From 7409ac243265edb12cbd18354e934848390509e6 Mon Sep 17 00:00:00 2001 From: Arvind S Raj Date: Tue, 1 Oct 2013 18:54:19 +0530 Subject: [PATCH 1/5] Bumped revision number --- gdbinit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gdbinit b/gdbinit index 41eb698..bdeefee 100644 --- a/gdbinit +++ b/gdbinit @@ -2,7 +2,7 @@ # # DESCRIPTION: A user-friendly gdb configuration file, for x86/x86_64 and ARM platforms. # -# REVISION : 8.0.5 (18/08/2013) +# REVISION : 8.0.6 (05/09/2013) # # CONTRIBUTORS: mammon_, elaine, pusillus, mong, zhang le, l0kit, # truthix the cyberpunk, fG!, gln From af2933d9cd8f7fba7af0132b9f2656f0c1e1a9c8 Mon Sep 17 00:00:00 2001 From: Asger Hautop Drewsen Date: Tue, 10 Dec 2013 23:14:23 +0100 Subject: [PATCH 2/5] Add functions entry_point and break_entry_point --- gdbinit | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/gdbinit b/gdbinit index bdeefee..c7edd85 100644 --- a/gdbinit +++ b/gdbinit @@ -3049,6 +3049,34 @@ Syntax: trace_run | Log overwrites(!) the file ~/gdb_trace_run.txt. end +define entry_point + shell rm -f /tmp/gdb-entry_point + + set logging redirect on + set logging file /tmp/gdb-entry_point + set logging on + + info files + + set logging off + + shell entry_point="$(grep 'Entry point:' /tmp/gdb-entry_point | awk '{ print $3 }')"; echo "$entry_point"; echo 'set $entry_point_address = '"$entry_point" > /tmp/gdb-entry_point + source /tmp/gdb-entry_point +end +document entry_point +Syntax: entry_point +| Prints the entry point address of the target and stores it in the variable entry_point. +end + +define break_entry_point + entry_point + break *$entry_point_address +end +document break_entry_point +Syntax: entry_point +| Sets a breakpoint on the entry point of the target. +end + #define ptraceme # catch syscall ptrace # commands From 4e5b924f959d15fa3089813bd91e69085800bbe6 Mon Sep 17 00:00:00 2001 From: Asger Hautop Drewsen Date: Tue, 10 Dec 2013 23:16:34 +0100 Subject: [PATCH 3/5] Add function objc_symbols --- gdbinit | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/gdbinit b/gdbinit index c7edd85..8f876ed 100644 --- a/gdbinit +++ b/gdbinit @@ -3073,10 +3073,33 @@ define break_entry_point break *$entry_point_address end document break_entry_point -Syntax: entry_point +Syntax: break_entry_point | Sets a breakpoint on the entry point of the target. end +define objc_symbols + shell rm -f /tmp/gdb-objc_symbols + + set logging redirect on + set logging file /tmp/gdb-objc_symbols + set logging on + + info target + + set logging off + + shell target="$(head -1 /tmp/gdb-objc_symbols | head -1 | awk -F '"' '{ print $2 }')"; objc-symbols "$target" | SymTabCreator -o /tmp/gdb-symtab + + set logging on + add-symbol-file /tmp/gdb-symtab + set logging off +end +document objc_symbols +Syntax: objc_symbols +| Loads stripped objc symbols into gdb using objc-symbols and SymTabCreator +| See http://stackoverflow.com/questions/17554070/import-class-dump-info-into-gdb +end + #define ptraceme # catch syscall ptrace # commands From f6e2c34c22b8d2d7b071e1bacb3630ad4e7e0977 Mon Sep 17 00:00:00 2001 From: reverser Date: Sun, 15 Dec 2013 23:10:56 +0000 Subject: [PATCH 4/5] Use absolute paths for all shell commands, cleanup temporary file on command exit. --- gdbinit | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/gdbinit b/gdbinit index 8f876ed..06698da 100644 --- a/gdbinit +++ b/gdbinit @@ -3050,8 +3050,7 @@ Syntax: trace_run end define entry_point - shell rm -f /tmp/gdb-entry_point - + set logging redirect on set logging file /tmp/gdb-entry_point set logging on @@ -3060,25 +3059,25 @@ define entry_point set logging off - shell entry_point="$(grep 'Entry point:' /tmp/gdb-entry_point | awk '{ print $3 }')"; echo "$entry_point"; echo 'set $entry_point_address = '"$entry_point" > /tmp/gdb-entry_point + shell entry_point="$(/usr/bin/grep 'Entry point:' /tmp/gdb-entry_point | /usr/bin/awk '{ print $3 }')"; echo "$entry_point"; echo 'set $entry_point_address = '"$entry_point" > /tmp/gdb-entry_point source /tmp/gdb-entry_point + shell /bin/rm -f /tmp/gdb-entry_point end document entry_point Syntax: entry_point | Prints the entry point address of the target and stores it in the variable entry_point. end -define break_entry_point +define break_entrypoint entry_point break *$entry_point_address end -document break_entry_point -Syntax: break_entry_point +document break_entrypoint +Syntax: break_entrypoint | Sets a breakpoint on the entry point of the target. end define objc_symbols - shell rm -f /tmp/gdb-objc_symbols set logging redirect on set logging file /tmp/gdb-objc_symbols @@ -3087,17 +3086,19 @@ define objc_symbols info target set logging off - - shell target="$(head -1 /tmp/gdb-objc_symbols | head -1 | awk -F '"' '{ print $2 }')"; objc-symbols "$target" | SymTabCreator -o /tmp/gdb-symtab + # XXX: define paths for objc-symbols and SymTabCreator + shell target="$(/usr/bin/head -1 /tmp/gdb-objc_symbols | /usr/bin/head -1 | /usr/bin/awk -F '"' '{ print $2 }')"; objc-symbols "$target" | SymTabCreator -o /tmp/gdb-symtab set logging on add-symbol-file /tmp/gdb-symtab set logging off + shell /bin/rm -f /tmp/gdb-objc_symbols end document objc_symbols Syntax: objc_symbols | Loads stripped objc symbols into gdb using objc-symbols and SymTabCreator | See http://stackoverflow.com/questions/17554070/import-class-dump-info-into-gdb +| and https://github.com/0xced/class-dump/tree/objc-symbols (for the required utils) end #define ptraceme From 8fc045a5165e2388ac4b8ca3460597a5356b82a8 Mon Sep 17 00:00:00 2001 From: reverser Date: Mon, 16 Dec 2013 02:11:06 +0000 Subject: [PATCH 5/5] Add missing call to stepo command --- gdbinit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gdbinit b/gdbinit index 06698da..8242971 100644 --- a/gdbinit +++ b/gdbinit @@ -2389,7 +2389,7 @@ define stepoframework set $_nextaddress = $pc + 0x3 end # call *0x????????(%ebx) (0xFF93????????) || - if ($_byte2 == 0x93 || $_byte2 == 0x94 || $_byte2 == 0x90 || $_byte2 == 0x92 || $_byte2 == 0x95) + if ($_byte2 == 0x93 || $_byte2 == 0x94 || $_byte2 == 0x90 || $_byte2 == 0x92 || $_byte2 == 0x95 || $_byte2 == 0x15) set $_nextaddress = $pc + 6 end # call *0x????????(%ebx,%eax,4) (0xFF94??????????)