - # List of headings - headings: [] - # List of headings - headers: [] - # Match case of headings - match_case: false +MD043: false # MD044/proper-names - Proper names should have the correct capitalization MD044: diff --git a/docs/api.md b/docs/api.md index 990f8e952..733d245f0 100644 --- a/docs/api.md +++ b/docs/api.md @@ -1,4 +1,4 @@ -# Extending GEF +## Extending GEF `GEF` intends to provide a battery-included, quickly installable and crazy fast debugging environment sitting on top of GDB. @@ -34,14 +34,14 @@ register_external_command(NewCommand()) Loading it in `GEF` is as easy as -``` +```text gef➤ source /path/to/newcmd.py [+] Loading 'NewCommand' ``` We can call it: -``` +```text gef➤ newcmd gef.arch=<__main__.X86_64 object at 0x7fd5583571c0> gef.arch.pc=0x55555555a7d0 @@ -53,9 +53,9 @@ Yes, that's it! Check out [the complete API](api/gef.md) to see what else GEF of Our new command must be a class that inherits from GEF's `GenericCommand`. The *only* requirements are: -* a `_cmdline_` attribute (the command to type on the GDB prompt). -* a `_syntax_` attribute, which GEF will use to auto-generate the help menu. -* a method `do_invoke(self, args)` which will be executed when the command is invoked. `args` is a +* a `_cmdline_` attribute (the command to type on the GDB prompt). +* a `_syntax_` attribute, which GEF will use to auto-generate the help menu. +* a method `do_invoke(self, args)` which will be executed when the command is invoked. `args` is a list of the command line args provided when invoked. We make GEF aware of this new command by registering it in the `__main__` section of the script, by @@ -91,7 +91,7 @@ register_external_context_pane("wasted_time_debugging", wasted_time_debugging, w Loading it in `GEF` is as easy as loading a command -``` +```text gef➤ source /path/to/custom_context_pane.py ``` @@ -103,9 +103,9 @@ near the bottom of the context. The order can be modified in the `GEF` context c The API demonstrated above requires very specific argument types: `register_external_context_pane(pane_name, display_pane_function, pane_title_function)` -* `pane_name`: a string that will be used as the panes setting name -* `display_pane_function`: a function that uses `gef_print()` to print content in the pane -* `pane_title_function`: a function that returns the title string or None to hide the title +* `pane_name`: a string that will be used as the panes setting name +* `display_pane_function`: a function that uses `gef_print()` to print content in the pane +* `pane_title_function`: a function that returns the title string or None to hide the title ## API @@ -128,7 +128,8 @@ gdb -q -ex 'pi help(hexdump)' -ex quit The GEF API aims to provide a simpler and more Pythonic approach to GDB's. Some basic examples: -* read the memory + +* read the memory ```text gef ➤ pi print(hexdump( gef.memory.read(parse_address("$pc"), length=0x20 ))) @@ -136,9 +137,9 @@ gef ➤ pi print(hexdump( gef.memory.read(parse_address("$pc"), length=0x20 ))) 0x0000000000000010 f0 50 54 4c 8d 05 66 0d 01 00 48 8d 0d ef 0c 01 .PTL..f...H..... ``` -* get access to the memory layout +* get access to the memory layout -``` +```text gef ➤ pi print('\n'.join([ f"{x.page_start:#x} -> {x.page_end:#x}" for x in gef.memory.maps])) 0x555555554000 -> 0x555555558000 0x555555558000 -> 0x55555556c000 @@ -154,9 +155,10 @@ gef ➤ pi print('\n'.join([ f"{x.page_start:#x} -> {x.page_end:#x}" for x in ge ``` The API also offers a number of decorators to simplify the creation of new/existing commands, such as: -* `@only_if_gdb_running` to execute only if a GDB session is running. -* `@only_if_gdb_target_local` to check if the target is local i.e. not debugging using GDB `remote`. -* and many more... + +* `@only_if_gdb_running` to execute only if a GDB session is running. +* `@only_if_gdb_target_local` to check if the target is local i.e. not debugging using GDB `remote`. +* and many more... ### Reference @@ -206,7 +208,7 @@ class MyCommand(GenericCommand): When the user enters the following command: -``` +```text gef➤ mycommand --blah 3 14 159 2653 ``` @@ -227,11 +229,13 @@ Sometimes architectures can more precisely determine whether they apply to the c looking at the architecture determined by gdb. For these cases the custom architecture may implement the `supports_gdb_arch()` static function to signal that they should be used instead of the default. The function receives only one argument: -* `gdb_str` (of type `str`) which is the architecture name as reported by GDB. + +* `gdb_str` (of type `str`) which is the architecture name as reported by GDB. The function **must** return: -* `True` if the current `Architecture` class supports the target binary; `False` otherwise. -* `None` to simply ignore this check and let GEF try to determine the architecture. + +* `True` if the current `Architecture` class supports the target binary; `False` otherwise. +* `None` to simply ignore this check and let GEF try to determine the architecture. One example is the ARM Cortex-M architecture which in some cases should be used over the generic ARM one: diff --git a/docs/api/gef.md b/docs/api/gef.md index 79af99b75..4f7a605b3 100644 --- a/docs/api/gef.md +++ b/docs/api/gef.md @@ -46,7 +46,7 @@ http_get(url: str) → Optional[bytes] ``` -Basic HTTP wrapper for GET request. Return the body of the page if HTTP code is OK, otherwise return None. +Basic HTTP wrapper for GET request. Return the body of the page if HTTP code is OK, otherwise return None. --- @@ -59,7 +59,7 @@ Basic HTTP wrapper for GET request. Return the body of the page if HTTP code is update_gef(argv: List[str]) → int ``` -Try to update `gef` to the latest version pushed on GitHub main branch. Return 0 on success, 1 on failure. +Try to update `gef` to the latest version pushed on GitHub main branch. Return 0 on success, 1 on failure. --- @@ -72,7 +72,7 @@ Try to update `gef` to the latest version pushed on GitHub main branch. Return 0 reset_all_caches() → None ``` -Free all caches. If an object is cached, it will have a callable attribute `cache_clear` which will be invoked to purge the function cache. +Free all caches. If an object is cached, it will have a callable attribute `cache_clear` which will be invoked to purge the function cache. --- @@ -100,11 +100,11 @@ reset() → None highlight_text(text: str) → str ``` -Highlight text using `gef.ui.highlight_table` { match -> color } settings. +Highlight text using `gef.ui.highlight_table` { match -> color } settings. -If RegEx is enabled it will create a match group around all items in the `gef.ui.highlight_table` and wrap the specified color in the `gef.ui.highlight_table` around those matches. +If RegEx is enabled it will create a match group around all items in the `gef.ui.highlight_table` and wrap the specified color in the `gef.ui.highlight_table` around those matches. -If RegEx is disabled, split by ANSI codes and 'colorify' each match found within the specified string. +If RegEx is disabled, split by ANSI codes and 'colorify' each match found within the specified string. --- @@ -117,7 +117,7 @@ If RegEx is disabled, split by ANSI codes and 'colorify' each match found within gef_print(*args: str, end='\n', sep=' ', **kwargs: Any) → None ``` -Wrapper around print(), using string buffering feature. +Wrapper around print(), using string buffering feature. --- @@ -130,7 +130,7 @@ Wrapper around print(), using string buffering feature. bufferize(f: Callable) → Callable ``` -Store the content to be printed for a function in memory, and flush it on function exit. +Store the content to be printed for a function in memory, and flush it on function exit. --- @@ -147,7 +147,7 @@ p8( ) → bytes ``` -Pack one byte respecting the current architecture endianness. +Pack one byte respecting the current architecture endianness. --- @@ -164,7 +164,7 @@ p16( ) → bytes ``` -Pack one word respecting the current architecture endianness. +Pack one word respecting the current architecture endianness. --- @@ -181,7 +181,7 @@ p32( ) → bytes ``` -Pack one dword respecting the current architecture endianness. +Pack one dword respecting the current architecture endianness. --- @@ -198,7 +198,7 @@ p64( ) → bytes ``` -Pack one qword respecting the current architecture endianness. +Pack one qword respecting the current architecture endianness. --- @@ -215,7 +215,7 @@ u8( ) → int ``` -Unpack one byte respecting the current architecture endianness. +Unpack one byte respecting the current architecture endianness. --- @@ -232,7 +232,7 @@ u16( ) → int ``` -Unpack one word respecting the current architecture endianness. +Unpack one word respecting the current architecture endianness. --- @@ -249,7 +249,7 @@ u32( ) → int ``` -Unpack one dword respecting the current architecture endianness. +Unpack one dword respecting the current architecture endianness. --- @@ -266,7 +266,7 @@ u64( ) → int ``` -Unpack one qword respecting the current architecture endianness. +Unpack one qword respecting the current architecture endianness. --- @@ -279,7 +279,7 @@ Unpack one qword respecting the current architecture endianness. is_ascii_string(address: int) → bool ``` -Helper function to determine if the buffer pointed by `address` is an ASCII string (in GDB) +Helper function to determine if the buffer pointed by `address` is an ASCII string (in GDB) --- @@ -292,7 +292,7 @@ Helper function to determine if the buffer pointed by `address` is an ASCII stri is_alive() → bool ``` -Check if GDB is running. +Check if GDB is running. --- @@ -305,7 +305,7 @@ Check if GDB is running. calling_function() → Optional[str] ``` -Return the name of the calling function +Return the name of the calling function --- @@ -318,7 +318,7 @@ Return the name of the calling function only_if_gdb_running(f: Callable) → Callable ``` -Decorator wrapper to check if GDB is running. +Decorator wrapper to check if GDB is running. --- @@ -331,7 +331,7 @@ Decorator wrapper to check if GDB is running. only_if_gdb_target_local(f: Callable) → Callable ``` -Decorator wrapper to check if GDB is running locally (target not remote). +Decorator wrapper to check if GDB is running locally (target not remote). --- @@ -344,7 +344,7 @@ Decorator wrapper to check if GDB is running locally (target not remote). deprecated(solution: str = '') → Callable ``` -Decorator to add a warning when a command is obsolete and will be removed. +Decorator to add a warning when a command is obsolete and will be removed. --- @@ -357,7 +357,7 @@ Decorator to add a warning when a command is obsolete and will be removed. experimental_feature(f: Callable) → Callable ``` -Decorator to add a warning when a feature is experimental. +Decorator to add a warning when a feature is experimental. --- @@ -370,7 +370,7 @@ Decorator to add a warning when a feature is experimental. only_if_events_supported(event_type: str) → Callable ``` -Checks if GDB supports events without crashing. +Checks if GDB supports events without crashing. --- @@ -611,7 +611,7 @@ parse_arguments( ) → Callable ``` -Argument parsing decorator. +Argument parsing decorator. --- @@ -624,7 +624,7 @@ Argument parsing decorator. search_for_main_arena() → int ``` -`search_for_main_arena` is **DEPRECATED** and will be removed in the future. Use GefHeapManager.find_main_arena_addr() +`search_for_main_arena` is **DEPRECATED** and will be removed in the future. Use GefHeapManager.find_main_arena_addr() --- @@ -637,7 +637,7 @@ search_for_main_arena() → int get_libc_version() → Tuple[int, ...] ``` -`get_libc_version` is **DEPRECATED** and will be removed in the future. Use GefLibcManager.find_libc_version() +`get_libc_version` is **DEPRECATED** and will be removed in the future. Use GefLibcManager.find_libc_version() --- @@ -654,7 +654,7 @@ titlify( ) → str ``` -Print a centered title. +Print a centered title. --- @@ -742,7 +742,7 @@ info(msg: str) → None push_context_message(level: str, message: str) → None ``` -Push the message to be displayed the next time the context is invoked. +Push the message to be displayed the next time the context is invoked. --- @@ -755,7 +755,7 @@ Push the message to be displayed the next time the context is invoked. show_last_exception() → None ``` -Display the last Python exception. +Display the last Python exception. --- @@ -768,7 +768,7 @@ Display the last Python exception. gef_pystring(x: bytes) → str ``` -Returns a sanitized version as string of the bytes list given in input. +Returns a sanitized version as string of the bytes list given in input. --- @@ -781,7 +781,7 @@ Returns a sanitized version as string of the bytes list given in input. gef_pybytes(x: str) → bytes ``` -Returns an immutable bytes list from the string given as input. +Returns an immutable bytes list from the string given as input. --- @@ -816,7 +816,7 @@ hexdump( ) → str ``` -Return the hexdump of `src` argument. @param source *MUST* be of type bytes or bytearray @param length is the length of items per line @param separator is the default character to use if one byte is not printable @param show_raw if True, do not add the line nor the text translation @param base is the start address of the block being hexdump @return a string with the hexdump +Return the hexdump of `src` argument. @param source *MUST* be of type bytes or bytearray @param length is the length of items per line @param separator is the default character to use if one byte is not printable @param show_raw if True, do not add the line nor the text translation @param base is the start address of the block being hexdump @return a string with the hexdump --- @@ -829,7 +829,7 @@ Return the hexdump of `src` argument. @param source *MUST* be of type bytes or b is_debug() → bool ``` -Check if debug mode is enabled. +Check if debug mode is enabled. --- @@ -842,7 +842,7 @@ Check if debug mode is enabled. buffer_output() → bool ``` -Check if output should be buffered until command completion. +Check if output should be buffered until command completion. --- @@ -855,7 +855,7 @@ Check if output should be buffered until command completion. hide_context() → bool ``` -Helper function to hide the context pane. +Helper function to hide the context pane. --- @@ -868,7 +868,7 @@ Helper function to hide the context pane. unhide_context() → bool ``` -Helper function to unhide the context pane. +Helper function to unhide the context pane. --- @@ -881,7 +881,7 @@ Helper function to unhide the context pane. enable_redirect_output(to_file: str = '/dev/null') → None ``` -Redirect all GDB output to `to_file` parameter. By default, `to_file` redirects to `/dev/null`. +Redirect all GDB output to `to_file` parameter. By default, `to_file` redirects to `/dev/null`. --- @@ -894,7 +894,7 @@ Redirect all GDB output to `to_file` parameter. By default, `to_file` redirects disable_redirect_output() → None ``` -Disable the output redirection, if any. +Disable the output redirection, if any. --- @@ -907,7 +907,7 @@ Disable the output redirection, if any. gef_makedirs(path: str, mode: int = 493) → Path ``` -Recursive mkdir() creation. If successful, return the absolute path of the directory created. +Recursive mkdir() creation. If successful, return the absolute path of the directory created. --- @@ -923,12 +923,12 @@ gdb_disassemble( ) → Generator[__main__.Instruction, NoneType, NoneType] ``` -Disassemble instructions from `start_pc` (Integer). Accepts the following named +Disassemble instructions from `start_pc` (Integer). Accepts the following named **parameters:** - -- `end_pc` (Integer) only instructions whose start address fall in the interval from start_pc to end_pc are returned. -- `count` (Integer) list at most this many disassembled instructions If `end_pc` and `count` are not provided, the function will behave as if `count=1`. Return an iterator of Instruction objects + +- `end_pc` (Integer) only instructions whose start address fall in the interval from start_pc to end_pc are returned. +- `count` (Integer) list at most this many disassembled instructions If `end_pc` and `count` are not provided, the function will behave as if `count=1`. Return an iterator of Instruction objects --- @@ -941,7 +941,7 @@ Disassemble instructions from `start_pc` (Integer). Accepts the following named gdb_get_nth_previous_instruction_address(addr: int, n: int) → Optional[int] ``` -Return the address (Integer) of the `n`-th instruction before `addr`. +Return the address (Integer) of the `n`-th instruction before `addr`. --- @@ -954,7 +954,7 @@ Return the address (Integer) of the `n`-th instruction before `addr`. gdb_get_nth_next_instruction_address(addr: int, n: int) → int ``` -Return the address (Integer) of the `n`-th instruction after `addr`. +Return the address (Integer) of the `n`-th instruction after `addr`. --- @@ -967,7 +967,7 @@ Return the address (Integer) of the `n`-th instruction after `addr`. gef_instruction_n(addr: int, n: int) → Instruction ``` -Return the `n`-th instruction after `addr` as an Instruction object. +Return the `n`-th instruction after `addr` as an Instruction object. --- @@ -980,7 +980,7 @@ Return the `n`-th instruction after `addr` as an Instruction object. gef_get_instruction_at(addr: int) → Instruction ``` -Return the full Instruction found at the specified address. +Return the full Instruction found at the specified address. --- @@ -993,7 +993,7 @@ Return the full Instruction found at the specified address. gef_current_instruction(addr: int) → Instruction ``` -Return the current instruction as an Instruction object. +Return the current instruction as an Instruction object. --- @@ -1006,7 +1006,7 @@ Return the current instruction as an Instruction object. gef_next_instruction(addr: int) → Instruction ``` -Return the next instruction as an Instruction object. +Return the next instruction as an Instruction object. --- @@ -1023,7 +1023,7 @@ gef_disassemble( ) → Generator[__main__.Instruction, NoneType, NoneType] ``` -Disassemble `nb_insn` instructions after `addr` and `nb_prev` before `addr`. Return an iterator of Instruction objects. +Disassemble `nb_insn` instructions after `addr` and `nb_prev` before `addr`. Return an iterator of Instruction objects. --- @@ -1040,7 +1040,7 @@ gef_execute_external( ) → Union[str, List[str]] ``` -Execute an external command and return the result. +Execute an external command and return the result. --- @@ -1053,7 +1053,7 @@ Execute an external command and return the result. gef_execute_gdb_script(commands: str) → None ``` -Execute the parameter `source` as GDB command. This is done by writing `commands` to a temporary file, which is then executed via GDB `source` command. The tempfile is then deleted. +Execute the parameter `source` as GDB command. This is done by writing `commands` to a temporary file, which is then executed via GDB `source` command. The tempfile is then deleted. --- @@ -1066,7 +1066,7 @@ Execute the parameter `source` as GDB command. This is done by writing `commands checksec(filename: str) → Dict[str, bool] ``` -`checksec` is **DEPRECATED** and will be removed in the future. Use Elf(fname).checksec() +`checksec` is **DEPRECATED** and will be removed in the future. Use Elf(fname).checksec() --- @@ -1079,7 +1079,7 @@ checksec(filename: str) → Dict[str, bool] get_entry_point() → Optional[int] ``` -Return the binary entry point. `get_entry_point` is **DEPRECATED** and will be removed in the future. Use `gef.binary.entry_point` instead +Return the binary entry point. `get_entry_point` is **DEPRECATED** and will be removed in the future. Use `gef.binary.entry_point` instead --- @@ -1107,7 +1107,7 @@ is_pie(fpath: str) → bool is_big_endian() → bool ``` -`is_big_endian` is **DEPRECATED** and will be removed in the future. Prefer `gef.arch.endianness == Endianness.BIG_ENDIAN` +`is_big_endian` is **DEPRECATED** and will be removed in the future. Prefer `gef.arch.endianness == Endianness.BIG_ENDIAN` --- @@ -1120,7 +1120,7 @@ is_big_endian() → bool is_little_endian() → bool ``` -`is_little_endian` is **DEPRECATED** and will be removed in the future. gef.arch.endianness == Endianness.LITTLE_ENDIAN +`is_little_endian` is **DEPRECATED** and will be removed in the future. gef.arch.endianness == Endianness.LITTLE_ENDIAN --- @@ -1133,7 +1133,7 @@ is_little_endian() → bool flags_to_human(reg_value: int, value_table: Dict[int, str]) → str ``` -Return a human readable string showing the flag states. +Return a human readable string showing the flag states. --- @@ -1148,7 +1148,7 @@ register_architecture( ) → Type[ForwardRef('Architecture')] ``` -`register_architecture` is **DEPRECATED** and will be removed in the future. Using the decorator `register_architecture` is unecessary +`register_architecture` is **DEPRECATED** and will be removed in the future. Using the decorator `register_architecture` is unecessary --- @@ -1161,7 +1161,7 @@ register_architecture( copy_to_clipboard(data: bytes) → None ``` -Helper function to submit data to the clipboard +Helper function to submit data to the clipboard --- @@ -1234,7 +1234,7 @@ use_rust_type() → str to_unsigned_long(v: gdb.Value) → int ``` -Cast a gdb.Value to unsigned long. +Cast a gdb.Value to unsigned long. --- @@ -1262,7 +1262,7 @@ get_path_from_info_proc() → Optional[str] get_os() → str ``` -`get_os` is **DEPRECATED** and will be removed in the future. Use `gef.session.os` +`get_os` is **DEPRECATED** and will be removed in the future. Use `gef.session.os` --- @@ -1275,7 +1275,7 @@ get_os() → str get_filepath() → Optional[str] ``` -Return the local absolute path of the file currently debugged. +Return the local absolute path of the file currently debugged. --- @@ -1288,7 +1288,7 @@ Return the local absolute path of the file currently debugged. get_function_length(sym: str) → int ``` -Attempt to get the length of the raw bytes of a function. +Attempt to get the length of the raw bytes of a function. --- @@ -1301,7 +1301,7 @@ Attempt to get the length of the raw bytes of a function. process_lookup_address(address: int) → Optional[__main__.Section] ``` -Look up for an address in memory. Return an Address object if found, None otherwise. +Look up for an address in memory. Return an Address object if found, None otherwise. --- @@ -1314,7 +1314,7 @@ Look up for an address in memory. Return an Address object if found, None otherw xor(data: ByteString, key: str) → bytearray ``` -Return `data` xor-ed with `key`. +Return `data` xor-ed with `key`. --- @@ -1327,7 +1327,7 @@ Return `data` xor-ed with `key`. is_hex(pattern: str) → bool ``` -Return whether provided string is a hexadecimal value. +Return whether provided string is a hexadecimal value. --- @@ -1340,7 +1340,7 @@ Return whether provided string is a hexadecimal value. continue_handler(_: 'gdb.Event') → None ``` -GDB event handler for new object continue cases. +GDB event handler for new object continue cases. --- @@ -1353,7 +1353,7 @@ GDB event handler for new object continue cases. hook_stop_handler(_: 'gdb.StopEvent') → None ``` -GDB event handler for stop cases. +GDB event handler for stop cases. --- @@ -1366,7 +1366,7 @@ GDB event handler for stop cases. new_objfile_handler(evt: Optional[ForwardRef('gdb.NewObjFileEvent')]) → None ``` -GDB event handler for new object file cases. +GDB event handler for new object file cases. --- @@ -1379,7 +1379,7 @@ GDB event handler for new object file cases. exit_handler(_: 'gdb.ExitedEvent') → None ``` -GDB event handler for exit cases. +GDB event handler for exit cases. --- @@ -1392,7 +1392,7 @@ GDB event handler for exit cases. memchanged_handler(_: 'gdb.MemoryChangedEvent') → None ``` -GDB event handler for mem changes cases. +GDB event handler for mem changes cases. --- @@ -1405,7 +1405,7 @@ GDB event handler for mem changes cases. regchanged_handler(_: 'gdb.RegisterChangedEvent') → None ``` -GDB event handler for reg changes cases. +GDB event handler for reg changes cases. --- @@ -1418,7 +1418,7 @@ GDB event handler for reg changes cases. get_terminal_size() → Tuple[int, int] ``` -Return the current terminal size. +Return the current terminal size. --- @@ -1431,7 +1431,7 @@ Return the current terminal size. reset_architecture(arch: Optional[str] = None) → None ``` -Sets the current architecture. If an architecture is explicitly specified by parameter, try to use that one. If this fails, an `OSError` exception will occur. If no architecture is specified, then GEF will attempt to determine automatically based on the current ELF target. If this fails, an `OSError` exception will occur. +Sets the current architecture. If an architecture is explicitly specified by parameter, try to use that one. If this fails, an `OSError` exception will occur. If no architecture is specified, then GEF will attempt to determine automatically based on the current ELF target. If this fails, an `OSError` exception will occur. --- @@ -1444,7 +1444,7 @@ Sets the current architecture. If an architecture is explicitly specified by par get_memory_alignment(in_bits: bool = False) → int ``` -Try to determine the size of a pointer on this system. First, try to parse it out of the ELF header. Next, use the size of `size_t`. Finally, try the size of $pc. If `in_bits` is set to True, the result is returned in bits, otherwise in bytes. `get_memory_alignment` is **DEPRECATED** and will be removed in the future. Use `gef.arch.ptrsize` instead +Try to determine the size of a pointer on this system. First, try to parse it out of the ELF header. Next, use the size of `size_t`. Finally, try the size of $pc. If `in_bits` is set to True, the result is returned in bits, otherwise in bytes. `get_memory_alignment` is **DEPRECATED** and will be removed in the future. Use `gef.arch.ptrsize` instead --- @@ -1457,7 +1457,7 @@ Try to determine the size of a pointer on this system. First, try to parse it o clear_screen(tty: str = '') → None ``` -Clear the screen. +Clear the screen. --- @@ -1470,7 +1470,7 @@ Clear the screen. format_address(addr: int) → str ``` -Format the address according to its size. +Format the address according to its size. --- @@ -1483,7 +1483,7 @@ Format the address according to its size. format_address_spaces(addr: int, left: bool = True) → str ``` -Format the address according to its size, but with spaces instead of zeroes. +Format the address according to its size, but with spaces instead of zeroes. --- @@ -1496,7 +1496,7 @@ Format the address according to its size, but with spaces instead of zeroes. align_address(address: int) → int ``` -Align the provided address to the process's native