def test_command_xinfo(self):
self.assertFailIfInactiveSession(gdb_run_command("xinfo $sp"))
res = gdb_start_silent_command("xinfo")
self.assertTrue(b"At least one valid address must be specified" in res)
res = gdb_start_silent_command("xinfo $sp")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) >= 7)
return
def test_command_xinfo(self):
self.assertFailIfInactiveSession(gdb_run_command("xinfo $sp"))
res = gdb_start_silent_command("xinfo")
self.assertTrue(b"At least one valid address must be specified" in res)
res = gdb_start_silent_command("xinfo $sp")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) >= 7)
return
def test_command_vmmap(self):
self.assertFailIfInactiveSession(gdb_run_command("vmmap"))
res = gdb_start_silent_command("vmmap")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
res = gdb_start_silent_command("vmmap stack")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
return
def test_command_vmmap(self):
self.assertFailIfInactiveSession(gdb_run_command("vmmap"))
res = gdb_start_silent_command("vmmap")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
res = gdb_start_silent_command("vmmap stack")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
return
def test_command_hexdump(self):
self.assertFailIfInactiveSession(gdb_run_command("hexdump $pc"))
res = gdb_start_silent_command("hexdump qword $pc")
self.assertNoException(res)
res = gdb_start_silent_command("hexdump dword $pc l1")
self.assertNoException(res)
res = gdb_start_silent_command("hexdump word $pc l5 down")
self.assertNoException(res)
res = gdb_start_silent_command("hexdump byte $sp l32")
self.assertNoException(res)
return
def test_command_hexdump(self):
self.assertFailIfInactiveSession(gdb_run_command("hexdump $pc"))
res = gdb_start_silent_command("hexdump qword $pc")
self.assertNoException(res)
res = gdb_start_silent_command("hexdump dword $pc l1")
self.assertNoException(res)
res = gdb_start_silent_command("hexdump word $pc l5 down")
self.assertNoException(res)
res = gdb_start_silent_command("hexdump byte $sp l32")
self.assertNoException(res)
return
def test_command_print_format(self):
self.assertFailIfInactiveSession(gdb_run_command("print-format"))
res = gdb_start_silent_command("print-format $rsp")
self.assertNoException(res)
self.assertTrue(b"buf = [" in res)
res = gdb_start_silent_command("print-format -f js $rsp")
self.assertNoException(res)
self.assertTrue(b"var buf = [" in res)
res = gdb_start_silent_command("print-format -f iDontExist $rsp")
self.assertNoException(res)
self.assertTrue(b"Language must be :" in res)
return
def test_command_dereference(self):
self.assertFailIfInactiveSession(gdb_run_command("dereference"))
res = gdb_start_silent_command("dereference $sp")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 2)
self.assertTrue(b"$rsp" in res)
res = gdb_start_silent_command("dereference 0")
self.assertNoException(res)
self.assertTrue(b"Unmapped address" in res)
return
def test_command_dereference(self):
self.assertFailIfInactiveSession(gdb_run_command("dereference"))
res = gdb_start_silent_command("dereference $sp")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 2)
self.assertTrue(b"$rsp" in res)
res = gdb_start_silent_command("dereference 0")
self.assertNoException(res)
self.assertTrue(b"Unmapped address" in res)
return
def test_command_xor_memory(self):
cmd = "xor-memory display $sp 0x10 0x41"
self.assertFailIfInactiveSession(gdb_run_command(cmd))
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"Original block" in res)
self.assertTrue(b"XOR-ed block" in res)
cmd = "xor-memory patch $sp 0x10 0x41"
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"Patching XOR-ing ")
return
def test_command_xor_memory(self):
cmd = "xor-memory display $sp 0x10 0x41"
self.assertFailIfInactiveSession(gdb_run_command(cmd))
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"Original block" in res)
self.assertTrue(b"XOR-ed block" in res)
cmd = "xor-memory patch $sp 0x10 0x41"
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"Patching XOR-ing ")
return
def test_command_retdec(self):
cmd = "retdec -s main"
target = "tests/binaries/retdec.out"
