Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers - GEF
GEF
is aimed to be used mostly by exploiters and reverse-engineers. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis or exploit development. GEF
fully relies on GDB API and other Linux specific source of information (such as /proc/pid
). As a consequence, some of the features might not work on custom or harden systems such as GrSec. It has fully support for Python2 and Python3 indifferently (as more and more distro start pushing gdb
compiled with Python3 support).Quick start
Simply make sure you're having a GDB 7.x+ .
$ wget -q -O- https://github.com/hugsy/gef/raw/master/gef.sh | sh
$ gdb -q /path/to/my/bin
gef> gef help
remote:~ $ gdbserver 0.0.0.0:1234 /path/to/file
local:~ $ gdb -q
gef> gef-remote your.ip.address:1234
Show me
x86
ARM
PowerPC
MIPS
Dependencies
There are none:
GEF
works out of the box! However, to enjoy all the coolest features, it is recommended to install: Note : if you are using GDB with Python3 support, you cannot use
ROPgadget
as Python3 support has not implemented yet. Capstone
and radare2-python
will work just fine. Another note :
Capstone
is packaged for Python 2 and 3 with pip
. So a quick install is $ pip2 install capstone # for Python2.x
$ pip3 install capstone # for Python3.x
ropgadget
$ pip[23] install ropgadget
assemble
command relies on the binary rasm2
provided by radare2
.