length. +Align the provided address to the process's native length. --- @@ -1509,7 +1509,7 @@ Align the provided address to the process's native length. align_address_to_size(address: int, align: int) → int ``` -Align the address to the given size. +Align the address to the given size. --- @@ -1522,7 +1522,7 @@ Align the address to the given size. align_address_to_page(address: int) → int ``` -Align the address to a page. +Align the address to a page. --- @@ -1535,7 +1535,7 @@ Align the address to a page. parse_address(address: str) → int ``` -Parse an address and return it as an Integer. +Parse an address and return it as an Integer. --- @@ -1563,7 +1563,7 @@ is_in_x86_kernel(address: int) → bool is_remote_debug() → bool ``` -"Return True is the current debugging session is running through GDB remote session. +"Return True is the current debugging session is running through GDB remote session. --- @@ -1576,7 +1576,7 @@ is_remote_debug() → bool de_bruijn(alphabet: bytes, n: int) → Generator[str, NoneType, NoneType] ``` -De Bruijn sequence for alphabet and subsequences of length n (for compat. w/ pwnlib). +De Bruijn sequence for alphabet and subsequences of length n (for compat. w/ pwnlib). --- @@ -1589,7 +1589,7 @@ De Bruijn sequence for alphabet and subsequences of length n (for compat. w/ pwn generate_cyclic_pattern(length: int, cycle: int = 4) → bytearray ``` -Create a `length` byte bytearray of a de Bruijn cyclic pattern. +Create a `length` byte bytearray of a de Bruijn cyclic pattern. --- @@ -1602,7 +1602,7 @@ Create a `length` byte bytearray of a de Bruijn cyclic pattern. safe_parse_and_eval(value: str) → Optional[ForwardRef('gdb.Value')] ``` -GEF wrapper for gdb.parse_and_eval(): this function returns None instead of raising gdb.error if the eval failed. +GEF wrapper for gdb.parse_and_eval(): this function returns None instead of raising gdb.error if the eval failed. --- @@ -1615,7 +1615,7 @@ GEF wrapper for gdb.parse_and_eval(): this function returns None instead of rais gef_convenience(value: Union[str, bytes]) → str ``` -Defines a new convenience value. +Defines a new convenience value. --- @@ -1628,7 +1628,7 @@ Defines a new convenience value. parse_string_range(s: str) → Iterator[int] ``` -Parses an address range (e.g. 0x400000-0x401000) +Parses an address range (e.g. 0x400000-0x401000) --- @@ -1641,7 +1641,7 @@ Parses an address range (e.g. 0x400000-0x401000) gef_get_pie_breakpoint(num: int) → PieVirtualBreakpoint ``` -`gef_get_pie_breakpoint` is **DEPRECATED** and will be removed in the future. Use `gef.session.pie_breakpoints[num]` +`gef_get_pie_breakpoint` is **DEPRECATED** and will be removed in the future. Use `gef.session.pie_breakpoints[num]` --- @@ -1654,7 +1654,7 @@ gef_get_pie_breakpoint(num: int) → PieVirtualBreakpoint endian_str() → str ``` -`endian_str` is **DEPRECATED** and will be removed in the future. Use `str(gef.arch.endianness)` instead +`endian_str` is **DEPRECATED** and will be removed in the future. Use `str(gef.arch.endianness)` instead --- @@ -1667,7 +1667,7 @@ endian_str() → str get_gef_setting(name: str) → Any ``` -`get_gef_setting` is **DEPRECATED** and will be removed in the future. Use `gef.config[key]` +`get_gef_setting` is **DEPRECATED** and will be removed in the future. Use `gef.config[key]` --- @@ -1680,7 +1680,7 @@ get_gef_setting(name: str) → Any set_gef_setting(name: str, value: Any) → None ``` -`set_gef_setting` is **DEPRECATED** and will be removed in the future. Use `gef.config[key] = value` +`set_gef_setting` is **DEPRECATED** and will be removed in the future. Use `gef.config[key] = value` --- @@ -1693,7 +1693,7 @@ set_gef_setting(name: str, value: Any) → None gef_getpagesize() → int ``` -`gef_getpagesize` is **DEPRECATED** and will be removed in the future. Use `gef.session.pagesize` +`gef_getpagesize` is **DEPRECATED** and will be removed in the future. Use `gef.session.pagesize` --- @@ -1706,7 +1706,7 @@ gef_getpagesize() → int gef_read_canary() → Optional[Tuple[int, int]] ``` -`gef_read_canary` is **DEPRECATED** and will be removed in the future. Use `gef.session.canary` +`gef_read_canary` is **DEPRECATED** and will be removed in the future. Use `gef.session.canary` --- @@ -1719,7 +1719,7 @@ gef_read_canary() → Optional[Tuple[int, int]] get_pid() → int ``` -`get_pid` is **DEPRECATED** and will be removed in the future. Use `gef.session.pid` +`get_pid` is **DEPRECATED** and will be removed in the future. Use `gef.session.pid` --- @@ -1732,7 +1732,7 @@ get_pid() → int get_filename() → str ``` -`get_filename` is **DEPRECATED** and will be removed in the future. Use `gef.session.file.name` +`get_filename` is **DEPRECATED** and will be removed in the future. Use `gef.session.file.name` --- @@ -1745,7 +1745,7 @@ get_filename() → str get_glibc_arena() → Optional[__main__.GlibcArena] ``` -`get_glibc_arena` is **DEPRECATED** and will be removed in the future. Use `gef.heap.main_arena` +`get_glibc_arena` is **DEPRECATED** and will be removed in the future. Use `gef.heap.main_arena` --- @@ -1758,7 +1758,7 @@ get_glibc_arena() → Optional[__main__.GlibcArena] get_register(regname) → Optional[int] ``` -`get_register` is **DEPRECATED** and will be removed in the future. Use `gef.arch.register(regname)` +`get_register` is **DEPRECATED** and will be removed in the future. Use `gef.arch.register(regname)` --- @@ -1771,7 +1771,7 @@ get_register(regname) → Optional[int] get_process_maps() → List[__main__.Section] ``` -`get_process_maps` is **DEPRECATED** and will be removed in the future. Use `gef.memory.maps` +`get_process_maps` is **DEPRECATED** and will be removed in the future. Use `gef.memory.maps` --- @@ -1784,7 +1784,7 @@ get_process_maps() → List[__main__.Section] set_arch(arch: Optional[str] = None, _: Optional[str] = None) → None ``` -`set_arch` is **DEPRECATED** and will be removed in the future. Use `reset_architecture` +`set_arch` is **DEPRECATED** and will be removed in the future. Use `reset_architecture` --- @@ -1802,9 +1802,9 @@ register_external_context_pane( ) → None ``` -Registering function for new GEF Context View. pane_name: a string that has no spaces (used in settings) display_pane_function: a function that uses gef_print() to print strings pane_title_function: a function that returns a string or None, which will be displayed as the title. If None, no title line is displayed. condition: an optional callback: if not None, the callback will be executed first. If it returns true, then only the pane title and content will displayed. Otherwise, it's simply skipped. +Registering function for new GEF Context View. pane_name: a string that has no spaces (used in settings) display_pane_function: a function that uses gef_print() to print strings pane_title_function: a function that returns a string or None, which will be displayed as the title. If None, no title line is displayed. condition: an optional callback: if not None, the callback will be executed first. If it returns true, then only the pane title and content will displayed. Otherwise, it's simply skipped. -Example usage for a simple text to show when we hit a syscall: def only_syscall(): return gef_current_instruction(gef.arch.pc).is_syscall() def display_pane(): gef_print("Wow, I am a context pane!") def pane_title(): return "example:pane" register_external_context_pane("example_pane", display_pane, pane_title, only_syscall) +Example usage for a simple text to show when we hit a syscall: def only_syscall(): return gef_current_instruction(gef.arch.pc).is_syscall() def display_pane(): gef_print("Wow, I am a context pane!") def pane_title(): return "example:pane" register_external_context_pane("example_pane", display_pane, pane_title, only_syscall) --- @@ -1819,7 +1819,7 @@ register_external_command( ) → Type[ForwardRef('GenericCommand')] ``` -Registering function for new GEF (sub-)command to GDB. `register_external_command` is **DEPRECATED** and will be removed in the future. Use `register()`, and inherit from `GenericCommand` instead +Registering function for new GEF (sub-)command to GDB. `register_external_command` is **DEPRECATED** and will be removed in the future. Use `register()`, and inherit from `GenericCommand` instead --- @@ -1834,7 +1834,7 @@ register_command( ) → Type[ForwardRef('GenericCommand')] ``` -Decorator for registering new GEF (sub-)command to GDB. `register_command` is **DEPRECATED** and will be removed in the future. Use `register()`, and inherit from `GenericCommand` instead +Decorator for registering new GEF (sub-)command to GDB. `register_command` is **DEPRECATED** and will be removed in the future. Use `register()`, and inherit from `GenericCommand` instead --- @@ -1849,7 +1849,7 @@ register_priority_command( ) → Type[ForwardRef('GenericCommand')] ``` -Decorator for registering new command with priority, meaning that it must loaded before the other generic commands. `register_priority_command` is **DEPRECATED** and will be removed in the future. +Decorator for registering new command with priority, meaning that it must loaded before the other generic commands. `register_priority_command` is **DEPRECATED** and will be removed in the future. --- @@ -1881,7 +1881,7 @@ register_function( ) → Type[ForwardRef('GenericFunction')] ``` -Decorator for registering a new convenience function to GDB. `register_function` is **DEPRECATED** and will be removed in the future. +Decorator for registering a new convenience function to GDB. `register_function` is **DEPRECATED** and will be removed in the future. --- @@ -1936,7 +1936,7 @@ Decorator for registering a new convenience function to GDB. `register_function #### property AARCH64.ptrsize -Determine the size of pointer from the current CPU mode +Determine the size of pointer from the current CPU mode --- @@ -1994,7 +1994,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -2020,7 +2020,7 @@ get_ra(insn: __main__.Instruction, frame: 'gdb.Frame') → int is_aarch32() → bool ``` -Determine if the CPU is currently in AARCH32 mode from runtime. +Determine if the CPU is currently in AARCH32 mode from runtime. --- @@ -2088,7 +2088,7 @@ is_ret(insn: __main__.Instruction) → bool is_thumb() → bool ``` -Determine if the machine is currently in THUMB mode. +Determine if the machine is currently in THUMB mode. --- @@ -2100,7 +2100,7 @@ Determine if the machine is currently in THUMB mode. is_thumb32() → bool ``` -Determine if the CPU is currently in THUMB32 mode from runtime. +Determine if the CPU is currently in THUMB32 mode from runtime. --- @@ -2154,7 +2154,7 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- @@ -2277,7 +2277,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -2359,7 +2359,7 @@ is_ret(insn: __main__.Instruction) → bool is_thumb() → bool ``` -Determine if the machine is currently in THUMB mode. +Determine if the machine is currently in THUMB mode. --- @@ -2413,13 +2413,13 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `ASLRCommand` -View/modify the ASLR setting of GDB. By default, GDB will disable ASLR when it starts the process. (i.e. not attached). This command allows to change that setting. +View/modify the ASLR setting of GDB. By default, GDB will disable ASLR when it starts the process. (i.e. not attached). This command allows to change that setting. @@ -2438,7 +2438,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property ASLRCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -2456,7 +2456,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -2468,7 +2468,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -2494,7 +2494,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -2506,7 +2506,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -2568,7 +2568,7 @@ usage() → None --- ## class `Address` -GEF representation of memory addresses. +GEF representation of memory addresses. @@ -2653,7 +2653,7 @@ is_in_text_segment() → bool --- ## class `AliasesAddCommand` -Command to add aliases. +Command to add aliases. @@ -2672,7 +2672,7 @@ __init__() → None #### property AliasesAddCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -2690,7 +2690,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -2702,7 +2702,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -2728,7 +2728,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -2740,7 +2740,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -2802,7 +2802,7 @@ usage() → None --- ## class `AliasesCommand` -Base command to add, remove, or list aliases. +Base command to add, remove, or list aliases. @@ -2821,7 +2821,7 @@ __init__() → None #### property AliasesCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -2839,7 +2839,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -2851,7 +2851,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -2877,7 +2877,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -2889,7 +2889,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -2951,7 +2951,7 @@ usage() → None --- ## class `AliasesListCommand` -Command to list aliases. +Command to list aliases. @@ -2970,7 +2970,7 @@ __init__() → None #### property AliasesListCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -2988,7 +2988,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -3000,7 +3000,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -3026,7 +3026,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -3038,7 +3038,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -3100,7 +3100,7 @@ usage() → None --- ## class `AliasesRmCommand` -Command to remove aliases. +Command to remove aliases. @@ -3119,7 +3119,7 @@ __init__() → None #### property AliasesRmCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -3137,7 +3137,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -3149,7 +3149,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -3175,7 +3175,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -3187,7 +3187,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -3249,7 +3249,7 @@ usage() → None --- ## class `Architecture` -Generic metaclass for the architecture supported by GEF. +Generic metaclass for the architecture supported by GEF. --- @@ -3340,7 +3340,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -3464,13 +3464,13 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `ArchitectureBase` -Class decorator for declaring an architecture to GEF. +Class decorator for declaring an architecture to GEF. @@ -3479,7 +3479,7 @@ Class decorator for declaring an architecture to GEF. --- ## class `BssBaseFunction` -Return the current bss base address plus the given offset. +Return the current bss base address plus the given offset. @@ -3542,7 +3542,7 @@ invoke(*args: Any) → int --- ## class `CanaryCommand` -Shows the canary value of the current process. +Shows the canary value of the current process. @@ -3561,7 +3561,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property CanaryCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -3579,7 +3579,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -3591,7 +3591,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -3617,7 +3617,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -3629,7 +3629,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -3691,7 +3691,7 @@ usage() → None --- ## class `ChangeFdCommand` -ChangeFdCommand: redirect file descriptor during runtime. +ChangeFdCommand: redirect file descriptor during runtime. @@ -3710,7 +3710,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property ChangeFdCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -3728,7 +3728,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -3740,7 +3740,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -3780,7 +3780,7 @@ get_fd_from_result(res: str) → int get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -3792,7 +3792,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -3854,7 +3854,7 @@ usage() → None --- ## class `ChangePermissionBreakpoint` -When hit, this temporary breakpoint will restore the original code, and position $pc correctly. +When hit, this temporary breakpoint will restore the original code, and position $pc correctly. @@ -3889,12 +3889,12 @@ stop() → bool --- ## class `ChecksecCommand` -Checksec the security properties of the current executable or passed as argument. The command checks for the following protections: -- PIE -- NX -- RelRO -- Glibc Stack Canaries -- Fortify Source +Checksec the security properties of the current executable or passed as argument. The command checks for the following protections: +- PIE +- NX +- RelRO +- Glibc Stack Canaries +- Fortify Source @@ -3913,7 +3913,7 @@ __init__() → None #### property ChecksecCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -3931,7 +3931,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -3943,7 +3943,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -3969,7 +3969,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -3981,7 +3981,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -4057,7 +4057,7 @@ usage() → None --- ## class `Color` -Used to colorify terminal output. +Used to colorify terminal output. @@ -4114,7 +4114,7 @@ boldify(msg: str) → str colorify(text: str, attrs: str) → str ``` -Color text according to the given attributes. +Color text according to the given attributes. --- @@ -4246,7 +4246,7 @@ yellowify(msg: str) → str --- ## class `ContextCommand` -Displays a comprehensive and modular summary of runtime context. Unless setting `enable` is set to False, this command will be spawned automatically every time GDB hits a breakpoint, a watchpoint, or any kind of interrupt. By default, it will show panes that contain the register states, the stack, and the disassembly code around $pc. +Displays a comprehensive and modular summary of runtime context. Unless setting `enable` is set to False, this command will be spawned automatically every time GDB hits a breakpoint, a watchpoint, or any kind of interrupt. By default, it will show panes that contain the register states, the stack, and the disassembly code around $pc. @@ -4265,7 +4265,7 @@ __init__() → None #### property ContextCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -4283,7 +4283,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -4449,7 +4449,7 @@ context_trace() → None del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -4503,7 +4503,7 @@ get_pc_context_info(pc: int, line: str) → str get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -4515,7 +4515,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -4587,7 +4587,7 @@ pre_load() → None print_arguments_from_symbol(function_name: str, symbol: 'gdb.Symbol') → None ``` -If symbols were found, parse them and print the argument adequately. +If symbols were found, parse them and print the argument adequately. --- @@ -4599,7 +4599,7 @@ If symbols were found, parse them and print the argument adequately. print_guessed_arguments(function_name: str) → None ``` -When no symbol, read the current basic block and look for "interesting" instructions. +When no symbol, read the current basic block and look for "interesting" instructions. --- @@ -4647,7 +4647,7 @@ usage() → None --- ## class `DereferenceCommand` -Dereference recursively from an address and display information. This acts like WinDBG `dps` command. +Dereference recursively from an address and display information. This acts like WinDBG `dps` command. @@ -4666,7 +4666,7 @@ __init__() → None #### property DereferenceCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -4684,7 +4684,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -4696,7 +4696,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -4722,7 +4722,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -4734,7 +4734,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -4810,7 +4810,7 @@ usage() → None --- ## class `DetailRegistersCommand` -Display full details on one, many or all registers value from current architecture. +Display full details on one, many or all registers value from current architecture. @@ -4829,7 +4829,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property DetailRegistersCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -4847,7 +4847,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -4859,7 +4859,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -4885,7 +4885,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -4897,7 +4897,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -4970,10 +4970,10 @@ usage() → None --- ## class `Elf` -Basic ELF parsing. Ref: -- http://www.skyfree.org/linux/references/ELF_Format.pdf -- https://refspecs.linuxfoundation.org/elf/elfspec_ppc.pdf -- https://refspecs.linuxfoundation.org/ELF/ppc64/PPC-elf64abi.html +Basic ELF parsing. Ref: +- http://www.skyfree.org/linux/references/ELF_Format.pdf +- https://refspecs.linuxfoundation.org/elf/elfspec_ppc.pdf +- https://refspecs.linuxfoundation.org/ELF/ppc64/PPC-elf64abi.html @@ -4983,19 +4983,19 @@ Basic ELF parsing. Ref: __init__(path: Union[str, pathlib.Path]) → None ``` -Instantiate an ELF object. A valid ELF must be provided, or an exception will be thrown. +Instantiate an ELF object. A valid ELF must be provided, or an exception will be thrown. --- #### property Elf.checksec -Check the security property of the ELF binary. The following properties are: -- Canary -- NX -- PIE -- Fortify -- Partial/Full RelRO. Return a dict() with the different keys mentioned above, and the boolean associated whether the protection was found. +Check the security property of the ELF binary. The following properties are: +- Canary +- NX +- PIE +- Fortify +- Partial/Full RelRO. Return a dict() with the different keys mentioned above, and the boolean associated whether the protection was found. --- @@ -5067,7 +5067,7 @@ seek(off: int) → None --- ## class `ElfInfoCommand` -Display a limited subset of ELF header information. If no argument is provided, the command will show information about the current ELF being debugged. +Display a limited subset of ELF header information. If no argument is provided, the command will show information about the current ELF being debugged. @@ -5086,7 +5086,7 @@ __init__() → None #### property ElfInfoCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -5104,7 +5104,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -5116,7 +5116,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -5142,7 +5142,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -5154,7 +5154,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -5216,7 +5216,7 @@ usage() → None --- ## class `Endianness` -An enumeration. +An enumeration. @@ -5225,7 +5225,7 @@ An enumeration. --- ## class `EntryBreakBreakpoint` -Breakpoint used internally to stop execution at the most convenient entry point. +Breakpoint used internally to stop execution at the most convenient entry point. @@ -5260,7 +5260,7 @@ stop() → bool --- ## class `EntryPointBreakCommand` -Tries to find best entry point and sets a temporary breakpoint on it. The command will test for well-known symbols for entry points, such as `main`, `_main`, `__libc_start_main`, etc. defined by the setting `entrypoint_symbols`. +Tries to find best entry point and sets a temporary breakpoint on it. The command will test for well-known symbols for entry points, such as `main`, `_main`, `__libc_start_main`, etc. defined by the setting `entrypoint_symbols`. @@ -5279,7 +5279,7 @@ __init__() → None #### property EntryPointBreakCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -5297,7 +5297,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -5309,7 +5309,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -5335,7 +5335,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -5347,7 +5347,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -5550,7 +5550,7 @@ is_valid(path: pathlib.Path) → bool --- ## class `FlagsCommand` -Edit flags in a human friendly way. +Edit flags in a human friendly way. @@ -5569,7 +5569,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property FlagsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -5587,7 +5587,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -5599,7 +5599,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -5625,7 +5625,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -5637,7 +5637,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -5699,7 +5699,7 @@ usage() → None --- ## class `FormatStringBreakpoint` -Inspect stack for format string. +Inspect stack for format string. @@ -5734,7 +5734,7 @@ stop() → bool --- ## class `FormatStringSearchCommand` -Exploitable format-string helper: this command will set up specific breakpoints at well-known dangerous functions (printf, snprintf, etc.), and check if the pointer holding the format string is writable, and therefore susceptible to format string attacks if an attacker can control its content. +Exploitable format-string helper: this command will set up specific breakpoints at well-known dangerous functions (printf, snprintf, etc.), and check if the pointer holding the format string is writable, and therefore susceptible to format string attacks if an attacker can control its content. @@ -5753,7 +5753,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property FormatStringSearchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -5771,7 +5771,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -5783,7 +5783,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -5809,7 +5809,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -5821,7 +5821,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -5922,7 +5922,7 @@ load_module(fullname) --- ## class `Gef` -The GEF root class, which serves as a entrypoint for all the debugging session attributes (architecture, memory, settings, etc.). +The GEF root class, which serves as a entrypoint for all the debugging session attributes (architecture, memory, settings, etc.). @@ -5949,7 +5949,7 @@ __init__() → None reinitialize_managers() → None ``` -Reinitialize the managers. Avoid calling this function directly, using `pi reset()` is preferred +Reinitialize the managers. Avoid calling this function directly, using `pi reset()` is preferred --- @@ -5961,7 +5961,7 @@ Reinitialize the managers. Avoid calling this function directly, using `pi reset reset_caches() → None ``` -Recursively clean the cache of all the managers. Avoid calling this function directly, using `reset-cache` is preferred +Recursively clean the cache of all the managers. Avoid calling this function directly, using `reset-cache` is preferred --- @@ -5973,13 +5973,13 @@ Recursively clean the cache of all the