GDBleed – Dynamic-Static binary instrumentation framework on top of GDB
GDBleed is a gdb wrapper exposing a set of commands for x86-64, ARM and MIPS (x86 and ARM thumb-mode in progress) architectures to perform binary instrumentation.
The objective was to exploit the hackish features of GDB python API, while ignoring the software performance attribute (for now). And in the end to have a user-friendly framework.
GDBleed focus is applicability, then we have efficiency. The more CPU archs it does suport the better it is.
start command or attach gdb to the debugged processsource gdbleed.pytests folder# GEF gdb extension, ref https://github.com/hugsy/gef
sudo apt-get -y install unzip cmake binutils# python's version which your gdb intalled supports
export PYTHON_VER="python3"
sudo apt-get install ${PYTHON_VER}-distutils ${PYTHON_VER}-setuptools
# Choose module versions (i suggest not changing the major number version)
export KEYSTONE_VER="0.9.2"
export LIEF_VER="0.12.3"./setup.sh
Required for hooking/instrumentation also aka Inline GOT hooking
export TARGET=arm-linux-gnueabi
sudo apt-get install -y binutils-${TARGET} gcc-${TARGET}
export TARGET=mips-linux-gnu
sudo apt-get install -y binutils-${TARGET} gcc-${TARGET}augroup filetypedetect
au! BufRead,BufNewFile *.c.bleed setfiletype c
augroup ENDCybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…