GDBleed – Dynamic-Static binary instrumentation framework on top of GDB
GDBleed is a gdb wrapper exposing a set of commands for x86-64, ARM and MIPS (x86 and ARM thumb-mode in progress) architectures to perform binary instrumentation.
The objective was to exploit the hackish features of GDB python API, while ignoring the software performance attribute (for now). And in the end to have a user-friendly framework.
GDBleed focus is applicability, then we have efficiency. The more CPU archs it does suport the better it is.
start command or attach gdb to the debugged processsource gdbleed.pytests folder# GEF gdb extension, ref https://github.com/hugsy/gef
sudo apt-get -y install unzip cmake binutils# python's version which your gdb intalled supports
export PYTHON_VER="python3"
sudo apt-get install ${PYTHON_VER}-distutils ${PYTHON_VER}-setuptools
# Choose module versions (i suggest not changing the major number version)
export KEYSTONE_VER="0.9.2"
export LIEF_VER="0.12.3"./setup.sh
Required for hooking/instrumentation also aka Inline GOT hooking
export TARGET=arm-linux-gnueabi
sudo apt-get install -y binutils-${TARGET} gcc-${TARGET}
export TARGET=mips-linux-gnu
sudo apt-get install -y binutils-${TARGET} gcc-${TARGET}augroup filetypedetect
au! BufRead,BufNewFile *.c.bleed setfiletype c
augroup ENDWhen people ask how UDP works, the simplest answer is this: UDP sends data quickly…
Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…
A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
People trying to securely connect to work are being tricked into doing the exact opposite.…
A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…