managers. Avoid calling this function dir setup() → None ``` -Setup initialize the runtime setup, which may require for the `gef` to be not None. +Setup initialize the runtime setup, which may require for the `gef` to be not None. --- ## class `GefAlias` -Simple aliasing wrapper because GDB doesn't do what it should. +Simple aliasing wrapper because GDB doesn't do what it should. @@ -6033,7 +6033,7 @@ lookup_command(cmd: str) → Optional[Tuple[str, __main__.GenericCommand]] --- ## class `GefCommand` -GEF main command: view all new commands by typing `gef`. +GEF main command: view all new commands by typing `gef`. @@ -6097,7 +6097,7 @@ add_context_pane( ) → None ``` -Add a new context pane to ContextCommand. +Add a new context pane to ContextCommand. --- @@ -6123,7 +6123,7 @@ invoke(args: Any, from_tty: bool) → None load() → None ``` -Load all the commands and functions defined by GEF into GDB. +Load all the commands and functions defined by GEF into GDB. --- @@ -6171,7 +6171,7 @@ show_banner() → None --- ## class `GefConfigCommand` -GEF configuration sub-command This command will help set/view GEF settings for the current debugging session. It is possible to make those changes permanent by running `gef save` (refer to this command help), and/or restore previously saved settings by running `gef restore` (refer help). +GEF configuration sub-command This command will help set/view GEF settings for the current debugging session. It is possible to make those changes permanent by running `gef save` (refer to this command help), and/or restore previously saved settings by running `gef restore` (refer help). @@ -6262,7 +6262,7 @@ set_setting(argv: Tuple[str, Any]) → None --- ## class `GefFunctionsCommand` -List the convenience functions provided by GEF. +List the convenience functions provided by GEF. @@ -6281,7 +6281,7 @@ __init__() → None #### property GefFunctionsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -6299,7 +6299,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -6311,7 +6311,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -6337,7 +6337,7 @@ do_invoke(argv) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -6349,7 +6349,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -6411,7 +6411,7 @@ usage() → None --- ## class `GefHeapManager` -Class managing session heap. +Class managing session heap. @@ -6512,7 +6512,7 @@ csize2tidx(size: int) → int malloc_align_address(address: int) → int ``` -Align addresses according to glibc's MALLOC_ALIGNMENT. See also Issue #689 on Github +Align addresses according to glibc's MALLOC_ALIGNMENT. See also Issue #689 on Github --- @@ -6546,7 +6546,7 @@ tidx2size(idx: int) → int --- ## class `GefHelpCommand` -GEF help sub-command. +GEF help sub-command. @@ -6581,7 +6581,7 @@ invoke(args: Any, from_tty: bool) → None --- ## class `GefInstallExtraScriptCommand` -`gef install` command: installs one or more scripts from the `gef-extras` script repo. Note that the command doesn't check for external dependencies the script(s) might require. +`gef install` command: installs one or more scripts from the `gef-extras` script repo. Note that the command doesn't check for external dependencies the script(s) might require. @@ -6616,7 +6616,7 @@ invoke(argv: str, from_tty: bool) → None --- ## class `GefLibcManager` -Class managing everything libc-related (except heap). +Class managing everything libc-related (except heap). @@ -6655,7 +6655,7 @@ __init__() → None reset_caches() → None ``` -Reset the LRU-cached attributes +Reset the LRU-cached attributes --- @@ -6678,13 +6678,13 @@ Reset the LRU-cached attributes reset_caches() → None ``` -Reset the LRU-cached attributes +Reset the LRU-cached attributes --- ## class `GefMemoryManager` -Class that manages memory access for gef. +Class that manages memory access for gef. @@ -6719,7 +6719,7 @@ __init__() → None read(addr: int, length: int = 16) → bytes ``` -Return a `length` long byte array with the copy of the process memory at `addr`. +Return a `length` long byte array with the copy of the process memory at `addr`. --- @@ -6731,7 +6731,7 @@ Return a `length` long byte array with the copy of the process memory at `addr`. read_ascii_string(address: int) → Optional[str] ``` -Read an ASCII string from memory +Read an ASCII string from memory --- @@ -6747,7 +6747,7 @@ read_cstring( ) → str ``` -Return a C-string read from memory. +Return a C-string read from memory. --- @@ -6759,7 +6759,7 @@ Return a C-string read from memory. read_integer(addr: int) → int ``` -Return an integer read from memory. +Return an integer read from memory. --- @@ -6785,13 +6785,13 @@ reset_caches() → None write(address: int, buffer: ByteString, length: int = 16) → None ``` -Write `buffer` at address `address`. +Write `buffer` at address `address`. --- ## class `GefMissingCommand` -GEF missing sub-command Display the GEF commands that could not be loaded, along with the reason of why they could not be loaded. +GEF missing sub-command Display the GEF commands that could not be loaded, along with the reason of why they could not be loaded. @@ -6826,7 +6826,7 @@ invoke(args: Any, from_tty: bool) → None --- ## class `GefRemoteSessionManager` -Class for managing remote sessions with GEF. It will create a temporary environment designed to clone the remote one. +Class for managing remote sessions with GEF. It will create a temporary environment designed to clone the remote one. @@ -6858,7 +6858,7 @@ __init__( #### property GefRemoteSessionManager.canary -Return a tuple of the canary address and value, read from the canonical location if supported by the architecture. Otherwise, read from the auxiliary vector. +Return a tuple of the canary address and value, read from the canonical location if supported by the architecture. Otherwise, read from the auxiliary vector. --- @@ -6872,13 +6872,13 @@ Return a tuple of the canary address and value, read from the canonical location #### property GefRemoteSessionManager.file -Path to the file being debugged as seen by the remote endpoint. +Path to the file being debugged as seen by the remote endpoint. --- #### property GefRemoteSessionManager.lfile -Local path to the file being debugged. +Local path to the file being debugged. --- @@ -6892,25 +6892,25 @@ Local path to the file being debugged. #### property GefRemoteSessionManager.original_canary -Return a tuple of the initial canary address and value, read from the auxiliary vector. +Return a tuple of the initial canary address and value, read from the auxiliary vector. --- #### property GefRemoteSessionManager.os -Return the current OS. +Return the current OS. --- #### property GefRemoteSessionManager.pagesize -Get the system page size +Get the system page size --- #### property GefRemoteSessionManager.pid -Return the PID of the target process. +Return the PID of the target process. --- @@ -6954,7 +6954,7 @@ close() → None connect(pid: int) → bool ``` -Connect to remote target. If in extended mode, also attach to the given PID. +Connect to remote target. If in extended mode, also attach to the given PID. --- @@ -7022,13 +7022,13 @@ setup() → bool sync(src: str, dst: Optional[str] = None) → bool ``` -Copy the `src` into the temporary chroot. If `dst` is provided, that path will be used instead of `src`. +Copy the `src` into the temporary chroot. If `dst` is provided, that path will be used instead of `src`. --- ## class `GefRestoreCommand` -GEF restore sub-command. Loads settings from file '~/.gef.rc' and apply them to the configuration of GEF. +GEF restore sub-command. Loads settings from file '~/.gef.rc' and apply them to the configuration of GEF. @@ -7077,7 +7077,7 @@ reload(quiet: bool) --- ## class `GefRunCommand` -Override GDB run commands with the context from GEF. Simple wrapper for GDB run command to use arguments set from `gef set args`. +Override GDB run commands with the context from GEF. Simple wrapper for GDB run command to use arguments set from `gef set args`. @@ -7112,7 +7112,7 @@ invoke(args: Any, from_tty: bool) → None --- ## class `GefSaveCommand` -GEF save sub-command. Saves the current configuration of GEF to disk (by default in file '~/.gef.rc'). +GEF save sub-command. Saves the current configuration of GEF to disk (by default in file '~/.gef.rc'). @@ -7147,7 +7147,7 @@ invoke(args: Any, from_tty: bool) → None --- ## class `GefSessionManager` -Class managing the runtime properties of GEF. +Class managing the runtime properties of GEF. @@ -7174,7 +7174,7 @@ __init__() → None #### property GefSessionManager.canary -Return a tuple of the canary address and value, read from the canonical location if supported by the architecture. Otherwise, read from the auxiliary vector. +Return a tuple of the canary address and value, read from the canonical location if supported by the architecture. Otherwise, read from the auxiliary vector. --- @@ -7188,43 +7188,43 @@ Return a tuple of the canary address and value, read from the canonical location #### property GefSessionManager.file -Return a Path object of the target process. +Return a Path object of the target process. --- #### property GefSessionManager.maps -Returns the Path to the procfs entry for the memory mapping. +Returns the Path to the procfs entry for the memory mapping. --- #### property GefSessionManager.original_canary -Return a tuple of the initial canary address and value, read from the auxiliary vector. +Return a tuple of the initial canary address and value, read from the auxiliary vector. --- #### property GefSessionManager.os -Return the current OS. +Return the current OS. --- #### property GefSessionManager.pagesize -Get the system page size +Get the system page size --- #### property GefSessionManager.pid -Return the PID of the target process. +Return the PID of the target process. --- #### property GefSessionManager.root -Returns the path to the process's root directory. +Returns the path to the process's root directory. @@ -7246,7 +7246,7 @@ reset_caches() → None --- ## class `GefSetCommand` -Override GDB set commands with the context from GEF. +Override GDB set commands with the context from GEF. @@ -7281,7 +7281,7 @@ invoke(args: Any, from_tty: bool) → None --- ## class `GefSetting` -Basic class for storing gef settings as objects +Basic class for storing gef settings as objects @@ -7307,7 +7307,7 @@ __init__( --- ## class `GefSettingsManager` -GefSettings acts as a dict where the global settings are stored and can be read, written or deleted as any other dict. For instance, to read a specific command setting: `gef.config[mycommand.mysetting]` +GefSettings acts as a dict where the global settings are stored and can be read, written or deleted as any other dict. For instance, to read a specific command setting: `gef.config[mycommand.mysetting]` @@ -7330,7 +7330,7 @@ raw_entry(name: str) → GefSetting --- ## class `GefThemeCommand` -Customize GEF appearance. +Customize GEF appearance. @@ -7349,7 +7349,7 @@ __init__() → None #### property GefThemeCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -7367,7 +7367,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -7379,7 +7379,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -7405,7 +7405,7 @@ do_invoke(args: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -7417,7 +7417,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -7479,7 +7479,7 @@ usage() → None --- ## class `GefTmuxSetup` -Setup a confortable tmux debugging environment. +Setup a confortable tmux debugging environment. @@ -7520,7 +7520,7 @@ invoke(args: Any, from_tty: bool) → None screen_setup() → None ``` -Hackish equivalent of the tmux_setup() function for screen. +Hackish equivalent of the tmux_setup() function for screen. --- @@ -7532,13 +7532,13 @@ Hackish equivalent of the tmux_setup() function for screen. tmux_setup() → None ``` -Prepare the tmux environment by vertically splitting the current pane, and forcing the context to be redirected there. +Prepare the tmux environment by vertically splitting the current pane, and forcing the context to be redirected there. --- ## class `GefUiManager` -Class managing UI settings. +Class managing UI settings. @@ -7565,7 +7565,7 @@ __init__() → None reset_caches() → None ``` -Reset the LRU-cached attributes +Reset the LRU-cached attributes --- @@ -7664,7 +7664,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -7788,13 +7788,13 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `GenericCommand` -This is an abstract class for invoking commands, should not be instantiated. +This is an abstract class for invoking commands, should not be instantiated. @@ -7813,7 +7813,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property GenericCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -7831,7 +7831,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -7843,7 +7843,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -7869,7 +7869,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -7881,7 +7881,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -7943,7 +7943,7 @@ usage() → None --- ## class `GenericFunction` -This is an abstract class for invoking convenience functions, should not be instantiated. +This is an abstract class for invoking convenience functions, should not be instantiated. @@ -8006,7 +8006,7 @@ invoke(*args: Any) → int --- ## class `GlibcArena` -Glibc arena class +Glibc arena class @@ -8165,7 +8165,7 @@ bin_at(i) → int fastbin(i: int) → Optional[ForwardRef('GlibcFastChunk')] ``` -Return head chunk in fastbinsY[i]. +Return head chunk in fastbinsY[i]. --- @@ -8177,7 +8177,7 @@ Return head chunk in fastbinsY[i]. get_heap_for_ptr(ptr: int) → int ``` -Find the corresponding heap for a given pointer (int). See https://github.com/bminor/glibc/blob/glibc-2.34/malloc/arena.c#L129 +Find the corresponding heap for a given pointer (int). See https://github.com/bminor/glibc/blob/glibc-2.34/malloc/arena.c#L129 --- @@ -8259,13 +8259,13 @@ reset() verify(addr: int) → bool ``` -Verify that the address matches a possible valid GlibcArena +Verify that the address matches a possible valid GlibcArena --- ## class `GlibcChunk` -Glibc chunk class. The default behavior (from_base=False) is to interpret the data starting at the memory address pointed to as the chunk data. Setting from_base to True instead treats that data as the chunk header. Ref: https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/. +Glibc chunk class. The default behavior (from_base=False) is to interpret the data starting at the memory address pointed to as the chunk data. Setting from_base to True instead treats that data as the chunk header. Ref: https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/. @@ -8458,9 +8458,9 @@ has_p_bit() → bool is_used() → bool ``` -Check if the current block is used by: -- checking the M bit is true -- or checking that next chunk PREV_INUSE flag is true +Check if the current block is used by: +- checking the M bit is true +- or checking that next chunk PREV_INUSE flag is true --- @@ -8703,9 +8703,9 @@ has_p_bit() → bool is_used() → bool ``` -Check if the current block is used by: -- checking the M bit is true -- or checking that next chunk PREV_INUSE flag is true +Check if the current block is used by: +- checking the M bit is true +- or checking that next chunk PREV_INUSE flag is true --- @@ -8731,7 +8731,7 @@ malloc_chunk_t() → Type[_ctypes.Structure] protect_ptr(pos: int, pointer: int) → int ``` -https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L339 +https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L339 --- @@ -8771,13 +8771,13 @@ reset() reveal_ptr(pointer: int) → int ``` -https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L341 +https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L341 --- ## class `GlibcHeapArenaCommand` -Display information on a heap chunk. +Display information on a heap chunk. @@ -8796,7 +8796,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property GlibcHeapArenaCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -8814,7 +8814,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -8826,7 +8826,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -8852,7 +8852,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -8864,7 +8864,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -8926,7 +8926,7 @@ usage() → None --- ## class `GlibcHeapBinsCommand` -Display information on the bins on an arena (default: main_arena). See https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1123. +Display information on the bins on an arena (default: main_arena). See https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1123. @@ -8945,7 +8945,7 @@ __init__() → None #### property GlibcHeapBinsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -8963,7 +8963,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -8975,7 +8975,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -9001,7 +9001,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -9013,7 +9013,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -9089,7 +9089,7 @@ usage() → None --- ## class `GlibcHeapChunkCommand` -Display information on a heap chunk. See https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1123. +Display information on a heap chunk. See https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1123. @@ -9108,7 +9108,7 @@ __init__() → None #### property GlibcHeapChunkCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -9126,7 +9126,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -9138,7 +9138,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -9164,7 +9164,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -9176,7 +9176,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -9238,7 +9238,7 @@ usage() → None --- ## class `GlibcHeapChunksCommand` -Display all heap chunks for the current arena. As an optional argument the base address of a different arena can be passed +Display all heap chunks for the current arena. As an optional argument the base address of a different arena can be passed @@ -9257,7 +9257,7 @@ __init__() → None #### property GlibcHeapChunksCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -9275,7 +9275,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -9287,7 +9287,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -9350,7 +9350,7 @@ dump_chunks_heap( get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -9362,7 +9362,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -9424,7 +9424,7 @@ usage() → None --- ## class `GlibcHeapCommand` -Base command to get information about the Glibc heap structure. +Base command to get information about the Glibc heap structure. @@ -9443,7 +9443,7 @@ __init__() → None #### property GlibcHeapCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -9461,7 +9461,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -9473,7 +9473,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -9499,7 +9499,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -9511,7 +9511,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -9573,7 +9573,7 @@ usage() → None --- ## class `GlibcHeapFastbinsYCommand` -Display information on the fastbinsY on an arena (default: main_arena). See https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1123. +Display information on the fastbinsY on an arena (default: main_arena). See https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1123. @@ -9592,7 +9592,7 @@ __init__() → None #### property GlibcHeapFastbinsYCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -9610,7 +9610,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -9622,7 +9622,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -9648,7 +9648,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -9660,7 +9660,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -9722,7 +9722,7 @@ usage() → None --- ## class `GlibcHeapInfo` -Glibc heap_info struct +Glibc heap_info struct @@ -9811,7 +9811,7 @@ reset() --- ## class `GlibcHeapLargeBinsCommand` -Convenience command for viewing large bins. +Convenience command for viewing large bins. @@ -9830,7 +9830,7 @@ __init__() → None #### property GlibcHeapLargeBinsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -9848,7 +9848,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -9860,7 +9860,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -9886,7 +9886,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -9898,7 +9898,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -9960,7 +9960,7 @@ usage() → None --- ## class `GlibcHeapSetArenaCommand` -Set the address of the main_arena or the currently selected arena. +Set the address of the main_arena or the currently selected arena. @@ -9979,7 +9979,7 @@ __init__() → None #### property GlibcHeapSetArenaCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -9997,7 +9997,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -10009,7 +10009,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -10035,7 +10035,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -10047,7 +10047,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -10109,7 +10109,7 @@ usage() → None --- ## class `GlibcHeapSmallBinsCommand` -Convenience command for viewing small bins. +Convenience command for viewing small bins. @@ -10128,7 +10128,7 @@ __init__() → None #### property GlibcHeapSmallBinsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -10146,7 +10146,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -10158,7 +10158,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -10184,7 +10184,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -10196,7 +10196,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -10258,7 +10258,7 @@ usage() → None --- ## class `GlibcHeapTcachebinsCommand` -Display information on the Tcachebins on an arena (default: main_arena). See https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc. +Display information on the Tcachebins on an arena (default: main_arena). See https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc. @@ -10277,7 +10277,7 @@ __init__() → None #### property GlibcHeapTcachebinsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -10295,7 +10295,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -10307,7 +10307,7 @@ add_setting( check_thread_ids(tids: List[int]) → List[int] ``` -Check the validity, dedup, and return all valid tids. +Check the validity, dedup, and return all valid tids. --- @@ -10319,7 +10319,7 @@ Check the validity, dedup, and return all valid tids. del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -10345,7 +10345,7 @@ do_invoke(argv: List[str]) → None find_tcache() → int ``` -Return the location of the current thread's tcache. +Return the location of the current thread's tcache. --- @@ -10357,7 +10357,7 @@ Return the location of the current thread's tcache. get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -10369,7 +10369,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -10426,7 +10426,7 @@ tcachebin( ) → Tuple[Optional[__main__.GlibcTcacheChunk], int] ``` -Return the head chunk in tcache[i] and the number of chunks in the bin. +Return the head chunk in tcache[i] and the number of chunks in the bin. --- @@ -10446,7 +10446,7 @@ usage() → None --- ## class `GlibcHeapUnsortedBinsCommand` -Display information on the Unsorted Bins of an arena (default: main_arena). See: https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1689. +Display information on the Unsorted Bins of an arena (default: main_arena). See: https://github.com/sploitfun/lsploits/blob/master/glibc/malloc/malloc.c#L1689. @@ -10465,7 +10465,7 @@ __init__() → None #### property GlibcHeapUnsortedBinsCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -10483,7 +10483,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -10495,7 +10495,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -10521,7 +10521,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -10533,7 +10533,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -10790,9 +10790,9 @@ has_p_bit() → bool is_used() → bool ``` -Check if the current block is used by: -- checking the M bit is true -- or checking that next chunk PREV_INUSE flag is true +Check if the current block is used by: +- checking the M bit is true +- or checking that next chunk PREV_INUSE flag is true --- @@ -10818,7 +10818,7 @@ malloc_chunk_t() → Type[_ctypes.Structure] protect_ptr(pos: int, pointer: int) → int ``` -https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L339 +https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L339 --- @@ -10858,13 +10858,13 @@ reset() reveal_ptr(pointer: int) → int ``` -https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L341 +https://elixir.bootlin.com/glibc/glibc-2.32/source/malloc/malloc.c#L341 --- ## class `GotBaseFunction` -Return the current GOT base address plus the given offset. +Return the current GOT base address plus the given offset. @@ -10927,7 +10927,7 @@ invoke(*args: Any) → int --- ## class `GotCommand` -Display current status of the got inside the process. +Display current status of the got inside the process. @@ -10946,7 +10946,7 @@ __init__() #### property GotCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -10964,7 +10964,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -10976,7 +10976,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -11002,7 +11002,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -11014,7 +11014,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -11076,11 +11076,11 @@ usage() → None --- ## class `HeapAnalysisCommand` -Heap vulnerability analysis helper: this command aims to track dynamic heap allocation done through malloc()/free() to provide some insights on possible heap vulnerabilities. The following vulnerabilities are checked: -- NULL free -- Use-after-Free -- Double Free -- Heap overlap +Heap vulnerability analysis helper: this command aims to track dynamic heap allocation done through malloc()/free() to provide some insights on possible heap vulnerabilities. The following vulnerabilities are checked: +- NULL free +- Use-after-Free +- Double Free +- Heap overlap @@ -11099,7 +11099,7 @@ __init__() → None #### property HeapAnalysisCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -11117,7 +11117,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -11143,7 +11143,7 @@ clean(_: 'gdb.Event') → None del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -11183,7 +11183,7 @@ dump_tracked_allocations() → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -11195,7 +11195,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -11271,7 +11271,7 @@ usage() → None --- ## class `HeapBaseFunction` -Return the current heap base address plus an optional offset. +Return the current heap base address plus an optional offset. @@ -11334,7 +11334,7 @@ invoke(*args: Any) → int --- ## class `HexdumpByteCommand` -Display SIZE lines of hexdump as BYTE from the memory location pointed by ADDRESS. +Display SIZE lines of hexdump as BYTE from the memory location pointed by ADDRESS. @@ -11353,7 +11353,7 @@ __init__() → None #### property HexdumpByteCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -11371,7 +11371,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -11383,7 +11383,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -11409,7 +11409,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -11421,7 +11421,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -11483,7 +11483,7 @@ usage() → None --- ## class `HexdumpCommand` -Display SIZE lines of hexdump from the memory location pointed by LOCATION. +Display SIZE lines of hexdump from the memory location pointed by LOCATION. @@ -11502,7 +11502,7 @@ __init__() → None #### property HexdumpCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -11520,7 +11520,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -11532,7 +11532,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -11558,7 +11558,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -11570,7 +11570,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -11632,7 +11632,7 @@ usage() → None --- ## class `HexdumpDwordCommand` -Display SIZE lines of hexdump as DWORD from the memory location pointed by ADDRESS. +Display SIZE lines of hexdump as DWORD from the memory location pointed by ADDRESS. @@ -11651,7 +11651,7 @@ __init__() → None #### property HexdumpDwordCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -11669,7 +11669,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -11681,7 +11681,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -11707,7 +11707,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -11719,7 +11719,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -11781,7 +11781,7 @@ usage() → None --- ## class `HexdumpQwordCommand` -Display SIZE lines of hexdump as QWORD from the memory location pointed by ADDRESS. +Display SIZE lines of hexdump as QWORD from the memory location pointed by ADDRESS. @@ -11800,7 +11800,7 @@ __init__() → None #### property HexdumpQwordCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -11818,7 +11818,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -11830,7 +11830,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -11856,7 +11856,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -11868,7 +11868,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -11930,7 +11930,7 @@ usage() → None --- ## class `HexdumpWordCommand` -Display SIZE lines of hexdump as WORD from the memory location pointed by ADDRESS. +Display SIZE lines of hexdump as WORD from the memory location pointed by ADDRESS. @@ -11949,7 +11949,7 @@ __init__() → None #### property HexdumpWordCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -11967,7 +11967,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -11979,7 +11979,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -12005,7 +12005,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -12017,7 +12017,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -12079,7 +12079,7 @@ usage() → None --- ## class `HighlightAddCommand` -Add a match to the highlight table. +Add a match to the highlight table. @@ -12098,7 +12098,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property HighlightAddCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -12116,7 +12116,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -12128,7 +12128,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -12154,7 +12154,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -12166,7 +12166,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -12228,7 +12228,7 @@ usage() → None --- ## class `HighlightClearCommand` -Clear the highlight table, remove all matches. +Clear the highlight table, remove all matches. @@ -12247,7 +12247,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property HighlightClearCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -12265,7 +12265,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -12277,7 +12277,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -12303,7 +12303,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -12315,7 +12315,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -12377,7 +12377,7 @@ usage() → None --- ## class `HighlightCommand` -Highlight user-defined text matches in GEF output universally. +Highlight user-defined text matches in GEF output universally. @@ -12396,7 +12396,7 @@ __init__() → None #### property HighlightCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -12414,7 +12414,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -12426,7 +12426,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -12452,7 +12452,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -12464,7 +12464,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -12526,7 +12526,7 @@ usage() → None --- ## class `HighlightListCommand` -Show the current highlight table with matches to colors. +Show the current highlight table with matches to colors. @@ -12545,7 +12545,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property HighlightListCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -12563,7 +12563,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -12575,7 +12575,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -12601,7 +12601,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -12613,7 +12613,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -12689,7 +12689,7 @@ usage() → None --- ## class `HighlightRemoveCommand` -Remove a match in the highlight table. +Remove a match in the highlight table. @@ -12708,7 +12708,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property HighlightRemoveCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -12726,7 +12726,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -12738,7 +12738,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -12764,7 +12764,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -12776,7 +12776,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -12838,7 +12838,7 @@ usage() → None --- ## class `Instruction` -GEF representation of a CPU instruction. +GEF representation of a CPU instruction. @@ -12986,7 +12986,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -13110,7 +13110,7 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- @@ -13209,7 +13209,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -13341,7 +13341,7 @@ supports_gdb_arch(gdb_arch: str) → Optional[bool] --- ## class `MemoryCommand` -Add or remove address ranges to the memory view. +Add or remove address ranges to the memory view. @@ -13360,7 +13360,7 @@ __init__() → None #### property MemoryCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -13378,7 +13378,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -13390,7 +13390,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -13416,7 +13416,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -13428,7 +13428,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -13490,7 +13490,7 @@ usage() → None --- ## class `MemoryUnwatchCommand` -Removes address ranges to the memory view. +Removes address ranges to the memory view. @@ -13509,7 +13509,7 @@ __init__() → None #### property MemoryUnwatchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -13527,7 +13527,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -13539,7 +13539,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -13565,7 +13565,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -13577,7 +13577,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -13639,7 +13639,7 @@ usage() → None --- ## class `MemoryWatchCommand` -Adds address ranges to the memory view. +Adds address ranges to the memory view. @@ -13658,7 +13658,7 @@ __init__() → None #### property MemoryWatchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -13676,7 +13676,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -13688,7 +13688,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -13714,7 +13714,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -13726,7 +13726,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -13788,7 +13788,7 @@ usage() → None --- ## class `MemoryWatchListCommand` -Lists all watchpoints to display in context layout. +Lists all watchpoints to display in context layout. @@ -13807,7 +13807,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property MemoryWatchListCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -13825,7 +13825,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -13837,7 +13837,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -13863,7 +13863,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -13875,7 +13875,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -13937,7 +13937,7 @@ usage() → None --- ## class `MemoryWatchResetCommand` -Removes all watchpoints. +Removes all watchpoints. @@ -13956,7 +13956,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property MemoryWatchResetCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -13974,7 +13974,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -13986,7 +13986,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14012,7 +14012,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -14024,7 +14024,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -14086,7 +14086,7 @@ usage() → None --- ## class `NamedBreakpoint` -Breakpoint which shows a specified name, when hit. +Breakpoint which shows a specified name, when hit. @@ -14121,7 +14121,7 @@ stop() → bool --- ## class `NamedBreakpointCommand` -Sets a breakpoint and assigns a name to it, which will be shown, when it's hit. +Sets a breakpoint and assigns a name to it, which will be shown, when it's hit. @@ -14140,7 +14140,7 @@ __init__() → None #### property NamedBreakpointCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -14158,7 +14158,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -14170,7 +14170,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14196,7 +14196,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -14208,7 +14208,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -14270,7 +14270,7 @@ usage() → None --- ## class `NopCommand` -Patch the instruction(s) pointed by parameters with NOP. Note: this command is architecture aware. +Patch the instruction(s) pointed by parameters with NOP. Note: this command is architecture aware. @@ -14289,7 +14289,7 @@ __init__() → None #### property NopCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -14307,7 +14307,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -14319,7 +14319,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14345,7 +14345,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -14357,7 +14357,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -14419,7 +14419,7 @@ usage() → None --- ## class `PCustomCommand` -Dump user defined structure. This command attempts to reproduce WinDBG awesome `dt` command for GDB and allows to apply structures (from symbols or custom) directly to an address. Custom structures can be defined in pure Python using ctypes, and should be stored in a specific directory, whose path must be stored in the `pcustom.struct_path` configuration setting. +Dump user defined structure. This command attempts to reproduce WinDBG awesome `dt` command for GDB and allows to apply structures (from symbols or custom) directly to an address. Custom structures can be defined in pure Python using ctypes, and should be stored in a specific directory, whose path must be stored in the `pcustom.struct_path` configuration setting. @@ -14438,7 +14438,7 @@ __init__() → None #### property PCustomCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -14456,7 +14456,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -14468,7 +14468,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14508,7 +14508,7 @@ explode_type(arg: str) → Tuple[str, str] get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -14520,7 +14520,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -14582,7 +14582,7 @@ usage() → None --- ## class `PCustomEditCommand` -PCustom: edit the content of a given structure +PCustom: edit the content of a given structure @@ -14601,7 +14601,7 @@ __init__() → None #### property PCustomEditCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -14619,7 +14619,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -14631,7 +14631,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14671,7 +14671,7 @@ explode_type(arg: str) → Tuple[str, str] get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -14683,7 +14683,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -14745,7 +14745,7 @@ usage() → None --- ## class `PCustomListCommand` -PCustom: list available structures +PCustom: list available structures @@ -14764,7 +14764,7 @@ __init__() → None #### property PCustomListCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -14782,7 +14782,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -14794,7 +14794,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14806,7 +14806,7 @@ del_setting(name: str) → None do_invoke(_: List) → None ``` -Dump the list of all the structures and their respective. +Dump the list of all the structures and their respective. --- @@ -14832,7 +14832,7 @@ explode_type(arg: str) → Tuple[str, str] get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -14844,7 +14844,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -14906,7 +14906,7 @@ usage() → None --- ## class `PCustomShowCommand` -PCustom: show the content of a given structure +PCustom: show the content of a given structure @@ -14925,7 +14925,7 @@ __init__() → None #### property PCustomShowCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -14943,7 +14943,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -14955,7 +14955,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -14995,7 +14995,7 @@ explode_type(arg: str) → Tuple[str, str] get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15007,7 +15007,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15069,7 +15069,7 @@ usage() → None --- ## class `PatchByteCommand` -Write specified BYTE to the specified address. +Write specified BYTE to the specified address. @@ -15088,7 +15088,7 @@ __init__() → None #### property PatchByteCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -15106,7 +15106,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -15118,7 +15118,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -15144,7 +15144,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15156,7 +15156,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15218,7 +15218,7 @@ usage() → None --- ## class `PatchCommand` -Write specified values to the specified address. +Write specified values to the specified address. @@ -15237,7 +15237,7 @@ __init__() → None #### property PatchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -15255,7 +15255,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -15267,7 +15267,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -15293,7 +15293,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15305,7 +15305,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15367,7 +15367,7 @@ usage() → None --- ## class `PatchDwordCommand` -Write specified DWORD to the specified address. +Write specified DWORD to the specified address. @@ -15386,7 +15386,7 @@ __init__() → None #### property PatchDwordCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -15404,7 +15404,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -15416,7 +15416,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -15442,7 +15442,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15454,7 +15454,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15516,7 +15516,7 @@ usage() → None --- ## class `PatchQwordCommand` -Write specified QWORD to the specified address. +Write specified QWORD to the specified address. @@ -15535,7 +15535,7 @@ __init__() → None #### property PatchQwordCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -15553,7 +15553,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -15565,7 +15565,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -15591,7 +15591,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15603,7 +15603,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15665,7 +15665,7 @@ usage() → None --- ## class `PatchStringCommand` -Write specified string to the specified memory location pointed by ADDRESS. +Write specified string to the specified memory location pointed by ADDRESS. @@ -15684,7 +15684,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PatchStringCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -15702,7 +15702,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -15714,7 +15714,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -15740,7 +15740,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15752,7 +15752,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15814,7 +15814,7 @@ usage() → None --- ## class `PatchWordCommand` -Write specified WORD to the specified address. +Write specified WORD to the specified address. @@ -15833,7 +15833,7 @@ __init__() → None #### property PatchWordCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -15851,7 +15851,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -15863,7 +15863,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -15889,7 +15889,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -15901,7 +15901,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -15963,7 +15963,7 @@ usage() → None --- ## class `PatternCommand` -Generate or Search a De Bruijn Sequence of unique substrings of length N and a total length of LENGTH. The default value of N is set to match the currently loaded architecture. +Generate or Search a De Bruijn Sequence of unique substrings of length N and a total length of LENGTH. The default value of N is set to match the currently loaded architecture. @@ -15982,7 +15982,7 @@ __init__() → None #### property PatternCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16000,7 +16000,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16012,7 +16012,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -16038,7 +16038,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -16050,7 +16050,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -16112,7 +16112,7 @@ usage() → None --- ## class `PatternCreateCommand` -Generate a De Bruijn Sequence of unique substrings of length N and a total length of LENGTH. The default value of N is set to match the currently loaded architecture. +Generate a De Bruijn Sequence of unique substrings of length N and a total length of LENGTH. The default value of N is set to match the currently loaded architecture. @@ -16131,7 +16131,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PatternCreateCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16149,7 +16149,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16161,7 +16161,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -16187,7 +16187,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -16199,7 +16199,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -16261,7 +16261,7 @@ usage() → None --- ## class `PatternSearchCommand` -Search a De Bruijn Sequence of unique substrings of length N and a maximum total length of MAX_LENGTH. The default value of N is set to match the currently loaded architecture. The PATTERN argument can be a GDB symbol (such as a register name), a string or a hexadecimal value +Search a De Bruijn Sequence of unique substrings of length N and a maximum total length of MAX_LENGTH. The default value of N is set to match the currently loaded architecture. The PATTERN argument can be a GDB symbol (such as a register name), a string or a hexadecimal value @@ -16280,7 +16280,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PatternSearchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16298,7 +16298,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16310,7 +16310,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -16336,7 +16336,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -16348,7 +16348,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -16424,7 +16424,7 @@ usage() → None --- ## class `Permission` -GEF representation of Linux permission. +GEF representation of Linux permission. @@ -16456,7 +16456,7 @@ __init__(elf: __main__.Elf, off: int) → None --- ## class `PieAttachCommand` -Do attach with PIE breakpoint support. +Do attach with PIE breakpoint support. @@ -16475,7 +16475,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PieAttachCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16493,7 +16493,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16505,7 +16505,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -16531,7 +16531,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -16543,7 +16543,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -16605,7 +16605,7 @@ usage() → None --- ## class `PieBreakpointCommand` -Set a PIE breakpoint at an offset from the target binaries base address. +Set a PIE breakpoint at an offset from the target binaries base address. @@ -16624,7 +16624,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PieBreakpointCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16642,7 +16642,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16654,7 +16654,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -16680,7 +16680,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -16692,7 +16692,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -16768,7 +16768,7 @@ usage() → None --- ## class `PieCommand` -PIE breakpoint support. +PIE breakpoint support. @@ -16787,7 +16787,7 @@ __init__() → None #### property PieCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16805,7 +16805,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16817,7 +16817,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -16843,7 +16843,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -16855,7 +16855,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -16917,7 +16917,7 @@ usage() → None --- ## class `PieDeleteCommand` -Delete a PIE breakpoint. +Delete a PIE breakpoint. @@ -16936,7 +16936,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PieDeleteCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -16954,7 +16954,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -16966,7 +16966,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -17006,7 +17006,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -17018,7 +17018,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -17080,7 +17080,7 @@ usage() → None --- ## class `PieInfoCommand` -Display breakpoint info. +Display breakpoint info. @@ -17099,7 +17099,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PieInfoCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -17117,7 +17117,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -17129,7 +17129,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -17155,7 +17155,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -17167,7 +17167,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -17229,7 +17229,7 @@ usage() → None --- ## class `PieRemoteCommand` -Attach to a remote connection with PIE breakpoint support. +Attach to a remote connection with PIE breakpoint support. @@ -17248,7 +17248,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PieRemoteCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -17266,7 +17266,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -17278,7 +17278,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -17304,7 +17304,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -17316,7 +17316,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -17378,7 +17378,7 @@ usage() → None --- ## class `PieRunCommand` -Run process with PIE breakpoint support. +Run process with PIE breakpoint support. @@ -17397,7 +17397,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property PieRunCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -17415,7 +17415,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -17427,7 +17427,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -17453,7 +17453,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -17465,7 +17465,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -17527,7 +17527,7 @@ usage() → None --- ## class `PieVirtualBreakpoint` -PIE virtual breakpoint (not real breakpoint). +PIE virtual breakpoint (not real breakpoint). @@ -17661,7 +17661,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -17785,7 +17785,7 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- @@ -17876,7 +17876,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -18000,13 +18000,13 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `PrintFormatCommand` -Print bytes format in commonly used formats, such as literals in high level languages. +Print bytes format in commonly used formats, such as literals in high level languages. @@ -18033,7 +18033,7 @@ __init__() → None #### property PrintFormatCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -18051,7 +18051,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -18063,7 +18063,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -18089,7 +18089,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -18101,7 +18101,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -18163,7 +18163,7 @@ usage() → None --- ## class `ProcessListingCommand` -List and filter process. If a PATTERN is given as argument, results shown will be grepped by this pattern. +List and filter process. If a PATTERN is given as argument, results shown will be grepped by this pattern. @@ -18182,7 +18182,7 @@ __init__() → None #### property ProcessListingCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -18200,7 +18200,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -18212,7 +18212,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -18252,7 +18252,7 @@ get_processes() → Generator[Dict[str, str], NoneType, NoneType] get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -18264,7 +18264,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -18326,7 +18326,7 @@ usage() → None --- ## class `ProcessStatusCommand` -Extends the info given by GDB `info proc`, by giving an exhaustive description of the process status (file descriptors, ancestor, descendants, etc.). +Extends the info given by GDB `info proc`, by giving an exhaustive description of the process status (file descriptors, ancestor, descendants, etc.). @@ -18345,7 +18345,7 @@ __init__() → None #### property ProcessStatusCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -18363,7 +18363,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -18375,7 +18375,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -18443,7 +18443,7 @@ get_process_path_of(pid: int) → str get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -18469,7 +18469,7 @@ get_state_of(pid: int) → Dict[str, str] has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -18730,7 +18730,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -18854,7 +18854,7 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- @@ -18883,7 +18883,7 @@ __init__(to: str = '/dev/null') → None --- ## class `RemoteCommand` -GDB `target remote` command on steroids. This command will use the remote procfs to create a local copy of the execution environment, including the target binary and its libraries in the local temporary directory (the value by default is in `gef.config.tempdir`). Additionally, it will fetch all the /proc/PID/maps and loads all its information. If procfs is not available remotely, the command will likely fail. You can however still use the limited command provided by GDB `target remote`. +GDB `target remote` command on steroids. This command will use the remote procfs to create a local copy of the execution environment, including the target binary and its libraries in the local temporary directory (the value by default is in `gef.config.tempdir`). Additionally, it will fetch all the /proc/PID/maps and loads all its information. If procfs is not available remotely, the command will likely fail. You can however still use the limited command provided by GDB `target remote`. @@ -18902,7 +18902,7 @@ __init__() → None #### property RemoteCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -18920,7 +18920,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -18932,7 +18932,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -18958,7 +18958,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -18970,7 +18970,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -19032,7 +19032,7 @@ usage() → None --- ## class `ResetCacheCommand` -Reset cache of all stored data. This command is here for debugging and test purposes, GEF handles properly the cache reset under "normal" scenario. +Reset cache of all stored data. This command is here for debugging and test purposes, GEF handles properly the cache reset under "normal" scenario. @@ -19051,7 +19051,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property ResetCacheCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -19069,7 +19069,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -19081,7 +19081,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -19107,7 +19107,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -19119,7 +19119,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -19181,8 +19181,8 @@ usage() → None --- ## class `SPARC` -Refs: -- https://www.cse.scu.edu/~atkinson/teaching/sp05/259/sparc.pdf +Refs: +- https://www.cse.scu.edu/~atkinson/teaching/sp05/259/sparc.pdf --- @@ -19273,7 +19273,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -19397,15 +19397,15 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `SPARC64` -Refs: -- http://math-atlas.sourceforge.net/devel/assembly/abi_sysV_sparc.pdf -- https://cr.yp.to/2005-590/sparcv9.pdf +Refs: +- http://math-atlas.sourceforge.net/devel/assembly/abi_sysV_sparc.pdf +- https://cr.yp.to/2005-590/sparcv9.pdf --- @@ -19496,7 +19496,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -19620,13 +19620,13 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `ScanSectionCommand` -Search for addresses that are located in a memory mapping (haystack) that belonging to another (needle). +Search for addresses that are located in a memory mapping (haystack) that belonging to another (needle). @@ -19645,7 +19645,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property ScanSectionCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -19663,7 +19663,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -19675,7 +19675,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -19701,7 +19701,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -19713,7 +19713,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -19775,7 +19775,7 @@ usage() → None --- ## class `SearchPatternCommand` -SearchPatternCommand: search a pattern in memory. If given an hex value (starting with 0x) the command will also try to look for upwards cross-references to this address. +SearchPatternCommand: search a pattern in memory. If given an hex value (starting with 0x) the command will also try to look for upwards cross-references to this address. @@ -19794,7 +19794,7 @@ __init__() → None #### property SearchPatternCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -19812,7 +19812,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -19824,7 +19824,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -19850,7 +19850,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -19862,7 +19862,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -19948,7 +19948,7 @@ search_binpattern_by_address( ) → List[Tuple[int, int, Optional[str]]] ``` -Search a binary pattern within a range defined by arguments. +Search a binary pattern within a range defined by arguments. --- @@ -19960,7 +19960,7 @@ Search a binary pattern within a range defined by arguments. search_pattern(pattern: str, section_name: str) → None ``` -Search a pattern within the whole userland memory. +Search a pattern within the whole userland memory. --- @@ -19976,7 +19976,7 @@ search_pattern_by_address( ) → List[Tuple[int, int, Optional[str]]] ``` -Search a pattern within a range defined by arguments. +Search a pattern within a range defined by arguments. --- @@ -19996,7 +19996,7 @@ usage() → None --- ## class `Section` -GEF representation of process memory sections. +GEF representation of process memory sections. @@ -20075,7 +20075,7 @@ is_writable() → bool --- ## class `SectionBaseFunction` -Return the matching file's base address plus an optional offset. Defaults to current file. Note that quotes need to be escaped +Return the matching file's base address plus an optional offset. Defaults to current file. Note that quotes need to be escaped @@ -20161,7 +20161,7 @@ __init__(elf: Optional[__main__.Elf], off: int) → None --- ## class `ShellcodeCommand` -ShellcodeCommand uses @JonathanSalwan simple-yet-awesome shellcode API to download shellcodes. +ShellcodeCommand uses @JonathanSalwan simple-yet-awesome shellcode API to download shellcodes. @@ -20180,7 +20180,7 @@ __init__() → None #### property ShellcodeCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -20198,7 +20198,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -20210,7 +20210,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -20236,7 +20236,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -20248,7 +20248,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -20310,7 +20310,7 @@ usage() → None --- ## class `ShellcodeGetCommand` -Download shellcode from shell-storm's shellcode database. +Download shellcode from shell-storm's shellcode database. @@ -20329,7 +20329,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property ShellcodeGetCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -20347,7 +20347,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -20359,7 +20359,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -20385,7 +20385,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -20411,7 +20411,7 @@ get_shellcode(sid: int) → None has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -20473,7 +20473,7 @@ usage() → None --- ## class `ShellcodeSearchCommand` -Search pattern in shell-storm's shellcode database. +Search pattern in shell-storm's shellcode database. @@ -20492,7 +20492,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property ShellcodeSearchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -20510,7 +20510,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -20522,7 +20522,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -20548,7 +20548,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -20560,7 +20560,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -20636,7 +20636,7 @@ usage() → None --- ## class `SmartEvalCommand` -SmartEval: Smart eval (vague approach to mimic WinDBG `?`). +SmartEval: Smart eval (vague approach to mimic WinDBG `?`). @@ -20655,7 +20655,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property SmartEvalCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -20673,7 +20673,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -20685,7 +20685,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -20739,7 +20739,7 @@ evaluate(expr: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -20751,7 +20751,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -20813,7 +20813,7 @@ usage() → None --- ## class `SolveKernelSymbolCommand` -Solve kernel symbols from kallsyms table. +Solve kernel symbols from kallsyms table. @@ -20832,7 +20832,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property SolveKernelSymbolCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -20850,7 +20850,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -20862,7 +20862,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -20888,7 +20888,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -20900,7 +20900,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -20962,7 +20962,7 @@ usage() → None --- ## class `StackOffsetFunction` -Return the current stack base address plus an optional offset. +Return the current stack base address plus an optional offset. @@ -21025,7 +21025,7 @@ invoke(*args: Any) → int --- ## class `StubBreakpoint` -Create a breakpoint to permanently disable a call (fork/alarm/signal/etc.). +Create a breakpoint to permanently disable a call (fork/alarm/signal/etc.). @@ -21060,7 +21060,7 @@ stop() → bool --- ## class `StubCommand` -Stub out the specified function. This function is useful when needing to skip one function to be called and disrupt your runtime flow (ex. fork). +Stub out the specified function. This function is useful when needing to skip one function to be called and disrupt your runtime flow (ex. fork). @@ -21079,7 +21079,7 @@ __init__() → None #### property StubCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -21097,7 +21097,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -21109,7 +21109,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -21135,7 +21135,7 @@ wrapper(*args: Any, **kwargs: Any) → Callable get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -21147,7 +21147,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -21209,7 +21209,7 @@ usage() → None --- ## class `TraceFreeBreakpoint` -Track calls to free() and attempts to detect inconsistencies. +Track calls to free() and attempts to detect inconsistencies. @@ -21244,7 +21244,7 @@ stop() → bool --- ## class `TraceFreeRetBreakpoint` -Internal temporary breakpoint to track free()d values. +Internal temporary breakpoint to track free()d values. @@ -21279,7 +21279,7 @@ stop() → bool --- ## class `TraceMallocBreakpoint` -Track allocations done with malloc() or calloc(). +Track allocations done with malloc() or calloc(). @@ -21314,7 +21314,7 @@ stop() → bool --- ## class `TraceMallocRetBreakpoint` -Internal temporary breakpoint to retrieve the return value of malloc(). +Internal temporary breakpoint to retrieve the return value of malloc(). @@ -21349,7 +21349,7 @@ stop() → bool --- ## class `TraceReallocBreakpoint` -Track re-allocations done with realloc(). +Track re-allocations done with realloc(). @@ -21384,7 +21384,7 @@ stop() → bool --- ## class `TraceReallocRetBreakpoint` -Internal temporary breakpoint to retrieve the return value of realloc(). +Internal temporary breakpoint to retrieve the return value of realloc(). @@ -21419,7 +21419,7 @@ stop() → bool --- ## class `TraceRunCommand` -Create a runtime trace of all instructions executed from $pc to LOCATION specified. The trace is stored in a text file that can be next imported in IDA Pro to visualize the runtime path. +Create a runtime trace of all instructions executed from $pc to LOCATION specified. The trace is stored in a text file that can be next imported in IDA Pro to visualize the runtime path. @@ -21438,7 +21438,7 @@ __init__() → None #### property TraceRunCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -21456,7 +21456,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -21468,7 +21468,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -21508,7 +21508,7 @@ get_frames_size() → int get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -21520,7 +21520,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -21610,7 +21610,7 @@ usage() → None --- ## class `UafWatchpoint` -Custom watchpoints set TraceFreeBreakpoint() to monitor free()d pointers being used. +Custom watchpoints set TraceFreeBreakpoint() to monitor free()d pointers being used. @@ -21637,13 +21637,13 @@ __init__(addr: int) → None stop() → bool ``` -If this method is triggered, we likely have a UaF. Break the execution and report it. +If this method is triggered, we likely have a UaF. Break the execution and report it. --- ## class `VMMapCommand` -Display a comprehensive layout of the virtual memory mapping. If a filter argument, GEF will filter out the mapping whose pathname do not match that filter. +Display a comprehensive layout of the virtual memory mapping. If a filter argument, GEF will filter out the mapping whose pathname do not match that filter. @@ -21662,7 +21662,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property VMMapCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -21680,7 +21680,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -21692,7 +21692,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -21718,7 +21718,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -21730,7 +21730,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -21834,7 +21834,7 @@ usage() → None --- ## class `VersionCommand` -Display GEF version info. +Display GEF version info. @@ -21853,7 +21853,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property VersionCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -21871,7 +21871,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -21883,7 +21883,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -21909,7 +21909,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -21921,7 +21921,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -22202,7 +22202,7 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- @@ -22301,7 +22301,7 @@ flag_register_to_human(val: Optional[int] = None) → str get_ith_parameter(i: int, in_func: bool = True) → Tuple[str, Optional[int]] ``` -Retrieves the correct parameter used for the current function call. +Retrieves the correct parameter used for the current function call. --- @@ -22425,13 +22425,13 @@ reset_caches() → None supports_gdb_arch(gdb_arch: str) → Optional[bool] ``` -If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. +If implemented by a child `Architecture`, this function dictates if the current class supports the loaded ELF file (which can be accessed via `gef.binary`). This callback function will override any assumption made by GEF to determine the architecture. --- ## class `XAddressInfoCommand` -Retrieve and display runtime information for the location(s) given as parameter. +Retrieve and display runtime information for the location(s) given as parameter. @@ -22450,7 +22450,7 @@ __init__() → None #### property XAddressInfoCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -22468,7 +22468,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -22480,7 +22480,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -22506,7 +22506,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -22518,7 +22518,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -22594,7 +22594,7 @@ usage() → None --- ## class `XFilesCommand` -Shows all libraries (and sections) loaded by binary. This command extends the GDB command `info files`, by retrieving more information from extra sources, and providing a better display. If an argument FILE is given, the output will grep information related to only that file. If an argument name is also given, the output will grep to the name within FILE. +Shows all libraries (and sections) loaded by binary. This command extends the GDB command `info files`, by retrieving more information from extra sources, and providing a better display. If an argument FILE is given, the output will grep information related to only that file. If an argument name is also given, the output will grep to the name within FILE. @@ -22613,7 +22613,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property XFilesCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -22631,7 +22631,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -22643,7 +22643,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -22669,7 +22669,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -22681,7 +22681,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -22743,7 +22743,7 @@ usage() → None --- ## class `XorMemoryCommand` -XOR a block of memory. The command allows to simply display the result, or patch it runtime at runtime. +XOR a block of memory. The command allows to simply display the result, or patch it runtime at runtime. @@ -22762,7 +22762,7 @@ __init__() → None #### property XorMemoryCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -22780,7 +22780,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -22792,7 +22792,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -22818,7 +22818,7 @@ do_invoke(_: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -22830,7 +22830,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -22892,7 +22892,7 @@ usage() → None --- ## class `XorMemoryDisplayCommand` -Display a block of memory pointed by ADDRESS by xor-ing each byte with KEY. The key must be provided in hexadecimal format. +Display a block of memory pointed by ADDRESS by xor-ing each byte with KEY. The key must be provided in hexadecimal format. @@ -22911,7 +22911,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property XorMemoryDisplayCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -22929,7 +22929,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -22941,7 +22941,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -22967,7 +22967,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -22979,7 +22979,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -23041,7 +23041,7 @@ usage() → None --- ## class `XorMemoryPatchCommand` -Patch a block of memory pointed by ADDRESS by xor-ing each byte with KEY. The key must be provided in hexadecimal format. +Patch a block of memory pointed by ADDRESS by xor-ing each byte with KEY. The key must be provided in hexadecimal format. @@ -23060,7 +23060,7 @@ __init__(*args: Any, **kwargs: Any) → None #### property XorMemoryPatchCommand.settings -Return the list of settings for this command. +Return the list of settings for this command. @@ -23078,7 +23078,7 @@ add_setting( ) → None ``` -`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead +`add_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name] = value` instead --- @@ -23090,7 +23090,7 @@ add_setting( del_setting(name: str) → None ``` -`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead +`del_setting` is **DEPRECATED** and will be removed in the future. Use `del self[setting_name]` instead --- @@ -23116,7 +23116,7 @@ do_invoke(argv: List[str]) → None get_setting(name: str) → Any ``` -`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead +`get_setting` is **DEPRECATED** and will be removed in the future. Use `self[setting_name]` instead --- @@ -23128,7 +23128,7 @@ get_setting(name: str) → Any has_setting(name: str) → bool ``` -`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead +`has_setting` is **DEPRECATED** and will be removed in the future. Use `setting_name in self` instead --- @@ -23190,7 +23190,7 @@ usage() → None --- ## class `Zone` -Zone(name, zone_start, zone_end, filename) +Zone(name, zone_start, zone_end, filename) @@ -23199,7 +23199,7 @@ Zone(name, zone_start, zone_end, filename) --- ## class `classproperty` -Make the attribute a `classproperty`. +Make the attribute a `classproperty`. diff --git a/docs/commands/aliases.md b/docs/commands/aliases.md index 8cbe0002b..373ef74da 100644 --- a/docs/commands/aliases.md +++ b/docs/commands/aliases.md @@ -2,7 +2,7 @@ Base command to add, remove, and list `GEF` defined aliases. -``` +```text gef➤ aliases aliases (add|rm|list) ``` @@ -13,13 +13,13 @@ aliases (add|rm|list) through the built-in command `alias`. To add a new alias, simply use the `aliases add` command. The "command" parameter may contain spaces. -``` +```text aliases add [alias] [command] ``` To remove an alias, simply use the `aliases rm` command. -``` +```text aliases rm [alias] ``` @@ -28,7 +28,7 @@ aliases rm [alias] One can list aliases by using the `aliases ls` command. Some sample output of this command is seen below. -``` +```text [+] Aliases defined: fmtstr-helper → format-string-helper telescope → dereference @@ -51,7 +51,7 @@ located at `~/.gef.rc`. The aliases must be in the `aliases` section of the conf Creating a new alias is as simple as creating a new entry in this section: -``` +```text $ nano ~/.gef.rc [...] [aliases] @@ -63,7 +63,7 @@ my-new-alias = gdb-or-gef-command For example, for those (like me) who use WinDBG and like its bindings, they can be integrated into GDB via GEF aliases like this: -``` +```text $ nano ~/.gef.rc [...] [aliases] @@ -91,7 +91,7 @@ uf = disassemble Or here are some `PEDA` aliases for people used to using `PEDA` who made the smart move to `GEF`. -``` +```text # some peda aliases telescope = dereference start = entry-break @@ -104,6 +104,6 @@ findmem = search-pattern The aliases will be loaded next time you load GDB (and `GEF`). Or you can force `GEF` to reload the settings with the command: -``` +```text gef➤ gef restore ``` diff --git a/docs/commands/aslr.md b/docs/commands/aslr.md index 3fc3fa7bf..2038c41f2 100644 --- a/docs/commands/aslr.md +++ b/docs/commands/aslr.md @@ -4,14 +4,14 @@ Easily check, enable or disable ASLR on the debugged binary. Check the status: -``` +```text gef➤ aslr ASLR is currently disabled ``` Activate ASLR: -``` +```text gef➤ aslr on [+] Enabling ASLR gef➤ aslr @@ -20,7 +20,7 @@ ASLR is currently enabled De-activate ASLR: -``` +```text gef➤ aslr off [+] Disabling ASLR ``` diff --git a/docs/commands/canary.md b/docs/commands/canary.md index c190d5205..1f0e1dca2 100644 --- a/docs/commands/canary.md +++ b/docs/commands/canary.md @@ -6,7 +6,7 @@ canary. This makes it convenient to avoid manually searching for this value in m The command `canary` does not take any arguments. -``` +```text gef➤ canary ``` diff --git a/docs/commands/checksec.md b/docs/commands/checksec.md index 1fa14714f..eff8aaed2 100644 --- a/docs/commands/checksec.md +++ b/docs/commands/checksec.md @@ -1,11 +1,11 @@ -## Command `checksec` ## +## Command `checksec` The `checksec` command is inspired from [`checksec.sh`](https://www.trapkit.de/tools/checksec.html). It provides a convenient way to determine which security protections are enabled in a binary. You can use the command on the currently debugged process: -``` +```text gef➤ checksec [+] checksec for '/vagrant/test-bin' Canary: No diff --git a/docs/commands/config.md b/docs/commands/config.md index ba2a15c65..6a3e4e1ac 100644 --- a/docs/commands/config.md +++ b/docs/commands/config.md @@ -1,4 +1,4 @@ -## Command `gef config` ## +## Command `gef config` `gef` reads its config from a file which is by default located at `~/.gef.rc`, but which can also be specified via the `GEF_RC` environment variable. In addition, `gef` can also be configured at @@ -6,7 +6,7 @@ runtime with the `gef config` command. To view all settings for all commands loaded: -``` +```text gef➤ gef config ``` @@ -14,21 +14,21 @@ gef➤ gef config Or to get one setting value: -``` +```text gef➤ gef config pcustom.struct_path ``` Of course you can edit the values. For example, if you want the screen to be cleared before displaying the current context when reaching a breakpoing: -``` +```text gef➤ gef config context.clear_screen 1 ``` To save the current settings for `GEF` to the file system to have those options persist across all your future `GEF` sessions, simply run: -``` +```text gef➤ gef save [+] Configuration saved to '/home/vagrant/.gef.rc' ``` @@ -38,7 +38,7 @@ Upon startup, if `$GEF_RC` points to an existing file, or otherwise if `${HOME}/ To reload the settings during the session, just run: -``` +```text gef➤ gef restore [+] Configuration from '/home/hugsy/.gef.rc' restored ``` diff --git a/docs/commands/context.md b/docs/commands/context.md index ea3e047cc..5eba382bd 100644 --- a/docs/commands/context.md +++ b/docs/commands/context.md @@ -1,19 +1,19 @@ -## Command `context` ## +## Command `context` ![gef-context](https://i.imgur.com/aZiG8Yb.png) `gef` (not unlike `PEDA` or `fG! famous gdbinit`) provides comprehensive context menu when hitting a breakpoint. -* The register context box displays current register values. Values in red indicate that this +* The register context box displays current register values. Values in red indicate that this register has had its value changed since the last time execution stopped. It makes it convenient to track values. Register values can be also accessed and/or dereferenced through the `reg` command. -* The stack context box shows the 10 (by default but can be tweaked) entries in memory pointed by +* The stack context box shows the 10 (by default but can be tweaked) entries in memory pointed by the stack pointer register. If those values are pointers, they are successively dereferenced. -* The code context box shows the 10 (by default but can be tweaked) next instructions to be executed. +* The code context box shows the 10 (by default but can be tweaked) next instructions to be executed. -### Adding custom context panes ### +### Adding custom context panes As well as using the built-in context panes, you can add your own custom pane that will be displayed at each `break`-like event with all the other panes. Custom panes can be added using the API: @@ -24,33 +24,33 @@ register_external_context_pane(pane_name, display_pane_function, pane_title_func Check the [API](../api.md) documentation to see a full usage of the registration API. -### Editing context layout ### +### Editing context layout `gef` allows you to configure your own setup for the display, by re-arranging the order with which contexts will be displayed. -``` +```text gef➤ gef config context.layout ``` There are currently 6 sections that can be displayed: -* `legend` : a text explanation of the color code -* `regs` : the state of registers -* `stack` : the content of memory pointed by `$sp` register -* `code` : the code being executed -* `args` : if stopping at a function calls, print the call arguments -* `source` : if compiled with source, this will show the corresponding line of source code -* `threads` : all the threads -* `trace` : the execution call trace -* `extra` : if an automatic behavior is detected (vulnerable format string, heap vulnerability, +* `legend` : a text explanation of the color code +* `regs` : the state of registers +* `stack` : the content of memory pointed by `$sp` register +* `code` : the code being executed +* `args` : if stopping at a function calls, print the call arguments +* `source` : if compiled with source, this will show the corresponding line of source code +* `threads` : all the threads +* `trace` : the execution call trace +* `extra` : if an automatic behavior is detected (vulnerable format string, heap vulnerability, etc.) it will be displayed in this pane -* `memory` : peek into arbitrary memory locations +* `memory` : peek into arbitrary memory locations To hide a section, simply use the `context.layout` setting, and prepend the section name with `-` or just omit it. -``` +```text gef➤ gef config context.layout "-legend regs stack code args -source -threads -trace extra memory" ``` @@ -59,7 +59,7 @@ This configuration will not display the `legend`, `source`, `threads`, and `trac The `memory` pane will display the content of all locations specified by the `memory` command. For instance, -``` +```text gef➤ memory watch $sp 0x40 byte ``` @@ -69,11 +69,11 @@ using `memory unwatch`, or altogether with `memory reset`. The size of most sections are also customizable: -* `nb_lines_stack` configures how many lines of the stack to show. -* `nb_lines_backtrack` configures how many lines of the backtrace to show. -* `nb_lines_code` and `nb_lines_code_prev` configure how many lines to show after and before the PC, +* `nb_lines_stack` configures how many lines of the stack to show. +* `nb_lines_backtrack` configures how many lines of the backtrace to show. +* `nb_lines_code` and `nb_lines_code_prev` configure how many lines to show after and before the PC, respectively. -* `context.nb_lines_threads` determines the number of lines to display inside the thread pane. This +* `context.nb_lines_threads` determines the number of lines to display inside the thread pane. This is convenient when debugging heavily multi-threaded applications (apache2, firefox, etc.). It receives an integer as value: if this value is `-1` then all threads state will be displayed. Otherwise, if the value is set to `N`, then at most `N` thread states will be shown. @@ -81,14 +81,14 @@ The size of most sections are also customizable: To have the stack displayed with the largest stack addresses on top (i.e., grow the stack downward), enable the following setting: -``` +```text gef➤ gef config context.grow_stack_down True ``` If the saved instruction pointer is not within the portion of the stack being displayed, then a section is created that includes the saved ip and depending on the architecture the frame pointer. -``` +```text 0x00007fffffffc9e8│+0x00: 0x00007ffff7a2d830 → <__main+240> mov edi, eax ($current_frame_savedip) 0x00007fffffffc9e0│+0x00: 0x00000000004008c0 → <__init+0> push r15 ← $rbp . . . (440 bytes skipped) @@ -102,7 +102,7 @@ section is created that includes the saved ip and depending on the architecture 0x00007fffffffc7b0│+0x00: 0x00007fffffffc7e4 → 0x0000000000000000 ← $rsp ``` -### Redirecting context output to another tty/file ### +### Redirecting context output to another tty/file By default, the `gef` context will be displayed on the current TTY. This can be overridden by setting `context.redirect` variable to have the context sent to another section. @@ -111,14 +111,14 @@ To do so, select the TTY/file/socket/etc. you want the context redirected to wit Enter the command `tty` in the prompt: -``` +```text $ tty /dev/pts/0 ``` Then tell `gef` about it! -``` +```text gef➤ gef config context.redirect /dev/pts/0 ``` @@ -127,77 +127,77 @@ Enjoy: To go back to normal, remove the value: -``` +```text gef➤ gef config context.redirect "" ``` -### Display individual sections ### +### Display individual sections You can display a single section by specifying it as an argument: -``` +```text gef➤ context regs ``` Multiple sections can be provided, even if they are not part of the current layout: -``` +```text gef➤ context regs stack ``` -### Examples ### +### Examples -* Display the code section first, then register, and stack, hiding everything else: +* Display the code section first, then register, and stack, hiding everything else: -``` +```text gef➤ gef config context.layout "code regs stack" ``` -* Stop showing the context sections when breaking: +* Stop showing the context sections when breaking: -``` +```text gef➤ gef config context.enable 0 ``` -* Clear the screen before showing the context sections when breaking: +* Clear the screen before showing the context sections when breaking: -``` +```text gef➤ gef config context.clear_screen 1 ``` -* Don't dereference the registers in the `regs` section (more compact): +* Don't dereference the registers in the `regs` section (more compact): -``` +```text gef➤ gef config context.show_registers_raw 1 ``` -* Number of bytes of opcodes to display next to the disassembly. +* Number of bytes of opcodes to display next to the disassembly. -``` +```text gef➤ gef config context.show_opcodes_size 4 ``` -* Don't 'peek' into the start of functions that are called. +* Don't 'peek' into the start of functions that are called. -``` +```text gef➤ gef config context.peek_calls False ``` -* Hide specific registers from the registers view. +* Hide specific registers from the registers view. -``` +```text gef➤ gef config context.ignore_registers "$cs $ds $gs" ``` -* Hide the extra pc context info from the source code view. +* Hide the extra pc context info from the source code view. -``` +```text gef➤ gef config context.show_source_code_variable_values 0 ``` -* Show better definitions for call to libc functions. +* Show better definitions for call to libc functions. -``` +```text gef➤ gef config context.libc_args True gef➤ gef config context.libc_args_path /path/to/gef-extras/libc_args ``` diff --git a/docs/commands/dereference.md b/docs/commands/dereference.md index bc815f158..277c4ce84 100644 --- a/docs/commands/dereference.md +++ b/docs/commands/dereference.md @@ -10,7 +10,7 @@ It is a useful convienence function to spare to process of manually tracking val dereference (by default, `$sp`), the number of consecutive addresses to dereference (by default, `10`) and the base location for offset calculation (by default the same as the start address): -``` +```text gef➤ dereference 0x00007fffffffdec0│+0x0000: 0x00007ffff7ffe190 → 0x0000555555554000 → jg 0x555555554047 ← $rsp, $r13 0x00007fffffffdec8│+0x0008: 0x00007ffff7ffe730 → 0x00007ffff7fd3000 → 0x00010102464c457f @@ -26,7 +26,7 @@ gef➤ dereference Here is an example with arguments: -``` +```text gef➤ telescope $rbp+0x10 -l 8 0x00007fffffffdf40│+0x0000: 0x00007ffff7fa5760 → 0x00000000fbad2887 0x00007fffffffdf48│+0x0008: 0x00000001f7e65b63 @@ -44,7 +44,7 @@ default, `10`). For example, if you want to dereference all the stack entries inside a function context (on a 64bit architecture): -``` +```text gef➤ p ($rbp - $rsp)/8 $3 = 4 gef➤ dereference -l 5 @@ -57,7 +57,7 @@ gef➤ dereference -l 5 It is possible to change the offset calculation to use a different address than the start address: -``` +```text gef➤ dereference $sp -l 7 -r $rbp 0x00007ffe6ddaa3e0│-0x0030: 0x0000000000000000 ← $rsp 0x00007ffe6ddaa3e8│-0x0028: 0x0000000000400970 → <__libc_csu_init+0> push r15 @@ -71,7 +71,7 @@ gef➤ dereference $sp -l 7 -r $rbp Just like with `x`, you can pass a negative number of addresses to dereference, to examine memory backwards from the start address: -``` +```text gef➤ dereference $sp -l 3 0x00007fffffffcf90│+0x0010: 0x00007ffff7f5aaa0 → 0x0000000000000000 0x00007fffffffcf88│+0x0008: 0x00000000000204a0 diff --git a/docs/commands/edit-flags.md b/docs/commands/edit-flags.md index 70d3faec2..73ad0fa42 100644 --- a/docs/commands/edit-flags.md +++ b/docs/commands/edit-flags.md @@ -6,7 +6,7 @@ return a human-friendly display of the register flags. One or many arguments can be provided, following the syntax below: -``` +```text gef➤ flags [(+|-|~)FLAGNAME ...] ``` @@ -16,7 +16,7 @@ whether to set, unset, or toggle the flag. For instance, on x86 architecture, if we don't want to take a conditional jump (e.g. a `jz` instruction), but we want to have the Carry flag set, simply go with: -``` +```text gef➤ flags -ZERO +CARRY ``` diff --git a/docs/commands/elf-info.md b/docs/commands/elf-info.md index 16ae78f6f..537f7d22a 100644 --- a/docs/commands/elf-info.md +++ b/docs/commands/elf-info.md @@ -2,7 +2,7 @@ `elf-info` (alias `elf`) provides some basic information on the currently loaded ELF binary: -``` +```text gef➤ elf Magic : 7f 45 4c 46 Class : 0x2 - 64-bit @@ -67,6 +67,6 @@ Entry point : 0x0000000000400750 Optionally a filepath to another ELF binary can be provided to view the basic information for that binary instead. -``` +```text gef➤ elf-info --filename /path/to/elf/executable ``` diff --git a/docs/commands/entry-break.md b/docs/commands/entry-break.md index 3796fe45d..6d1fead6d 100644 --- a/docs/commands/entry-break.md +++ b/docs/commands/entry-break.md @@ -6,9 +6,9 @@ also be resolved, making further debugging easier. It will perform the following actions: -1. Look up a `main` symbol. If found, set a temporary breakpoint and go. -2. Otherwise, it will look up for `__libc_start_main`. If found, set a temporary breakpoint and go. -3. Finally, if the previous two symbols are not found, it will get the entry point from the ELF +1. Look up a `main` symbol. If found, set a temporary breakpoint and go. +2. Otherwise, it will look up for `__libc_start_main`. If found, set a temporary breakpoint and go. +3. Finally, if the previous two symbols are not found, it will get the entry point from the ELF header, set a breakpoint and run. This case should never fail if the ELF binary has a valid structure. diff --git a/docs/commands/eval.md b/docs/commands/eval.md index 72a096451..46ec8d8e5 100644 --- a/docs/commands/eval.md +++ b/docs/commands/eval.md @@ -5,7 +5,7 @@ The `$` command attempts to mimic WinDBG `?` command. When provided one argument, it will evaluate the expression, and try to display the result with various formats: -``` +```text gef➤ $ $pc+1 93824992252977 0x555555559431 @@ -23,7 +23,7 @@ b'\x00\xf0\xff\xff\xff\xff\xff\xff' With two arguments, it will simply compute the delta between them: -``` +```text gef➤ vmmap libc Start End Offset Perm 0x00007ffff7812000 0x00007ffff79a7000 0x0000000000000000 r-x /lib/x86_64-linux-gnu/libc-2.24.so diff --git a/docs/commands/format-string-helper.md b/docs/commands/format-string-helper.md index a23df368a..9764e844c 100644 --- a/docs/commands/format-string-helper.md +++ b/docs/commands/format-string-helper.md @@ -5,23 +5,23 @@ detecting potentially insecure format string when using the GlibC library. It will use this new breakpoint against several targets, including: -* `printf()` -* `sprintf()` -* `fprintf()` -* `snprintf()` -* `vsnprintf()` +* `printf()` +* `sprintf()` +* `fprintf()` +* `snprintf()` +* `vsnprintf()` Just call the command to enable this functionality. `fmtstr-helper` is a shorter alias. -``` +```text gef➤ fmtstr-helper ``` Then start the binary execution. -``` +```text gef➤ r ``` diff --git a/docs/commands/functions.md b/docs/commands/functions.md index 2d367262f..141530e11 100644 --- a/docs/commands/functions.md +++ b/docs/commands/functions.md @@ -3,16 +3,16 @@ The `functions` command will list all of the [convenience functions](https://sourceware.org/gdb/onlinedocs/gdb/Convenience-Funs.html) provided by GEF. -- `$_base([filepath])` -- Return the matching file's base address plus an optional offset. +- `$_base([filepath])` -- Return the matching file's base address plus an optional offset. Defaults to the current file. Note that quotes need to be escaped. -- `$_bss([offset])` -- Return the current bss base address plus the given offset. -- `$_got([offset])` -- Return the current bss base address plus the given offset. -- `$_heap([offset])` -- Return the current heap base address plus an optional offset. -- `$_stack([offset])` -- Return the current stack base address plus an optional offset. +- `$_bss([offset])` -- Return the current bss base address plus the given offset. +- `$_got([offset])` -- Return the current bss base address plus the given offset. +- `$_heap([offset])` -- Return the current heap base address plus an optional offset. +- `$_stack([offset])` -- Return the current stack base address plus an optional offset. These functions can be used as arguments to other commands to dynamically calculate values. -``` +```text gef➤ deref -l 4 $_heap() 0x0000000000602000│+0x00: 0x0000000000000000 ← $r8 0x0000000000602008│+0x08: 0x0000000000000021 ("!"?) diff --git a/docs/commands/gef-remote.md b/docs/commands/gef-remote.md index 7a5615c5e..c0f16713e 100644 --- a/docs/commands/gef-remote.md +++ b/docs/commands/gef-remote.md @@ -11,9 +11,9 @@ process of debugging more cumbersome. GEF greatly improves that state with the ` `gef-remote` can function in 2 ways: -- `remote` which is meant to enrich use of GDB `target remote` command, when connecting to a "real" +- `remote` which is meant to enrich use of GDB `target remote` command, when connecting to a "real" gdbserver instance -- `qemu-mode` when connecting to GDB stab of either `qemu-user` or `qemu-system`. +- `qemu-mode` when connecting to GDB stab of either `qemu-user` or `qemu-system`. The reason for this difference being that Qemu provides *a lot* less information that GEF can extract to enrich debugging. Whereas GDBServer allows to download remote file (therefore allowing to @@ -30,7 +30,7 @@ to find the debug information. For example, if we want to debug `uname`, we do on the server: -``` +```text $ gdbserver :1234 /tmp/default.out Process /tmp/default.out created; pid = 258932 Listening on port 1234 @@ -41,7 +41,7 @@ Listening on port 1234 On the client, when the original `gdb` would use `target remote`, GEF's syntax is roughly similar (shown running in debug mode for more verbose output, but you don't have to): -``` +```text $ gdb -ex 'gef config gef.debug 1' GEF for linux ready, type `gef' to start, `gef config' to configure 90 commands loaded and 5 functions added for GDB 10.2 using Python engine 3.8 @@ -95,8 +95,8 @@ makes now even more sense 😉 And using it is very straight forward. #### `qemu-user` - 1. Run `qemu-x86_64 :1234 /bin/ls` - 2. Use `--qemu-user` and `--qemu-binary /bin/ls` when starting `gef-remote` + 1. Run `qemu-x86_64 :1234 /bin/ls` + 2. Use `--qemu-user` and `--qemu-binary /bin/ls` when starting `gef-remote` ![qemu-user](https://user-images.githubusercontent.com/590234/175072835-e276ab6c-4f75-4313-9e66-9fe5a3fd220e.png) @@ -105,7 +105,7 @@ makes now even more sense 😉 And using it is very straight forward. To test locally, you can use the mini image linux x64 vm [here](https://mega.nz/file/ldQCDQiR#yJWJ8RXAHTxREKVmR7Hnfr70tIAQDFeWSYj96SvPO1k). - 1. Run `./run.sh` - 2. Use `--qemu-user` and `--qemu-binary vmlinuz` when starting `gef-remote` + 1. Run `./run.sh` + 2. Use `--qemu-user` and `--qemu-binary vmlinuz` when starting `gef-remote` ![qemu-system](https://user-images.githubusercontent.com/590234/175071351-8e06aa27-dc61-4fd7-9215-c345dcebcd67.png) diff --git a/docs/commands/gef.md b/docs/commands/gef.md index 5bb54ab00..5b37db135 100644 --- a/docs/commands/gef.md +++ b/docs/commands/gef.md @@ -4,7 +4,7 @@ Displays a list of GEF commands and their descriptions. -``` +```text gef➤ gef ─────────────────────────────────── GEF - GDB Enhanced Features ─────────────────────────────────── $ -- SmartEval: Smart eval (vague approach to mimic WinDBG `?`). @@ -24,7 +24,7 @@ GEF is fully battery-included. However in some rare cases, it is possible that n loaded. If that's the case the command `gef missing` will detail which command failed to load, along with a (likely) reason. Read the documentation for a solution, or reach out on the Discord. -``` +```text gef➤ gef missing [*] Command `XXXX` is missing, reason → YYYYY. ``` @@ -36,7 +36,7 @@ persistent see the `gef save` entry. Using `gef config` by itself just shows all of the available settings and their values. -``` +```text gef➤ gef config ──────────────────────────────────── GEF configuration settings ──────────────────────────────────── context.clear_screen (bool) = False @@ -52,7 +52,7 @@ context.libc_args (bool) = False To filter the config settings you can use `gef config [setting]`. -``` +```text gef➤ gef config theme ─────────────────────────── GEF configuration settings matching 'theme' ─────────────────────────── theme.context_title_line (str) = "gray" @@ -67,7 +67,7 @@ theme.default_title_message (str) = "cyan" You can use `gef config [setting] [value]` to set a setting for the current session (see example below). -``` +```text gef➤ gef config theme.address_stack blue ``` @@ -76,7 +76,7 @@ gef➤ gef config theme.address_stack blue The `gef save` command saves the current settings (set with `gef config`) to the user's `~/.gef.rc` file (making the changes persistent). -``` +```text gef➤ gef save [+] Configuration saved to '/home/michael/.gef.rc' ``` @@ -87,7 +87,7 @@ Using `gef restore` loads and applies settings from the `~/.gef.rc` file to the This is useful if you are modifying your GEF configuration file and want to see the changes without completely reloading GEF. -``` +```text gef➤ gef restore [+] Configuration from '/home/michael/.gef.rc' restored ``` @@ -97,7 +97,7 @@ gef➤ gef restore The GEF set command allows the user to use GEF context within GDB set commands. This is useful when you want to make a convenient variable which can be set and referenced later. -``` +```text gef➤ gef set $a=1 ``` @@ -106,7 +106,7 @@ gef➤ gef set $a=1 The GEF run command is a wrapper around GDB's run command, allowing the user to use GEF context within the command. -``` +```text gef➤ gef run ./binary ``` @@ -115,14 +115,14 @@ gef➤ gef run ./binary `gef install` allows to install one (or more) specific script(s) from `gef-extras`. The new scripts will be downloaded and sourced to be used immediately after by GEF. The syntax is straight forward: -``` +```text gef➤ gef install SCRIPTNAME1 [SCRIPTNAME2...] ``` Where `SCRIPTNAME1` ... are the names of script from the [`gef-extras` repository](https://github.com/hugsy/gef-extras/tree/main/scripts/). -``` +```text gef➤ gef install remote windbg stack [+] Searching for 'remote.py' in `gef-extras@main`... [+] Installed file '/tmp/gef/remote.py', new command(s) available: `rpyc-remote` @@ -137,7 +137,7 @@ This makes it easier to deploy new functionalities in limited environment. By de looks up for script names in the `main` branch of `gef-extras`. However you can change specify a different branch through the `gef.default_branch` configuration setting: -``` +```text gef➤ gef config gef.default_branch my_other_branch ``` diff --git a/docs/commands/got.md b/docs/commands/got.md index 746784a52..04aeef685 100644 --- a/docs/commands/got.md +++ b/docs/commands/got.md @@ -5,7 +5,7 @@ Display the current state of GOT table of the running process. The `got` command optionally takes function names and filters the output displaying only the matching functions. -``` +```text gef➤ got ``` @@ -13,7 +13,7 @@ gef➤ got The applied filter partially matches the name of the functions, so you can do something like this. -``` +```text gef➤ got str gef➤ got print gef➤ got read @@ -23,7 +23,7 @@ gef➤ got read Example of multiple partial filters: -``` +```text gef➤ got str get ``` diff --git a/docs/commands/heap-analysis-helper.md b/docs/commands/heap-analysis-helper.md index bf9bfd870..aff01346a 100644 --- a/docs/commands/heap-analysis-helper.md +++ b/docs/commands/heap-analysis-helper.md @@ -7,14 +7,14 @@ tracking and analyzing allocations and deallocations of chunks of memory. Currently, the following issues can be tracked: -- NULL free -- Use-after-Free -- Double Free -- Heap overlap +- NULL free +- Use-after-Free +- Double Free +- Heap overlap The helper can simply be activated by running the command `heap-analysis-helper`. -``` +```text gef➤ heap-analysis [+] Tracking malloc() [+] Tracking free() @@ -30,13 +30,13 @@ enable/disable manually punctual checks via the `gef config` command. The following settings are accepted: -- `check_null_free`: to break execution when a free(NULL) is encountered (disabled by default); -- `check_double_free`: to break execution when a double free is encountered; +- `check_null_free`: to break execution when a free(NULL) is encountered (disabled by default); +- `check_double_free`: to break execution when a double free is encountered; ![double-free](https://i.imgur.com/S7b4FJa.png) -- `check_weird_free`: to execution when `free()` is called against a non-tracked pointer; -- `check_uaf`: to break execution when a possible Use-after-Free condition is found. +- `check_weird_free`: to execution when `free()` is called against a non-tracked pointer; +- `check_uaf`: to break execution when a possible Use-after-Free condition is found. ![uaf](https://i.imgur.com/NfV5Cu9.png) @@ -47,7 +47,7 @@ ascertained manually. The `heap-analysis-helper` can also be used to simply track allocation and liberation of chunks of memory. One can simply enable the tracking by setting all the configurations stated above to False: -``` +```text gef➤ gef config heap-analysis-helper.check_double_free False gef➤ gef config heap-analysis-helper.check_free_null False gef➤ gef config heap-analysis-helper.check_weird_free False @@ -61,7 +61,7 @@ when a chunk is allocated/freed. To get information regarding the currently tracked chunks, use the `show` subcommand: -``` +```text gef➤ heap-analysis-helper show ``` diff --git a/docs/commands/heap.md b/docs/commands/heap.md index e5447d4f7..c6992358d 100644 --- a/docs/commands/heap.md +++ b/docs/commands/heap.md @@ -5,36 +5,36 @@ only supports GlibC heap format (see [this link](https://code.woboq.org/userspace/glibc/malloc/malloc.c.html#malloc_chunk) for `malloc` structure information). Syntax to the subcommands is straight forward: -``` +```text gef➤ heap ``` -## `main_arena` symbol ### +## `main_arena` symbol If the linked glibc of the target program does not have debugging symbols it might be tricky for GEF to find the address of the `main_arena` which is needed for most of the `heap` subcommands. If you know the offset of this symbol from the glibc base address you can use GEF's config to provide said value: -``` +```text gef➤ gef config gef.main_arena_offset ``` If you do not know this offset and you want GEF to try and find it via bruteforce when executing a `heap` command the next time, you can try this instead: -``` +```text gef➤ gef config gef.bruteforce_main_arena True ``` Note that this might take a few seconds to complete. If GEF does find the symbol you can then calculate the offset to the libc base address and save it in the config. -### `heap chunks` command ### +### `heap chunks` command Displays all the chunks from the `heap` section of the current arena. -``` +```text gef➤ heap chunks ``` @@ -43,7 +43,7 @@ gef➤ heap chunks To select from which arena to display chunks either use the `heap set-arena` command or provide the base address of the other arena like this: -``` +```text gef➤ heap chunks [arena_address] ``` @@ -51,7 +51,7 @@ gef➤ heap chunks [arena_address] In order to display the chunks of all the available arenas at once use -``` +```text gef➤ heap chunks -a ``` @@ -62,12 +62,12 @@ re-aligns the chunks data start addresses to match Glibc's behavior. To be able chunks as well, you can disable this with the `--allow-unaligned` flag. Note that this might result in incorrect output. -### `heap chunk` command ### +### `heap chunk` command This command gives visual information of a Glibc malloc-ed chunked. Simply provide the address to the user memory pointer of the chunk to show the information related to a specific chunk: -``` +```text gef➤ heap chunk [address] ``` @@ -81,7 +81,7 @@ in incorrect output. There is an optional `number` argument, to specify the number of chunks printed by this command. To do so, simply provide the `--number` argument: -``` +```text gef➤ heap chunk --number 6 0x4e5400 Chunk(addr=0x4e5400, size=0xd0, flags=PREV_INUSE) Chunk(addr=0x4e54d0, size=0x1a0, flags=PREV_INUSE) @@ -92,7 +92,7 @@ Chunk(addr=0x4e6760, size=0x4c0, flags=PREV_INUSE) ``` -### `heap arenas` command ### +### `heap arenas` command Multi-threaded programs have different arenas, and the knowledge of the `main_arena` is not enough. `gef` therefore provides the `arena` sub-commands to help you list all the arenas allocated in your @@ -100,19 +100,19 @@ program **at the moment you call the command**. ![heap-arenas](https://i.imgur.com/RUTiADa.png) -### `heap set-arena` command ### +### `heap set-arena` command In cases where the debug symbol are not present (e.g. statically stripped binary), it is possible to instruct GEF to find the `main_arena` at a different location with the command: -``` +```text gef➤ heap set-arena [address] ``` If the arena address is correct, all `heap` commands will be functional, and use the specified address for `main_arena`. -### `heap bins` command ### +### `heap bins` command Glibc uses bins for keeping tracks of `free`d chunks. This is because making allocations through `sbrk` (requiring a syscall) is costly. Glibc uses those bins to remember formerly allocated chunks. @@ -120,14 +120,14 @@ Because bins are structured in single or doubly linked list, I found that quite interrogate `gdb` to get a pointer address, dereference it, get