def stop (self):
print "Function",self.locname,"at",self.locstr+":"
# read function arguments (linux amd64 calling convention)
args = list()
args.append(gdb.parse_and_eval("$rdi"))
args.append(gdb.parse_and_eval("$rsi"))
args.append(gdb.parse_and_eval("$rdx"))
args.append(gdb.parse_and_eval("$rcx"))
args.append(gdb.parse_and_eval("$r8"))
args.append(gdb.parse_and_eval("$r9"))
# print arguments
arg_num = 0
for arg in args:
buffer = gdb_utils.read_string(arg, 32)
if buffer:
print "\targument"+str(arg_num),"=",arg,'"'+buffer+'"'
else:
print "\targument"+str(arg_num),"=",arg
arg_num += 1
print ""
# return False to continue the execution of the program
return False
def stop (self):
# get the string address, from the return value
address = gdb.parse_and_eval('$rax')
# get the string, using gdb_utils.read_string(), since it's null terminated...
string = gdb_utils.read_string(address, 1024)
# print sniffed data
print string
# return False to continue the execution of the program
return False
def stop(self):
# get the string address, from the return value
address = gdb.parse_and_eval('$rax')
# get the string, using gdb_utils.read_string(), since it's null terminated...
string = gdb_utils.read_string(address, 1024)
# print sniffed data
print string
# return False to continue the execution of the program
return False
