1n4r1.github.io

© 2021. All rights reserved.

Setup memo for GDB Enhanced Features (GEF)

17 Jan 2020

Explanation

GDB Enhanced Features(GEF)” is a GDB extension to provide additional commands for dynamic analysis and exploit development.
To setup for Kali linux, we need some steps and this is a memo for that.

Environment

Solution

1. Initial Setup

On the Github repository, we have some Explanation for installation.
However, they didn’t work and the following script achieves the purpose.

root@kali:~# git clone https://github.com/hugsy/gef.git

---

root@kali:~# echo source `pwd`/gef/gef.py >> ~/.gdbinit

With the following command, we can confirm the GEF running.
However, we still have some missing commands.

root@kali:~# gdb -q test
GEF for linux ready, type `gef' to start, `gef config' to configure
77 commands loaded for GDB 8.3.1 using Python engine 3.7
[*] 3 commands could not be loaded, run `gef missing` to know why.
Reading symbols from test...
(No debugging symbols found in test)
gef➤

With the command “gef missing”, we can find the names of command missing.

gef➤  gef missing
[*] Command `set-permission` is missing, reason  →  Missing `keystone-engine` package for Python3, install with: `pip3 install keystone-engine`.
[*] Command `ropper` is missing, reason  →  Missing `ropper` package for Python3, install with: `pip3 install ropper`.
[*] Command `assemble` is missing, reason  →  Missing `keystone-engine` package for Python3, install with: `pip3 install keystone-engine`.
gef➤

Then, install the prerequisites.

root@kali:~# apt-get install cmake

---

root@kali:~# pip3 install keystone-engine ropper unicorn

---

However, still some commands are missing.

gef➤  gef missing
[*] Command `set-permission` is missing, reason  →  Missing `keystone-engine` package for Python3, install with: `pip3 install keystone-engine`.
[*] Command `assemble` is missing, reason  →  Missing `keystone-engine` package for Python3, install with: `pip3 install keystone-engine`.
gef➤

This time, we need to build the “keystone” manually.
The source code can be downloaded from the release page of official repository.

root@kali:~# ls -l | grep keystone
-rw-r--r--  1 root root  4326151 Jan 17 02:30 keystone-0.9.1.tar.gz

root@kali:~# tar xzvf keystone-0.9.1.tar.gz 

---

root@kali:~# cd keystone-0.9.1/
root@kali:~/keystone-0.9.1# mkdir build
root@kali:~/keystone-0.9.1# cd build/
root@kali:~/keystone-0.9.1/build# ../make-share.sh

---

root@kali:~/keystone-0.9.1/build# make install

---

root@kali:~/keystone-0.9.1/build# ldconfig

After that, we can confirm that we have no missing commands.

root@kali:~/keystone-0.9.1/build# gdb -q test
GEF for linux ready, type `gef' to start, `gef config' to configure
80 commands loaded for GDB 8.3.1 using Python engine 3.7
Reading symbols from test...
(No debugging symbols found in test)
gef➤  gef missing
[+] No missing command
gef➤

Related Posts