res = gdb_start_silent_command(cmd, target=target)
if b"No RetDec API key provided" in res:
api_key = os.getenv("GEF_RETDEC_API_KEY")
if api_key is None:
return
before = ["gef config retdec.key {}".format(api_key),]
res = gdb_start_silent_command(cmd, before=before, target=target)
self.assertNoException(res)
self.assertTrue(b"Saved as" in res)
return
def test_command_retdec(self):
cmd = "retdec -s main"
target = "tests/binaries/retdec.out"
res = gdb_start_silent_command(cmd, target=target)
if b"No RetDec API key provided" in res:
api_key = os.getenv("GEF_RETDEC_API_KEY")
if api_key is None:
return
before = ["gef config retdec.key {}".format(api_key),]
res = gdb_start_silent_command(cmd, before=before, target=target)
self.assertNoException(res)
self.assertTrue(b"Saved as" in res)
return
def test_command_capstone_disassemble(self):
self.assertFailIfInactiveSession(
gdb_run_command("capstone-disassemble"))
res = gdb_start_silent_command("capstone-disassemble")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
return
def test_command_registers(self):
self.assertFailIfInactiveSession(gdb_run_command("registers"))
res = gdb_start_silent_command("registers")
self.assertNoException(res)
self.assertTrue(b"$rax" in res)
self.assertTrue(b"$eflags" in res)
return
def test_command_canary(self):
self.assertFailIfInactiveSession(gdb_run_command("canary"))
res = gdb_start_silent_command("canary", target="tests/binaries/canary.out")
self.assertNoException(res)
self.assertTrue(b"Found AT_RANDOM at" in res)
self.assertTrue(b"The canary of process " in res)
return
def test_command_canary(self):
self.assertFailIfInactiveSession(gdb_run_command("canary"))
res = gdb_start_silent_command("canary", target="tests/binaries/canary.out")
self.assertNoException(res)
self.assertTrue(b"Found AT_RANDOM at" in res)
self.assertTrue(b"The canary of process " in res)
return
def test_command_registers(self):
self.assertFailIfInactiveSession(gdb_run_command("registers"))
res = gdb_start_silent_command("registers")
self.assertNoException(res)
self.assertTrue(b"$rax" in res)
self.assertTrue(b"$eflags" in res)
return
def test_command_heap_arenas(self):
cmd = "heap arenas"
target = "tests/binaries/heap.out"
self.assertFailIfInactiveSession(gdb_run_command(cmd, target=target))
res = gdb_start_silent_command(cmd, target=target)
self.assertNoException(res)
self.assertTrue(b"Arena (base=" in res)
return
def test_command_process_status(self):
self.assertFailIfInactiveSession(gdb_run_command("process-status"))
res = gdb_start_silent_command("process-status")
self.assertNoException(res)
self.assertTrue(b"Process Information" in res \
and b"No child process" in res \
and b"No open connections" in res)
return
def test_command_heap_arenas(self):
cmd = "heap arenas"
target = "tests/binaries/heap.out"
self.assertFailIfInactiveSession(gdb_run_command(cmd, target=target))
res = gdb_start_silent_command(cmd, target=target)
self.assertNoException(res)
self.assertTrue(b"Arena (base=" in res)
return
def test_command_process_status(self):
self.assertFailIfInactiveSession(gdb_run_command("process-status"))
res = gdb_start_silent_command("process-status")
self.assertNoException(res)
self.assertTrue(b"Process Information" in res \
and b"No child process" in res \
and b"No open connections" in res)
return
def test_command_unicorn_emulate(self):
cmd = "emu -n 1"
res = gdb_run_command(cmd)
self.assertFailIfInactiveSession(res)
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"Final registers" in res)
return
def test_command_unicorn_emulate(self):
cmd = "emu -n 1"
res = gdb_run_command(cmd)
self.assertFailIfInactiveSession(res)
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"Final registers" in res)
return
def test_command_trace_run(self):
cmd = "trace-run"
res = gdb_run_command(cmd)
self.assertFailIfInactiveSession(res)
cmd = "trace-run $pc+1"
res = gdb_start_silent_command(cmd,
before=["gef config trace-run.tracefile_prefix /tmp/gef-trace-"])
self.assertNoException(res)
self.assertTrue(b"Tracing from" in res)
return
def test_command_trace_run(self):
cmd = "trace-run"