the value chunk, etc... So I decided to implement the `heap bins` sub-command, which allows to get info on: -- `fastbins` -- `bins` - - `unsorted` - - `small bins` - - `large bins` -- `tcachebins` +- `fastbins` +- `bins` +- `unsorted` +- `small bins` +- `large bins` +- `tcachebins` -#### `heap bins fast` command #### +#### `heap bins fast` command When exploiting heap corruption vulnerabilities, it is sometimes convenient to know the state of the `fastbinsY` array. @@ -136,7 +136,7 @@ The `fast` sub-command helps by displaying the list of fast chunks in this array argument, it will display the info of the `main_arena` arena. It accepts an optional argument, the address of another arena (which you can easily find using `heap arenas`). -``` +```text gef➤ heap bins fast ──────────────────────── Fastbins for arena 0x7ffff7fb8b80 ──────────────────────── Fastbins[idx=0, size=0x20] ← Chunk(addr=0x555555559380, size=0x20, flags=PREV_INUSE) @@ -148,19 +148,19 @@ Fastbins[idx=5, size=0x70] 0x00 Fastbins[idx=6, size=0x80] 0x00 ``` -#### Other `heap bins X` command #### +#### Other `heap bins X` command All the other subcommands (with the exception of `tcache`) for the `heap bins` work the same way as `fast`. If no argument is provided, `gef` will fall back to `main_arena`. Otherwise, it will use the address pointed as the base of the `malloc_state` structure and print out information accordingly. -#### `heap bins tcache` command #### +#### `heap bins tcache` command Modern versions of `glibc` use `tcache` bins to speed up multithreaded programs. Unlike other bins, `tcache` bins are allocated on a per-thread basis, so there is one set of `tcache` bins for each thread. -``` +```text gef➤ heap bins tcache [all] [thread_ids...] ``` @@ -169,6 +169,6 @@ bins tcache all` will show the `tcache`s for every thread, or you can specify an ids to see the `tcache` for each of them. For example, use the following command to show the `tcache` bins for threads 1 and 2. -``` +```text gef➤ heap bins tcache 1 2 ``` diff --git a/docs/commands/help.md b/docs/commands/help.md index 15d65684f..89d67c12b 100644 --- a/docs/commands/help.md +++ b/docs/commands/help.md @@ -2,6 +2,6 @@ Displays the help menu for the loaded GEF commands. -``` +```text gef➤ gef help ``` diff --git a/docs/commands/hexdump.md b/docs/commands/hexdump.md index 2bd409b76..b5bd5692e 100644 --- a/docs/commands/hexdump.md +++ b/docs/commands/hexdump.md @@ -4,26 +4,26 @@ Imitation of the WinDBG command. This command takes 4 optional arguments: -- The format for representing the data (by default, byte) -- A value/address/symbol used as the location to print the hexdump from (by default, $sp) -- The number of qword/dword/word/bytes to display (by default, 64 if the format is byte, 16 +- The format for representing the data (by default, byte) +- A value/address/symbol used as the location to print the hexdump from (by default, $sp) +- The number of qword/dword/word/bytes to display (by default, 64 if the format is byte, 16 otherwise) -- The direction of output lines (by default, from low to high addresses) +- The direction of output lines (by default, from low to high addresses) `hexdump byte` will also try to display the ASCII character values if the byte is printable (similarly to the `hexdump -C` command on Linux). The syntax is as following: -``` +```text hexdump (qword|dword|word|byte) [-h] [--reverse] [--size SIZE] [address] ``` Examples: -- Display 4 QWORDs from `$pc`: +- Display 4 QWORDs from `$pc`: -``` +```text gef➤ hexdump qword $pc --size 4 0x7ffff7a5c1c0+0000 │ 0x4855544155415641 0x7ffff7a5c1c0+0008 │ 0x0090ec814853cd89 @@ -31,17 +31,17 @@ gef➤ hexdump qword $pc --size 4 0x7ffff7a5c1c0+0018 │ 0x748918247c894800 ``` -- Display 32 bytes from a location in the stack: +- Display 32 bytes from a location in the stack: -``` +```text gef➤ hexdump byte 0x00007fffffffe5e5 --size 32 0x00007fffffffe5e5 2f 68 6f 6d 65 2f 68 75 67 73 79 2f 63 6f 64 65 /home/hugsy/code 0x00007fffffffe5f5 2f 67 65 66 2f 74 65 73 74 73 2f 77 69 6e 00 41 /gef/tests/win.A ``` -- Display 8 WORDs from `$sp` in reverse order: +- Display 8 WORDs from `$sp` in reverse order: -``` +```text gef➤ hexdump word 8 --reverse 0x00007fffffffe0ee│+0x000e 0x0000 0x00007fffffffe0ec│+0x000c 0x7fff diff --git a/docs/commands/highlight.md b/docs/commands/highlight.md index bf45a848e..5e84fe3f2 100644 --- a/docs/commands/highlight.md +++ b/docs/commands/highlight.md @@ -4,20 +4,20 @@ This command sets up custom highlighting for user set strings. Syntax: -``` +```text highlight (add|remove|list|clear) ``` Alias: -- `hl` +- `hl` ## Adding matches The following will add `41414141`/`'AAAA'` as yellow, and `42424242`/`'BBBB'` as blue: -``` +```text gef➤ hl add 41414141 yellow gef➤ hl add 42424242 blue gef➤ hl add AAAA yellow @@ -28,7 +28,7 @@ gef➤ hl add BBBB blue To remove a match, target it by the original string used, ex.: -``` +```text gef➤ hl rm 41414141 ``` @@ -36,7 +36,7 @@ gef➤ hl rm 41414141 To list all matches with their colors: -``` +```text gef➤ hl list 41414141 | yellow 42424242 | blue @@ -48,7 +48,7 @@ BBBB | blue To clear all matches currently setup: -``` +```text gef➤ hl clear ``` @@ -58,13 +58,13 @@ RegEx support is disabled by default, this is done for performance reasons. To enable regular expressions on text matches: -``` +```text gef➤ gef config highlight.regex True ``` To check the current status: -``` +```text gef➤ gef config highlight.regex highlight.regex (bool) = True ``` diff --git a/docs/commands/hijack-fd.md b/docs/commands/hijack-fd.md index 0998e6135..f1cf70016 100644 --- a/docs/commands/hijack-fd.md +++ b/docs/commands/hijack-fd.md @@ -5,13 +5,13 @@ file descriptor can point to a file, a pipe, a socket, a device etc. To use it, simply run -``` +```text gef➤ hijack-fd FDNUM NEWFILE ``` For instance, -``` +```text gef➤ hijack-fd 1 /dev/null ``` @@ -21,7 +21,7 @@ Will modify the current process file descriptors to redirect STDOUT to This command also supports connecting to an ip:port if it is provided as an argument. For example -``` +```text gef➤ hijack-fd 0 localhost:8888 ``` diff --git a/docs/commands/ksymaddr.md b/docs/commands/ksymaddr.md index e6ffea221..ba7f0cc3d 100644 --- a/docs/commands/ksymaddr.md +++ b/docs/commands/ksymaddr.md @@ -4,13 +4,13 @@ The syntax is straight forward: -``` +```text ksymaddr ``` For example, -``` +```text gef➤ ksymaddr commit_creds [+] Found matching symbol for 'commit_creds' at 0xffffffff8f495740 (type=T) [*] Found partial match for 'commit_creds' at 0xffffffff8f495740 (type=T): commit_creds diff --git a/docs/commands/memory.md b/docs/commands/memory.md index 61a539cb9..c4a0ef731 100644 --- a/docs/commands/memory.md +++ b/docs/commands/memory.md @@ -15,7 +15,7 @@ Specify a location to watch and display with the context, along with their optio Syntax: -``` +```text memory watch
[SIZE] [(qword|dword|word|byte|pointers)] ``` @@ -28,16 +28,17 @@ functions format](https://www.technovelty.org/linux/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html) allowing to easily track commonly used addresses: -For example, to watch the first 5 entries of the [GOT]() as pointers: +For example, to watch the first 5 entries of the [GOT](https://hugsy.github.io/gef/functions/got/) +as pointers: -``` +```text gef ➤ memory watch $_got()+0x18 5 [+] Adding memwatch to 0x555555773c50 ``` Which, when the `context` is displayed, will show something like: -![](https://i.imgur.com/3YabwYv.png) +![gef-context-memory](https://i.imgur.com/3YabwYv.png) ### Removing a watch @@ -45,7 +46,7 @@ Remove a watched address. To list all the addresses being watched, use `memory l Syntax: -``` +```text memory unwatch
``` @@ -55,11 +56,12 @@ Enumerate all the addresses currently watched by the `memory` command. Syntax: -``` +```text memory list ``` -The command will output a list of all the addresses watched, along with the size and format to display them as. +The command will output a list of all the addresses watched, along with the size and format to +display them as. ### Resetting watches @@ -67,6 +69,6 @@ Empties the list of addresses to watch. Syntax: -``` +```text memory reset ``` diff --git a/docs/commands/name-break.md b/docs/commands/name-break.md index 9201f34f5..223898e7b 100644 --- a/docs/commands/name-break.md +++ b/docs/commands/name-break.md @@ -13,14 +13,14 @@ make it easier to keep an overview when using multiple breakpoints in a stripped Examples: -- `nb first *0x400ec0` -- `nb "main func" main` -- `nb read_secret *main+149` -- `nb check_heap` +- `nb first *0x400ec0` +- `nb "main func" main` +- `nb read_secret *main+149` +- `nb check_heap` Example output: -``` +```text ─────────────────────────────────────────────────────────────────────────── code:x86:64 ──── 0x400e04 add eax, 0xfffbe6e8 0x400e09 dec ecx diff --git a/docs/commands/nop.md b/docs/commands/nop.md index 74917d2af..938285514 100644 --- a/docs/commands/nop.md +++ b/docs/commands/nop.md @@ -2,7 +2,7 @@ The `nop` command allows you to easily patch instructions with nops. -``` +```text nop [LOCATION] [--i ITEMS] [--f] [--n] [--b] ``` @@ -19,42 +19,42 @@ instructions it overwrites nop the current instruction ($pc): -```bash +```text gef➤ nop ``` nop an instruction at $pc+3 address: -```bash +```text gef➤ nop $pc+3 ``` nop two instructions at address $pc+3: -```bash +```text gef➤ nop --i 2 $pc+3 ``` Replace 1 byte with nop at current instruction ($pc): -```bash +```text gef➤ nop --b ``` Replace 1 byte with nop at address $pc+3: -```bash +```text gef➤ nop --b $pc+3 ``` Replace 2 bytes with nop(s) (breaking the last instruction) at address $pc+3: -```bash +```text gef➤ nop --f --b --i 2 $pc+3 ``` Patch 2 nops at address $pc+3: -```bash +```text gef➤ nop --n --i 2 $pc+3 ``` diff --git a/docs/commands/patch.md b/docs/commands/patch.md index b35e15ab5..f05759cc7 100644 --- a/docs/commands/patch.md +++ b/docs/commands/patch.md @@ -9,7 +9,7 @@ gef➤ patch string $eip "cool!" These commands copy the first 10 bytes of $rsp+8 to $rip: -``` +```text gef➤ print-format --lang bytearray -l 10 $rsp+8 Saved data b'\xcb\xe3\xff\xff\xff\x7f\x00\x00\x00\x00'... in '$_gef0' gef➤ patch byte $rip $_gef0 diff --git a/docs/commands/pattern.md b/docs/commands/pattern.md index 687f05036..19766cdd5 100644 --- a/docs/commands/pattern.md +++ b/docs/commands/pattern.md @@ -7,9 +7,9 @@ unique substrings of a chosen length. It should be noted that for better compatibility, the algorithm implemented in `GEF` is the same as the one in `pwntools`, and can therefore be used in conjunction. -### `pattern create` ### +### `pattern create` -``` +```text pattern create [-h] [-n N] [length] ``` @@ -17,7 +17,7 @@ The sub-command `create` allows one create a new De Bruijn sequence. The optiona determines the length of unique subsequences. Its default value matches the currently loaded architecture. The `length` argument sets the total length of the whole sequence. -``` +```text gef➤ pattern create -n 4 128 [+] Generating a pattern of 128 bytes (n=4) aaaabaaacaaadaaaeaaafaaagaaahaaaiaaajaaakaaalaaamaaanaaaoaaapaaaqaaaraaasaaataaauaaavaaawaaaxaaayaaazaabbaabcaabdaabeaabfaabgaab @@ -31,9 +31,9 @@ from pwn import * p = cyclic(128, n=8) ``` -### `pattern search` ### +### `pattern search` -``` +```text pattern search [-h] [-n N] [--max-length MAX_LENGTH] [pattern] ``` @@ -45,7 +45,7 @@ to search in can be adjusted. Note that the `pattern` can be passed as a GDB symbol (such as a register name), a string or a hexadecimal value -``` +```text gef➤ pattern search 0x6161616161616167 [+] Searching '0x6161616161616167' [+] Found at offset 48 (little-endian search) likely diff --git a/docs/commands/pcustom.md b/docs/commands/pcustom.md index d5a84eb0c..2aa645c95 100644 --- a/docs/commands/pcustom.md +++ b/docs/commands/pcustom.md @@ -13,7 +13,7 @@ extension`](https://github.com/hugsy/gef-extras/blob/main/scripts/windbg.py) New structures can be stored in the location given by the configuration setting: -``` +```text gef➤ gef config pcustom.struct_path ``` @@ -22,13 +22,13 @@ structure can be created as a simple `ctypes` structure, in a file called `` to spawn your ED targeted structure. If the file does not exist, `gef` will nicely create the tree and file, and fill it with a `ctypes` template that you can use straight away! -``` +```text gef➤ pcustom new mystruct_t [+] Creating '/tmp/gef/structs/mystruct_t.py' from template ``` @@ -58,7 +58,7 @@ gef➤ pcustom new mystruct_t If the structure already exists, GEF will open the text editor to edit the known structure. This is equivalent to: -``` +```text gef➤ pcustom edit elf32_t [+] Editing '/home/hugsy/code/gef-extras/structs/elf32_t.py' ``` @@ -100,7 +100,7 @@ class person_t(Structure): `pcustom` requires at least one argument, which is the name of the structure. With only one argument, `pcustom` will dump all the fields of this structure. -``` +```text gef➤ dt person_t +0000 age c_int /* size=0x4 */ +0004 name c_char_Array_256 /* size=0x100 */ @@ -120,7 +120,8 @@ For a full demo, watch the following tutorial: Additionally, if you have successfully configured your IDA settings, you can also directly import the structure(s) that was(were) reverse-engineered in IDA directly in your GDB session: -![ida-structure-examples](https://i.imgur.com/Tnsf6nt.png) - (see `gef-extras/ida-rpyc`, which is the new improved version of `ida-interact`) +![ida-structure-examples](https://i.imgur.com/Tnsf6nt.png) - (see `gef-extras/ida-rpyc`, which is +the new improved version of `ida-interact`) #### Dynamic `ctypes.Structure`-like classes @@ -131,9 +132,9 @@ currently debugged binary, the architecture, the size of a pointer and more). The syntax is relatively close to the way we use to create static classes (see above), but instead we define a function that will generate the class. The requirements for this class factory are: -- take a single [`Gef`](https://github.com/hugsy/gef/blob/main/docs/api/gef.md#class-gef) positional - argument -- End the function name with `_t` +- Take a single [`Gef`](https://github.com/hugsy/gef/blob/main/docs/api/gef.md#class-gef) + positional argument +- End the function name with `_t` To continue the `person_t` function we defined in the example above, we could modify the static class as a dynamic one very easily: @@ -190,13 +191,13 @@ A community contributed repository of structures can be found in In bash: -``` +```text git clone https://github.com/hugsy/gef-extras ``` In GEF: -``` +```text gef➤ gef config pcustom.struct_path /path/to/gef-extras/structs gef➤ gef save ``` @@ -204,7 +205,7 @@ gef➤ gef save Then either close GDB or `gef reload`. You can confirm the structures were correctly loaded in GEF's prompt: -``` +```text gef➤ pcustom list ``` diff --git a/docs/commands/pie.md b/docs/commands/pie.md index 2acb61966..866dd0c09 100644 --- a/docs/commands/pie.md +++ b/docs/commands/pie.md @@ -1,4 +1,4 @@ -## Command `pie` ## +## Command `pie` The `pie` command is handy when working with position-independent executables. At runtime, it can automatically resolve addresses for breakpoints that are not static. @@ -6,7 +6,7 @@ automatically resolve addresses for breakpoints that are not static. Note that you need to use the **entire `pie` command series** to support PIE breakpoints, especially the "`pie` run commands", like `pie attach`, `pie run`, etc. -### `pie breakpoint` command ### +### `pie breakpoint` command This command sets a new PIE breakpoint. It can be used like the normal `breakpoint` command in gdb. The argument for the command is the offset from the base address or a symbol. The breakpoints will @@ -15,18 +15,18 @@ run` or `pie remote` to actually attach to a process, so it can resolve the righ Usage: -``` +```text gef➤ pie breakpoint OFFSET ``` -### `pie info` command ### +### `pie info` command Since a PIE breakpoint is not a real breakpoint, this command provides a way to observe the state of all PIE breakpoints. This works just like `info breakpoint` in gdb. -``` +```text gef➤ pie info VNum Num Addr 1 N/A 0xdeadbeef @@ -39,29 +39,29 @@ You can omit the VNum argument to get info on all PIE breakpoints. Usage: -``` +```text gef➤ pie info [VNum] ``` -### `pie delete` command ### +### `pie delete` command This command deletes a PIE breakpoint given its VNum. Usage: -``` +```text gef➤ pie delete [VNum] ``` -### `pie attach` command ### +### `pie attach` command This command behaves like GDB's `attach` command. Always use this command instead of `attach` if you have PIE breakpoints. This will convert the PIE breakpoints to real breakpoints at runtime. The usage is just the same as `attach`. -### `pie remote` command ### +### `pie remote` command This command behaves like GDB's `remote` command. Always use this command instead of `remote` if you have PIE breakpoints. Behind the scenes this will connect to the remote target using `gef remote` @@ -69,7 +69,7 @@ and then convert the PIE breakpoints to real breakpoints at runtime. The usage is just the same as `remote`. -### `pie run` command ### +### `pie run` command This command behaves like GDB's `run` command. Always use this command instead of `run` if you have PIE breakpoints. This will convert the PIE breakpoints to real breakpoints at runtime. diff --git a/docs/commands/print-format.md b/docs/commands/print-format.md index bcb449222..4f6b7eab9 100644 --- a/docs/commands/print-format.md +++ b/docs/commands/print-format.md @@ -3,14 +3,14 @@ The command `print-format` (alias `pf`) will dump an arbitrary location as an array of bytes following the format specified. Currently, the output formats supported are -- Python (`py` - default) -- C (`c`) -- Assembly (`asm`) -- Javascript (`js`) -- Hex string (`hex`) -- For patch byte command or GDB $_gef[N] byte access (`bytearray`) - -``` +- Python (`py` - default) +- C (`c`) +- Assembly (`asm`) +- Javascript (`js`) +- Hex string (`hex`) +- For patch byte command or GDB $_gef[N] byte access (`bytearray`) + +```text gef➤ print-format -h [+] print-format [--lang LANG] [--bitlen SIZE] [(--length,-l) LENGTH] [--clip] LOCATION --lang LANG specifies the output format for programming language (available: ['py', 'c', 'js', 'asm', 'hex'], default 'py'). @@ -22,7 +22,7 @@ gef➤ print-format -h For example this command will dump 10 bytes from `$rsp` and copy the result to the clipboard. -``` +```text gef➤ print-format --lang py --bitlen 8 -l 10 --clip $rsp [+] Copied to clipboard buf = [0x87, 0xfa, 0xa3, 0xf7, 0xff, 0x7f, 0x0, 0x0, 0x30, 0xe6] @@ -30,7 +30,7 @@ buf = [0x87, 0xfa, 0xa3, 0xf7, 0xff, 0x7f, 0x0, 0x0, 0x30, 0xe6] These commands copy the first 10 bytes of $rsp+8 to $rip: -``` +```text gef➤ print-format --lang bytearray -l 10 $rsp+8 Saved data b'\xcb\xe3\xff\xff\xff\x7f\x00\x00\x00\x00'... in '$_gef0' gef➤ display/x $_gef0[5] diff --git a/docs/commands/process-search.md b/docs/commands/process-search.md index 96d585e4d..9d2f9a4e2 100644 --- a/docs/commands/process-search.md +++ b/docs/commands/process-search.md @@ -6,7 +6,7 @@ tcp/listening daemon that would fork upon `accept()`). Without argument, it will return all processes reachable by user: -``` +```text gef➤ ps 1 root 0.0 0.4 ? /sbin/init 2 root 0.0 0.0 ? [kthreadd] @@ -24,7 +24,7 @@ gef➤ ps Or to filter with pattern: -``` +```text gef➤ ps bash 22590 vagrant 0.0 0.8 pts/0 -bash ``` @@ -33,20 +33,20 @@ Note: Use "\\" for escaping and "\\\\" for a literal backslash" in the pattern. `ps` also accepts options: -* `--smart-scan` will filter out probably less relevant processes (belonging to different users, +* `--smart-scan` will filter out probably less relevant processes (belonging to different users, pattern matched to arguments instead of the commands themselves, etc.) -* `--attach` will automatically attach to the first process found +* `--attach` will automatically attach to the first process found So, for example, if your targeted process is called `/home/foobar/plop`, but the existing instance is used through `socat`, like -``` +```text socat tcp-l:1234,fork,reuseaddr exec:/home/foobar/plop ``` Then every time a new connection is opened to tcp/1234, `plop` will be forked, and GEF can easily attach to it with the command -``` +```text gef➤ ps --attach --smart-scan plop ``` diff --git a/docs/commands/process-status.md b/docs/commands/process-status.md index b024126f3..494b57079 100644 --- a/docs/commands/process-status.md +++ b/docs/commands/process-status.md @@ -6,7 +6,7 @@ information provided by GDB `info proc` command, with all the information from the `procfs` structure. -``` +```text gef➤ ps --smart-scan zsh 22879 gef➤ attach 22879 diff --git a/docs/commands/registers.md b/docs/commands/registers.md index 5c08d37ce..92739c085 100644 --- a/docs/commands/registers.md +++ b/docs/commands/registers.md @@ -4,7 +4,7 @@ The `registers` command will print all the registers and dereference any pointer Example on a MIPS host: -``` +```text gef➤ reg $zero : 0x00000000 $at : 0x00000001 @@ -48,12 +48,12 @@ $ra : 0x77e5e834 -> <__libc_start_main+260>: lw gp,16(sp) $gp : 0x00418b20 ``` -### Filtering registers ### +### Filtering registers If one or more register names are passed to the `registers` command as optional arguments, then only those will be shown: -``` +```text gef➤ reg $rax $rip $rsp $rax : 0x0000555555555169 → endbr64 $rsp : 0x00007fffffffe3e8 → 0x00007ffff7df40b3 → <__libc_start_main+243> mov edi, eax diff --git a/docs/commands/scan.md b/docs/commands/scan.md index ebb744b3e..3fed04382 100644 --- a/docs/commands/scan.md +++ b/docs/commands/scan.md @@ -5,7 +5,7 @@ lists all results. Usage: -``` +```text gef➤ scan NEEDLE HAYSTACK ``` @@ -13,7 +13,7 @@ gef➤ scan NEEDLE HAYSTACK is what will be searched for. The arguments are grepped against the process's memory mappings (just like [vmmap](./vmmap.md)) to determine the memory ranges to search. -``` +```text gef➤ scan stack libc [+] Searching for addresses in 'stack' that point to 'libc' [stack]: 0x00007fffffffd6a8│+0x1f6a8: 0x00007ffff77cf482 → "__tunable_get_val" @@ -24,7 +24,7 @@ gef➤ scan stack libc [...] ``` -### Advanced Needle/Haystack syntax ### +### Advanced Needle/Haystack syntax To check mappings without a path associated, an address range (start-end) can be used. Note that ranges don't include whitespaces. diff --git a/docs/commands/search-pattern.md b/docs/commands/search-pattern.md index 0e587468c..df4a2eb53 100644 --- a/docs/commands/search-pattern.md +++ b/docs/commands/search-pattern.md @@ -3,7 +3,7 @@ `gef` allows you to search for a specific pattern at runtime in all the segments of your process memory layout. The command `search-pattern`, alias `grep`, aims to be straight-forward to use: -``` +```text gef➤ search-pattern MyPattern ``` @@ -15,7 +15,7 @@ section it/they was/were found, and the permission associated to that section. `search-pattern` can also be used to search for addresses. To do so, simply ensure that your pattern starts with `0x` and is a valid hex address. For example: -``` +```text gef➤ search-pattern 0x4005f6 ``` @@ -25,23 +25,23 @@ The `search-pattern` command can also be used as a way to search for cross-refer For this reason, the alias `xref` also points to the command `search-pattern`. Therefore the command above is equivalent to `xref 0x4005f6` which makes it more intuitive to use. -### Searching in a specific range ### +### Searching in a specific range Sometimes, you may need to search for a very common pattern. To limit the search space, you can also specify an address range or the section to be checked. -``` +```text gef➤ search-pattern 0x4005f6 little libc gef➤ search-pattern 0x4005f6 little 0x603100-0x603200 ``` -### Searching in a specific range using regex ### +### Searching in a specific range using regex Sometimes, you may need an advanced search using regex. Just use --regex arg. Example: how to find null-end-printable(from x20-x7e) C strings (min size >=2 bytes) with a regex: -``` +```text gef➤ search-pattern --regex 0x401000 0x401500 ([\\x20-\\x7E]{2,})(?=\\x00) ``` diff --git a/docs/commands/shellcode.md b/docs/commands/shellcode.md index 56996ac9c..c38926b92 100644 --- a/docs/commands/shellcode.md +++ b/docs/commands/shellcode.md @@ -4,7 +4,7 @@ search and download directly via `GEF` the shellcode you're looking for. Two primitive subcommands are available, `search` and `get` -``` +```text gef➤ shellcode search arm [+] Showing matching shellcodes 901 Linux/ARM Add map in /etc/hosts file - 79 bytes diff --git a/docs/commands/skipi.md b/docs/commands/skipi.md index a7565c2e1..c89413273 100644 --- a/docs/commands/skipi.md +++ b/docs/commands/skipi.md @@ -2,7 +2,7 @@ The `skipi` command allows you to easily skip instructions execution. -``` +```text skipi [LOCATION] [--n NUM_INSTRUCTIONS] ``` diff --git a/docs/commands/stub.md b/docs/commands/stub.md index 61ab0edb3..9e3bce53c 100644 --- a/docs/commands/stub.md +++ b/docs/commands/stub.md @@ -2,7 +2,7 @@ The `stub` command allows you stub out functions, optionally specifying the return value. -``` +```text gef➤ stub [-h] [--retval RETVAL] [address] ``` @@ -17,14 +17,14 @@ fact drop us into the "child" process. It must be noted that this is a different classic `set follow-fork-mode child` since here we do not spawn a new process, we only trick the parent process into thinking it has become the child. -### Example ### +### Example Patching `fork()` calls: -* Without stub: +* Without stub: ![fork execution](https://i.imgur.com/TjnTDot.png) -* With stub: +* With stub: ![stubbed fork](https://i.imgur.com/CllTnRH.png) diff --git a/docs/commands/theme.md b/docs/commands/theme.md index 0e3e19c0e..736ba5017 100644 --- a/docs/commands/theme.md +++ b/docs/commands/theme.md @@ -2,7 +2,7 @@ Customize `GEF` by changing its color scheme. -``` +```text gef➤ theme context_title_message : red bold default_title_message : red bold @@ -20,23 +20,23 @@ value. Colors can be one of the following: -- red -- green -- blue -- yellow -- gray -- pink +- red +- green +- blue +- yellow +- gray +- pink Color also accepts the following attributes: -- bold -- underline -- highlight -- blink +- bold +- underline +- highlight +- blink Any other will value simply be ignored. -``` +```text gef➤ theme context_title_message blue bold foobar gef➤ theme context_title_message : blue bold diff --git a/docs/commands/tmux-setup.md b/docs/commands/tmux-setup.md index cb9ce55ff..a7b14a738 100644 --- a/docs/commands/tmux-setup.md +++ b/docs/commands/tmux-setup.md @@ -3,18 +3,18 @@ In the purpose of always making debugging sessions easier while being more effective, `GEF` integrates two commands: -* `tmux-setup` -* `screen-setup` +* `tmux-setup` +* `screen-setup` Those commands will check whether GDB is being spawn from inside a `tmux` (resp. `screen`) session, and if so, will split the pane vertically, and configure the context to be redirected to the new pane, looking something like: -![](https://i.imgur.com/Khk3xGl.png) +![gef-tmux-setup](https://i.imgur.com/Khk3xGl.png) To set it up, simply enter -``` +```text gef➤ tmux-setup ``` @@ -22,7 +22,7 @@ gef➤ tmux-setup a very clean way to do this. Therefore, if possible, it would be recommended to use the `tmux-setup` command instead. -### Possible color issues with tmux ### +### Possible color issues with tmux On Linux tmux only supports 8 colors with some terminal capabilities (`$TERM` environment variable). This can mess up your color themes when using GEF with tmux. To remedy this if your terminal diff --git a/docs/commands/trace-run.md b/docs/commands/trace-run.md index c9261f417..943901173 100644 --- a/docs/commands/trace-run.md +++ b/docs/commands/trace-run.md @@ -7,7 +7,7 @@ the path taken by a specific execution. It should be used with the IDA script It will trace and store all values taken by `$pc` during the execution flow, from its current value, until the value provided as argument. -``` +```text gef> trace-run ``` diff --git a/docs/commands/version.md b/docs/commands/version.md index 3739d8a0c..c624b40d5 100644 --- a/docs/commands/version.md +++ b/docs/commands/version.md @@ -2,11 +2,11 @@ Print out version information about your current gdb environment. -### Usage Examples ### +### Usage Examples When GEF is located in a directory tracked with git: -``` +```text gef➤ version GEF: rev:48a9fd74dd39db524fb395e7db528f85cc49d081 (Git - clean) SHA1(/gef/rules/gef.py): 848cdc87ba7c3e99e8129ad820c9fcc0973b1e99 @@ -16,7 +16,7 @@ GDB-Python: 3.8 Otherwise the command shows the `standalone` information: -``` +```text gef➤ version GEF: (Standalone) Blob Hash(/gef/rules/gef.py): f0aef0f481e8157006b26690bd121585d3befee0 @@ -27,7 +27,7 @@ GDB-Python: 3.8 The `Blob Hash` can be used to easily find the git commit(s) matching this file revision. -``` +```text git log --oneline --find-object ``` diff --git a/docs/commands/xor-memory.md b/docs/commands/xor-memory.md index 851a09278..3f11ecc43 100644 --- a/docs/commands/xor-memory.md +++ b/docs/commands/xor-memory.md @@ -4,25 +4,29 @@ This command is used to XOR a block of memory. Its syntax is: -``` +```text xor-memory