res = gdb_run_command(cmd)
self.assertFailIfInactiveSession(res)
cmd = "trace-run $pc+1"
res = gdb_start_silent_command(cmd,
before=["gef config trace-run.tracefile_prefix /tmp/gef-trace-"])
self.assertNoException(res)
self.assertTrue(b"Tracing from" in res)
return
def test_command_keystone_assemble(self):
valid_cmds = [
"assemble nop; xor eax, eax; int 0x80",
"assemble -a arm -m arm add r0, r1, r2",
"assemble -a mips -m mips32 add $v0, 1",
"assemble -a sparc -m sparc32 set 0, %o0",
"assemble -a arm64 -m little_endian add x29, sp, 0; mov w0, 0; ret"
]
for cmd in valid_cmds:
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
return
def test_command_keystone_assemble(self):
valid_cmds = [
"assemble nop; xor eax, eax; int 0x80",
"assemble -a arm -m arm add r0, r1, r2",
"assemble -a mips -m mips32 add $v0, 1",
"assemble -a sparc -m sparc32 set 0, %o0",
"assemble -a arm64 -m little_endian add x29, sp, 0; mov w0, 0; ret"
]
for cmd in valid_cmds:
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
return
def test_command_xfiles(self):
self.assertFailIfInactiveSession(gdb_run_command("xfiles"))
res = gdb_start_silent_command("xfiles")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) >= 3)
return
def test_command_reset_cache(self):
res = gdb_start_silent_command("reset-cache")
self.assertNoException(res)
return
def test_command_shellcode_get(self):
res = gdb_start_silent_command("shellcode get 77")
self.assertNoException(res)
self.assertTrue(b"Shellcode written to " in res)
return
def test_command_heap_analysis(self):
cmd = "heap-analysis-helper"
self.assertFailIfInactiveSession(gdb_run_command(cmd))
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
return
def test_command_shellcode_get(self):
res = gdb_start_silent_command("shellcode get 77")
self.assertNoException(res)
self.assertTrue(b"Shellcode written to " in res)
return
def test_command_stub(self):
cmd = "stub printf"
self.assertFailIfInactiveSession(gdb_run_command(cmd))
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
return
def test_command_shellcode(self):
res = gdb_start_silent_command("shellcode")
self.assertNoException(res)
self.assertTrue(b"Missing sub-command <search|get>" in res)
return
def test_command_shellcode_search(self):
cmd = "shellcode search execve /bin/sh"
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"setuid(0) + execve(/bin/sh) 49 bytes" in res)
return
def test_command_capstone_disassemble(self):
self.assertFailIfInactiveSession(gdb_run_command("capstone-disassemble"))
res = gdb_start_silent_command("capstone-disassemble")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) > 1)
return
def test_command_shellcode_search(self):
cmd = "shellcode search execve /bin/sh"
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
self.assertTrue(b"setuid(0) + execve(/bin/sh) 49 bytes" in res)
return
def test_command_xfiles(self):
self.assertFailIfInactiveSession(gdb_run_command("xfiles"))
res = gdb_start_silent_command("xfiles")
self.assertNoException(res)
self.assertTrue(len(res.splitlines()) >= 3)
return
def test_command_heap_analysis(self):
cmd = "heap-analysis-helper"
self.assertFailIfInactiveSession(gdb_run_command(cmd))
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
return
def test_command_shellcode(self):
res = gdb_start_silent_command("shellcode")
self.assertNoException(res)
self.assertTrue(b"Missing sub-command <search|get>" in res)
return
def test_command_stub(self):
cmd = "stub printf"
self.assertFailIfInactiveSession(gdb_run_command(cmd))
res = gdb_start_silent_command(cmd)
self.assertNoException(res)
return
def test_command_search_pattern(self):
self.assertFailIfInactiveSession(gdb_run_command("grep /bin/sh"))
res = gdb_start_silent_command("grep /bin/sh")
self.assertNoException(res)
self.assertTrue(b"0x" in res)
return
def test_command_search_pattern(self):
self.assertFailIfInactiveSession(gdb_run_command("grep /bin/sh"))
res = gdb_start_silent_command("grep /bin/sh")
self.assertNoException(res)
self.assertTrue(b"0x" in res)
return
def test_command_reset_cache(self):
res = gdb_start_silent_command("reset-cache")
self.assertNoException(res)
return