``` The first argument (`display` or `patch`) is the action to perform: -1. `display` will only show an hexdump of the result of the XOR-ed memory block, without writing the +- `display` will only show an hexdump of the result of the XOR-ed memory block, without writing the debuggee's memory. - gef➤ xor display $rsp 16 1337 - [+] Displaying XOR-ing 0x7fff589b67f8-0x7fff589b6808 with '1337' - ────────────────────────────────[ Original block ]──────────────────────────────────── - 0x00007fff589b67f8 46 4e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 FN@............. - ────────────────────────────────[ XOR-ed block ]────────────────────────────────────── - 0x00007fff589b67f8 55 79 53 37 13 37 13 37 13 37 13 37 13 37 13 37 UyS7.7.7.7.7.7.7 +```text +gef➤ xor display $rsp 16 1337 +[+] Displaying XOR-ing 0x7fff589b67f8-0x7fff589b6808 with '1337' +────────────────────────────────[ Original block ]──────────────────────────────────── +0x00007fff589b67f8 46 4e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 FN@............. +────────────────────────────────[ XOR-ed block ]────────────────────────────────────── +0x00007fff589b67f8 55 79 53 37 13 37 13 37 13 37 13 37 13 37 13 37 UyS7.7.7.7.7.7.7 +``` -2. `patch` will overwrite the memory with the xor-ed content. +- `patch` will overwrite the memory with the xor-ed content. - gef➤ xor patch $rsp 16 1337 - [+] Patching XOR-ing 0x7fff589b67f8-0x7fff589b6808 with '1337' - gef➤ hexdump byte $rsp 16 - 0x00007fff589b67f8 55 79 53 37 13 37 13 37 13 37 UyS7.7.7.7 +```text +gef➤ xor patch $rsp 16 1337 +[+] Patching XOR-ing 0x7fff589b67f8-0x7fff589b6808 with '1337' +gef➤ hexdump byte $rsp 16 +0x00007fff589b67f8 55 79 53 37 13 37 13 37 13 37 UyS7.7.7.7 +``` diff --git a/docs/compat.md b/docs/compat.md index 473414190..813000d4f 100644 --- a/docs/compat.md +++ b/docs/compat.md @@ -1,12 +1,12 @@ -# GEF Compatibility +## GEF Compatibility This matrix indicates the version of Python and/or GDB -| GEF version | GDB Python compatibility* | Python compatibility* | +| GEF version | GDB Python compatibility* | Python compatibility** | |:--:|:--:|:--:| | [2018.02](https://github.com/hugsy/gef/releases/tag/2018.02) | 7.2 | Python 2.7, Python 3.4+ | | [2020.03](https://github.com/hugsy/gef/releases/tag/2020.03) | 7.4 | Python 2.7, Python 3.4+ | | [2022.01](https://github.com/hugsy/gef/releases/tag/2021.01) | 7.7 | Python 3.4+ | | [Current](https://github.com/hugsy/gef/tree/main) | 8.0+ | Python 3.6+ | -* Up to - included + ** Up to (included) diff --git a/docs/config.md b/docs/config.md index 21ee2dcf8..cb28acb30 100644 --- a/docs/config.md +++ b/docs/config.md @@ -23,14 +23,14 @@ will simply dump all known settings: To update, follow the syntax -``` +```text gef➤ gef config . ``` Any setting updated this way will be specific to the current GDB session. To make permanent, use the following command -``` +```text gef➤ gef save ``` diff --git a/docs/deprecated.md b/docs/deprecated.md index 682e3a5af..129053c49 100644 --- a/docs/deprecated.md +++ b/docs/deprecated.md @@ -1,4 +1,4 @@ -# Deprecated commands +## Deprecated commands GEF is in itself a large file, but to avoid it to be out of control some commands once part of GEF were either moved to [GEF-Extras](https://github.com/hugsy/gef-extras) or even simply removed. This diff --git a/docs/faq.md b/docs/faq.md index 471338c1c..f5fc62622 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -1,6 +1,6 @@ -# Frequently Asked Questions # +## Frequently Asked Questions -## Why use GEF over PEDA? ## +## Why use GEF over PEDA? [PEDA](https://github.com/longld/peda) is a fantastic tool that provides similar commands to make the exploitation development process smoother. @@ -13,7 +13,7 @@ new architectures very easily as well! Also, PEDA development has been quite idle for a few years now, and many new interesting features a debugger can provide simply do not exist. -## What if my GDB is < 8.0 ? ## +## What if my GDB is < 8.0 ? GDB was introduced with its Python support early 2011 with the release of GDB 7. A (very) long way has gone since and the Python API has been massively improved, and GEF is taking advantage of them @@ -34,7 +34,7 @@ If you are running an obsolete version, GEF will show a error and message and ex Some pre-compiled static binaries for both recent GDB and GDBServer can be downloaded from the [`gdb-static`](https://github.com/hugsy/gdb-static) repository. -## I cannot get GEF setup ## +## I cannot get GEF setup GEF will work on any GDB 8+ compiled with Python 3.6+ support. You can view that commands that failed to load using `gef missing`, but this will not affect GEF generally. @@ -49,12 +49,12 @@ All recent distributions ship packaged GDB that should be ready-to-go, with a GD 3.6+. Any version higher or equal will work just fine. So you might actually only need to run `apt install gdb` to get the full-force of GEF. -## I get a SegFault when starting GDB with GEF ## +## I get a SegFault when starting GDB with GEF A long standing bug in the `readline` library can make `gef` crash GDB when displaying certain characters (SOH/ETX). As a result, this would SIGSEGV GDB as `gef` is loading, a bit like this: -``` +```text root@debian-aarch64:~# gdb -q ./test-bin-aarch64 GEF ready, type `gef' to start, `gef config' to configure 53 commands loaded, using Python engine 3.4 @@ -67,7 +67,7 @@ Segmentation fault (core dumped) If so, this can be fixed easily by setting the `gef.readline_compat` variable to `True` in the `~/.gef.rc` file. Something like this: -``` +```text root@debian-aarch64:~# nano ~/.gef.rc [...] [gef] @@ -77,20 +77,20 @@ readline_compat = True You can now use all features of `gef` even on versions of GDB compiled against old `readline` library. -## Does GEF prevent the use of other GDB plugins? ## +## Does GEF prevent the use of other GDB plugins? Definitely not! You can use any other GDB plugin on top of it for an even better debugging experience. Some interesting plugins highly recommended too: -- [!exploitable](https://github.com/jfoote/exploitable/) -- [Voltron](https://github.com/snare/voltron) +- [!exploitable](https://github.com/jfoote/exploitable/) +- [Voltron](https://github.com/snare/voltron) ![voltron](https://i.imgur.com/bfTIjNi.jpg) Src: [@rick2600: terminator + gdb + gef + voltron cc: @snare @_hugsy_](https://twitter.com/rick2600/status/775926070566490113) -## I want to contribute, where should I head first? ## +## I want to contribute, where should I head first? I would suggest thoroughly reading this documentation, just having a look to the [CONTRIBUTE](https://github.com/hugsy/gef/blob/main/.github/CONTRIBUTING.md) file of the project to @@ -99,7 +99,7 @@ give you pointers. Also a good thing would be to join our [Discord channel](https://discord.gg/HCS8Hg7) to get in touch with the people involved/using it. -## I think I've found a bug, how can I help fixing it? ## +## I think I've found a bug, how can I help fixing it? `gef` is only getting better through people (like you!) using it, but most importantly reporting unexpected behavior. @@ -111,7 +111,7 @@ happens, you'll only get to see a message like this: By switching to debug mode, `gef` will give much more information: -``` +```text gef➤ gef config gef.debug 1 ``` @@ -124,7 +124,7 @@ what was your solution for it. Otherwise, you can open an [issue](https://github.com/hugsy/gef/issues), give a thorough description of your bug and copy/paste the content from above. This will greatly help for solving the issue. -## I get weird issues/characters using GDB + Python3, what's up? ## +## I get weird issues/characters using GDB + Python3, what's up? Chances are you are not using UTF-8. Python3 is [highly relying on UTF-8](https://www.diveintopython3.net/strings.html) to display correctly characters of any alphabet @@ -135,11 +135,11 @@ compiled with Python3, GEF will assume that your current charset is UTF-8 (for i In addition, some unexpected results were observed when your local is not set to English. If you aren't sure, simply run `gdb` like this: -``` +```text LC_ALL=en_US.UTF-8 gdb /path/to/your/binary ``` -## GDB crashes on ARM memory corruption with `gdb_exception_RETURN_MASK_ERROR` ## +## GDB crashes on ARM memory corruption with `gdb_exception_RETURN_MASK_ERROR` This issue is **NOT** GEF related, but GDB's, or more precisely some versions of GDB packaged with Debian/Kali for ARM @@ -168,7 +168,7 @@ Debian/Kali for ARM Therefore, there is nothing GEF's developers can do about that. The correct solution as mentioned above is to recompile your GDB with a newer (better) version. -The whole topic was already internally discussed, so please refer to the +The whole topic was already internally discussed, so please refer to the [issue 206](https://github.com/hugsy/gef/issues/206) for the whole story. ## I still don't have my answer... Where can I go? diff --git a/docs/functions/base.md b/docs/functions/base.md index eadc98a27..225c05a7d 100644 --- a/docs/functions/base.md +++ b/docs/functions/base.md @@ -1,16 +1,16 @@ -# Function `$_base()` +## Function `$_base()` Return the matching file's base address plus an optional offset. Defaults to current file. Note that quotes need to be escaped. _Note_: a debugging session must be active -``` +```text $_base([filepath]) ``` Example: -``` +```text gef➤ p $_base(\"/usr/lib/ld-2.33.so\") ``` diff --git a/docs/functions/bss.md b/docs/functions/bss.md index ac9c67fc8..3eeb9f529 100644 --- a/docs/functions/bss.md +++ b/docs/functions/bss.md @@ -1,15 +1,15 @@ -# Function `$_bss()` +## Function `$_bss()` Return the current BSS base address plus the given offset. _Note_: a debugging session must be active -``` +```text $_bss([offset]) ``` Example: -``` +```text gef➤ p $_bss(0x20) ``` diff --git a/docs/functions/got.md b/docs/functions/got.md index 9070df006..e66611dea 100644 --- a/docs/functions/got.md +++ b/docs/functions/got.md @@ -1,15 +1,15 @@ -# Function `$_got()` +## Function `$_got()` Return the current GOT base address plus the given offset. _Note_: a debugging session must be active -``` +```text $_got([offset]) ``` Example: -``` +```text gef➤ p $_got(0x20) ``` diff --git a/docs/functions/heap.md b/docs/functions/heap.md index 7dd365205..6919b5497 100644 --- a/docs/functions/heap.md +++ b/docs/functions/heap.md @@ -1,15 +1,15 @@ -# Function `$_heap()` +## Function `$_heap()` Return the current heap base address plus the given offset. _Note_: a debugging session must be active -``` +```text $_heap([offset]) ``` Example: -``` +```text gef➤ p $_heap(0x20) ``` diff --git a/docs/functions/stack.md b/docs/functions/stack.md index 374bdb979..7287a77b5 100644 --- a/docs/functions/stack.md +++ b/docs/functions/stack.md @@ -1,15 +1,15 @@ -# Function `$_stack()` +## Function `$_stack()` Return the current stack base address plus the given offset. _Note_: a debugging session must be active -``` +```text $_stack([offset]) ``` Example: -``` +```text gef➤ p $_stack(0x20) ``` diff --git a/docs/index.md b/docs/index.md index ec7dbf234..57dacb483 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,4 +1,4 @@ -# GEF - GDB Enhanced Features # +# GEF - GDB Enhanced Features [![Docs](https://img.shields.io/badge/Documentation-blue.svg)](https://hugsy.github.io/gef/) [![Coverage](https://img.shields.io/badge/Coverage-purple.svg)](https://hugsy.github.io/gef/coverage/) [![MIT](https://img.shields.io/packagist/l/doctrine/orm.svg?maxAge=2592000?style=plastic)](https://github.com/hugsy/gef/blob/main/LICENSE) [![Python 3](https://img.shields.io/badge/Python-3-green.svg)](https://github.com/hugsy/gef/) [![Discord](https://img.shields.io/badge/Discord-GDB--GEF-yellow)](https://discord.gg/HCS8Hg7) @@ -29,7 +29,8 @@ It requires Python 3, but [`gef-legacy`](https://github.com/hugsy/gef-legacy) ca * Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc. * Suited for real-life debugging, exploit development, just as much as for CTFs -* And a lot more commands contributed by the community available on [GEF-Extras](https://github.com/hugsy/gef-extras) !! +* And a lot more commands contributed by the community available on +[GEF-Extras](https://github.com/hugsy/gef-extras) !! Check out the [showroom page](https://hugsy.github.io/gef/screenshots/) for more | or [try it online yourself!](https://demo.gef.blah.cat) (user:`gef`/password:`gef-demo`) @@ -71,7 +72,7 @@ local:~ $ gdb -q gef➤ gef-remote -t your.ip.address:1234 -p 666 ``` -## Bugs & Feedbacks ## +## Bugs & Feedbacks To discuss `gef`, `gdb`, exploitation or other topics, feel free to join our [Discord channel](https://discord.gg/HCS8Hg7). @@ -83,7 +84,7 @@ _Side Note_: `GEF` fully relies on the GDB API and other Linux-specific sources as `/proc/`). As a consequence, some of the features might not work on custom or hardened systems such as GrSec. -## Contribution ## +## Contribution `gef` was created and maintained by myself, [`@_hugsy_`](https://twitter.com/_hugsy_), but kept fresh thanks to [all the contributors](https://github.com/hugsy/gef/graphs/contributors). @@ -93,7 +94,7 @@ fresh thanks to [all the contributors](https://github.com/hugsy/gef/graphs/contr Or if you just like the tool, feel free to drop a simple _"thanks"_ on Discord, Twitter or other, it is **always** very appreciated. -## Sponsors ## +## Sponsors We would like to thank in particular the following people who've been sponsoring GEF allowing us to dedicate more time and resources to the project: diff --git a/docs/install.md b/docs/install.md index 4485eb8a2..b2b5f6f84 100644 --- a/docs/install.md +++ b/docs/install.md @@ -1,16 +1,17 @@ -# Installing GEF +## Installing GEF ## Prerequisites Specific GEF commands rely on commonly used Unix commands to extract additional information. Therefore it requires the following binaries to be present: -* `file` -* `readelf` -* `ps` -* `python3` +* `file` +* `readelf` +* `ps` +* `python3` -Those tools are included by default in many modern distributions. If they're missing, you can use your OS package manager to install them. +Those tools are included by default in many modern distributions. If they're missing, you can use +your OS package manager to install them. ### GDB @@ -44,9 +45,10 @@ There are **none**: `GEF` works out of the box! GEF itself provides most (if not all 🤯) features required for typical sessions. However, GEF can be easily extended via -* community-built scripts, functions and architectures in the repo + +* community-built scripts, functions and architectures in the repo `gef-extras` (see below) -* your own script which can leverage the GEF API for the heavy lifting +* your own script which can leverage the GEF API for the heavy lifting ## Standalone diff --git a/docs/screenshots.md b/docs/screenshots.md index fff73a5d3..91199eb89 100644 --- a/docs/screenshots.md +++ b/docs/screenshots.md @@ -1,4 +1,4 @@ -# Screenshots +## Screenshots @@ -11,12 +11,12 @@ extensible architecture API. Currently `GEF` supports the following architectures: -- Intel x86 (32b & 64b) -- ARM (v6/v7) -- AARCH64 -- MIPS/MIPS64 -- PowerPC -- SPARC/SPARCv9 +- Intel x86 (32b & 64b) +- ARM (v6/v7) +- AARCH64 +- MIPS/MIPS64 +- PowerPC +- SPARC/SPARCv9 ## Features diff --git a/docs/testing.md b/docs/testing.md index 6ebd2163a..6dc3f5951 100644 --- a/docs/testing.md +++ b/docs/testing.md @@ -114,7 +114,7 @@ pytest -k benchmark which will return (after some time) an execution summary -``` +```text tests/perf/benchmark.py .. [100%] diff --git a/tests/api/deprecated.py b/tests/api/deprecated.py index d341e9a33..319a58cc0 100644 --- a/tests/api/deprecated.py +++ b/tests/api/deprecated.py @@ -33,4 +33,3 @@ def test_deprecated_elf_values(self): self.assertNoException(res) if not record: pytest.fail(f"Expected a warning for '{item}'!") - diff --git a/tests/api/gef_heap.py b/tests/api/gef_heap.py index b3825e158..f4bef66d1 100644 --- a/tests/api/gef_heap.py +++ b/tests/api/gef_heap.py @@ -76,4 +76,3 @@ def test_class_glibcarena_main_arena(self): addr3 = result_as_int("int(gef.heap.main_arena)") self.assertEqual(addr1, addr2) self.assertEqual(addr2, addr3) - diff --git a/tests/binaries/nested.c b/tests/binaries/nested.c index 4324e3180..bb645c1d3 100644 --- a/tests/binaries/nested.c +++ b/tests/binaries/nested.c @@ -9,4 +9,4 @@ void f4(){ f5(); } void f3(){ f4(); } void f2(){ f3(); } void f1(){ f2(); } -int main(){ f1(); return 0;} \ No newline at end of file +int main(){ f1(); return 0;} diff --git a/tests/binaries/nested2.c b/tests/binaries/nested2.c index a81399dea..4b8af6275 100644 --- a/tests/binaries/nested2.c +++ b/tests/binaries/nested2.c @@ -1,3 +1,3 @@ #include "utils.h" int f1(int i){ if(i==10) {DebugBreak(); return 0;} return f1(++i); } -int main(){ return f1(0); } \ No newline at end of file +int main(){ return f1(0); } diff --git a/tests/commands/functions.py b/tests/commands/functions.py index 9f3d925d1..dbdd7fe7e 100644 --- a/tests/commands/functions.py +++ b/tests/commands/functions.py @@ -16,4 +16,3 @@ def test_cmd_functions(self): res = gdb_run_cmd(cmd) self.assertNoException(res) self.assertIn("$_heap", res) - diff --git a/tests/commands/gef.py b/tests/commands/gef.py index 17465d472..e35ba20cd 100644 --- a/tests/commands/gef.py +++ b/tests/commands/gef.py @@ -120,4 +120,3 @@ def test_cmd_gef_install(self): self.assertNotEqual(-1, idx, f"Check {i}/{3} failed: missing '{pattern}' in\n{res}") self.assertIn("new command(s) available", res) res = res[idx:] - diff --git a/tests/commands/gef_remote.py b/tests/commands/gef_remote.py index eceb2ecdc..e46eb94ec 100644 --- a/tests/commands/gef_remote.py +++ b/tests/commands/gef_remote.py @@ -37,4 +37,3 @@ def test_cmd_gef_remote_qemu_user(self): self.assertIn( f"RemoteSession(target='{GDBSERVER_PREFERED_HOST}:{port}', local='/tmp/", res) self.assertIn(", qemu_user=True)", res) - diff --git a/tests/commands/got.py b/tests/commands/got.py index 3399ba766..01c1cb23d 100644 --- a/tests/commands/got.py +++ b/tests/commands/got.py @@ -29,4 +29,3 @@ def test_cmd_got(self): res = gdb_start_silent_cmd("got printf", target=target) self.assertIn("printf", res) self.assertNotIn("strcpy", res) - diff --git a/tests/commands/heap.py b/tests/commands/heap.py index b624a0eda..983d4a0ea 100644 --- a/tests/commands/heap.py +++ b/tests/commands/heap.py @@ -178,4 +178,3 @@ def test_cmd_heap_bins_unsorted(self): self.assertIn("Found 1 chunks in unsorted bin", res) self.assertIn("Chunk(addr=", res) self.assertIn(f"size={self.expected_unsorted_bin_size:#x}", res) - diff --git a/tests/commands/heap_analysis.py b/tests/commands/heap_analysis.py index 826f34182..13fe6b1e7 100644 --- a/tests/commands/heap_analysis.py +++ b/tests/commands/heap_analysis.py @@ -24,4 +24,3 @@ def test_cmd_heap_analysis(self): addr = int(res.split("calloc(32)=")[1].split("\n")[0], 0) self.assertRegex(res, r"realloc\(.+, 48") self.assertIn(f"free({addr:#x}", res) - diff --git a/tests/commands/hexdump.py b/tests/commands/hexdump.py index 1e14a5010..fb51cd3f6 100644 --- a/tests/commands/hexdump.py +++ b/tests/commands/hexdump.py @@ -21,6 +21,3 @@ def test_cmd_hexdump(self): self.assertNoException(res) res = gdb_start_silent_cmd("hexdump byte $sp -s 32") self.assertNoException(res) - - - diff --git a/tests/commands/name_break.py b/tests/commands/name_break.py index 8119bf5ed..d7f0b1de9 100644 --- a/tests/commands/name_break.py +++ b/tests/commands/name_break.py @@ -21,4 +21,3 @@ def test_cmd_name_break(self): res = gdb_start_silent_cmd("nb foobar") self.assertNoException(res) - diff --git a/tests/commands/pattern.py b/tests/commands/pattern.py index 172830784..ddf827db6 100644 --- a/tests/commands/pattern.py +++ b/tests/commands/pattern.py @@ -77,4 +77,3 @@ def test_cmd_pattern_search(self): res = gdb_run_cmd(cmd, before=before, target=target) self.assertNoException(res) self.assertIn(f"not found", res) - diff --git a/tests/commands/pie.py b/tests/commands/pie.py index 1bcb1e95e..185c4fab2 100644 --- a/tests/commands/pie.py +++ b/tests/commands/pie.py @@ -52,4 +52,3 @@ def test_cmd_pie_breakpoint_run(self): # check the mask of the breakpoint address address = int(res.split()[0], 16) self.assertEqual(address & self.pie_offset, self.pie_offset) - diff --git a/tests/commands/process_status.py b/tests/commands/process_status.py index 97247e526..1a7d91e06 100644 --- a/tests/commands/process_status.py +++ b/tests/commands/process_status.py @@ -18,5 +18,3 @@ def test_cmd_process_status(self): self.assertIn("Process Information", res) self.assertIn("No child process", res) self.assertIn("No open connections", res) - - diff --git a/tests/commands/registers.py b/tests/commands/registers.py index 5dc35262c..3e9e3da36 100644 --- a/tests/commands/registers.py +++ b/tests/commands/registers.py @@ -30,4 +30,3 @@ def test_cmd_registers(self): elif ARCH in ("i686", ): self.assertIn("$eax", res) self.assertIn("$eflags", res) - diff --git a/tests/commands/reset_cache.py b/tests/commands/reset_cache.py index 6979edecf..fda8d4106 100644 --- a/tests/commands/reset_cache.py +++ b/tests/commands/reset_cache.py @@ -13,5 +13,3 @@ class ResetCacheCommand(GefUnitTestGeneric): def test_cmd_reset_cache(self): res = gdb_start_silent_cmd("reset-cache") self.assertNoException(res) - - diff --git a/tests/commands/scan.py b/tests/commands/scan.py index c4590b645..5be7e4bd3 100644 --- a/tests/commands/scan.py +++ b/tests/commands/scan.py @@ -21,4 +21,3 @@ def test_cmd_scan(self): res = gdb_start_silent_cmd("scan binary libc") self.assertNoException(res) self.assertIn("__libc_start_main", res) - diff --git a/tests/commands/search_pattern.py b/tests/commands/search_pattern.py index deb29d17c..c8c3be6d1 100644 --- a/tests/commands/search_pattern.py +++ b/tests/commands/search_pattern.py @@ -17,14 +17,12 @@ def test_cmd_search_pattern(self): self.assertIn("0x", res) def test_cmd_search_pattern_regex(self): - res = gdb_start_silent_cmd_last_line("set {char[6]} $sp = { 0x41, 0x42, 0x43, 0x44, 0x45, 0x00 }", + res = gdb_start_silent_cmd_last_line("set {char[6]} $sp = { 0x41, 0x42, 0x43, 0x44, 0x45, 0x00 }", after=[r"search-pattern --regex $sp $sp+7 ([\\x20-\\x7E]{2,})(?=\\x00)",]) self.assertNoException(res) self.assertTrue(r"b'ABCDE'" in res) # this should not match because binary string is not null ended: - res = gdb_start_silent_cmd_last_line("set {char[6]} $sp = { 0x41, 0x42, 0x43, 0x44, 0x45, 0x03 }", + res = gdb_start_silent_cmd_last_line("set {char[6]} $sp = { 0x41, 0x42, 0x43, 0x44, 0x45, 0x03 }", after=[r"search-pattern --regex $sp $sp+7 ([\\x20-\\x7E]{2,})(?=\\x00)",]) self.assertNoException(res) self.assertTrue(r"b'ABCDE'" not in res) - - diff --git a/tests/commands/skipi.py b/tests/commands/skipi.py index 268b2aed8..6c07a905d 100644 --- a/tests/commands/skipi.py +++ b/tests/commands/skipi.py @@ -60,4 +60,3 @@ def test_cmd_skipi_two_instructions_from_location(self): ) self.assertNoException(res) self.assertIn(r"\x90\x90", res) # 2 nops - diff --git a/tests/commands/stub.py b/tests/commands/stub.py index f813eff6f..b87db50f7 100644 --- a/tests/commands/stub.py +++ b/tests/commands/stub.py @@ -19,4 +19,4 @@ def test_cmd_stub(self): self.assertIn("Hello World!", res) res = gdb_start_silent_cmd(cmds, after=["continue"]) self.assertNoException(res) - self.assertNotIn("Hello World!", res) \ No newline at end of file + self.assertNotIn("Hello World!", res) diff --git a/tests/config/__init__.py b/tests/config/__init__.py index 76b4a9e17..891742c96 100644 --- a/tests/config/__init__.py +++ b/tests/config/__init__.py @@ -20,4 +20,3 @@ def test_config_show_opcodes_size(self): # output format: 0xaddress opcode mnemo [operands, ...] # example: 0x5555555546b2 897dec mov DWORD PTR [rbp-0x14], edi self.assertRegex(res, r"(0x([0-9a-f]{2})+)\s+(([0-9a-f]{2})+)\s+<[^>]+>\s+(.*)") - diff --git a/tests/requirements.txt b/tests/requirements.txt index c43a1571a..a467cb9e2 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -5,3 +5,4 @@ pytest-xdist pytest-benchmark pytest-forked coverage +pre-commit