def unknown(x):
return generateColorFunction(config.enhance_unknown_color)(x)
def stack(x):
return generateColorFunction(config.memory_stack_color)(x)
def arrow(x):
return generateColorFunction(config.chain_arrow_color)(x)
def string(x):
return generateColorFunction(config.enhance_string_value_color)(x)
def offset(x):
return generateColorFunction(config.hexdump_offset_color)(x)
def separator(x):
return generateColorFunction(config.telescope_offset_separator_color)(x)
def banner_title(x):
return generateColorFunction(config.banner_title_color)(x)
def normal(x):
return generateColorFunction(config.hexdump_normal_color)(x)
def flag_unset(x):
return generateColorFunction(config.context_flag_unset_color)(x)
def flag_changed(x):
return generateColorFunction(config.context_flag_changed_color)(x)
def flag_value(x):
return generateColorFunction(config.context_flag_value_color)(x)
def register_changed(x):
return generateColorFunction(config.context_register_changed_color)(x)
def highlight(x):
return generateColorFunction(config.highlight_color)(x)
def code(x):
return generateColorFunction(config.memory_code_color)(x)
def off(msg):
return generateColorFunction(config.message_status_off_color)(msg)
def rwx(x):
return generateColorFunction(config.memory_rwx_color)(x)
def notice(msg):
return generateColorFunction(config.message_notice_color)(msg)
def zero(x):
return generateColorFunction(config.hexdump_zero_color)(x)
def hint(msg):
return generateColorFunction(config.message_hint_color)(msg)
def offset(x):
return generateColorFunction(config.telescope_offset_color)(x)
def success(msg):
return generateColorFunction(config.message_success_color)(msg)
def repeating_marker(x):
return generateColorFunction(config.telescope_repeating_marker_color)(x)
def warn(msg):
return generateColorFunction(config.message_warning_color)(msg)
def banner(x):
return generateColorFunction(config.banner_color)(x)
def error(msg):
return generateColorFunction(config.message_error_color)(msg)
def comment(x):
return generateColorFunction(config.enhance_comment_color)(x)
def system(msg):
return generateColorFunction(config.message_system_color)(msg)
def branch(x):
return generateColorFunction(config.disasm_branch_color)(x)
def exit(msg):
return generateColorFunction(config.message_exit_color)(msg)
def heap(x):
return generateColorFunction(config.memory_heap_color)(x)
def breakpoint(msg):
return generateColorFunction(config.message_breakpoint_color)(msg)
def rodata(x):
return generateColorFunction(config.memory_rodata_color)(x)
def signal(msg):
return generateColorFunction(config.message_signal_color)(msg)
def vis_heap_chunks(address, count):
address = int(address)
main_heap = pwndbg.heap.current
main_arena = main_heap.get_arena()
top_chunk = int(main_arena['top'])
unpack = pwndbg.arch.unpack
cells_map = {}
chunk_id = 0
ptr_size = pwndbg.arch.ptrsize
while chunk_id < count:
prev_size = unpack(pwndbg.memory.read(address, ptr_size))
current_size = unpack(pwndbg.memory.read(address + ptr_size, ptr_size))
real_size = current_size & ~main_heap.malloc_align_mask
prev_inuse = current_size & 1
stop_addr = address + real_size
while address < stop_addr:
assert address not in cells_map
cells_map[address] = chunk_id
address += ptr_size
if prev_inuse:
cells_map[address - real_size] -= 1
chunk_id += 1
# we reached top chunk, add it's metadata and break
if address >= top_chunk:
cells_map[address] = chunk_id
cells_map[address + ptr_size] = chunk_id
break
# TODO: maybe print free chunks in bold or underlined
color_funcs = [
generateColorFunction("yellow"),
generateColorFunction("cyan"),
generateColorFunction("purple"),
generateColorFunction("green"),
generateColorFunction("blue"),
]
addrs = sorted(cells_map.keys())
printed = 0
out = ''
for addr in addrs:
if printed % 2 == 0:
out += "\n0x%x:" % addr
cell = unpack(pwndbg.memory.read(addr, ptr_size))
cell_hex = '\t0x{:0{n}x}'.format(cell, n=ptr_size * 2)
chunk_idx = cells_map[addr]
color_func_idx = chunk_idx % len(color_funcs)
color_func = color_funcs[color_func_idx]
out += color_func(cell_hex)
printed += 1
if top_chunk in addrs:
out += "\t <-- Top chunk"
print(out)
def prompt(msg):
return generateColorFunction(config.prompt_color)(msg)
def printable(x):
return generateColorFunction(config.hexdump_printable_color)(x)
def integer(x):
return generateColorFunction(config.enhance_integer_value_color)(x)
def special(x):
return generateColorFunction(config.hexdump_special_color)(x)
def string(x):
return generateColorFunction(config.enhance_string_value_color)(x)
def address(x):
return generateColorFunction(config.hexdump_address_color)(x)
def comment(x):
return generateColorFunction(config.enhance_comment_color)(x)
def register(x):
return generateColorFunction(config.telescope_register_color)(x)
def unknown(x):
return generateColorFunction(config.enhance_unknown_color)(x)
def delimiter(x):
return generateColorFunction(config.telescope_offset_delimiter_color)(x)
def vis_heap_chunks(address=None, count=None, naive=None):
address = int(
address) if address else pwndbg.heap.current.get_heap_boundaries(
).vaddr
main_heap = pwndbg.heap.current
main_arena = main_heap.get_arena()
top_chunk = int(main_arena['top'])
unpack = pwndbg.arch.unpack
cells_map = {}
chunk_id = 0
ptr_size = pwndbg.arch.ptrsize
while chunk_id < count:
prev_size = unpack(pwndbg.memory.read(address, ptr_size))
current_size = unpack(pwndbg.memory.read(address + ptr_size, ptr_size))
real_size = current_size & ~main_heap.malloc_align_mask
prev_inuse = current_size & 1
stop_addr = address + real_size
while address < stop_addr and (naive or address < top_chunk):
assert address not in cells_map
cells_map[address] = chunk_id
address += ptr_size
if prev_inuse and (naive or address != top_chunk):
cells_map[address - real_size] -= 1
chunk_id += 1
# we reached top chunk, add it's metadata and break
if address >= top_chunk:
cells_map[address] = chunk_id
cells_map[address + ptr_size] = chunk_id
break
# TODO: maybe print free chunks in bold or underlined
color_funcs = [
generateColorFunction("yellow"),
generateColorFunction("cyan"),
generateColorFunction("purple"),
generateColorFunction("green"),
generateColorFunction("blue"),
]
addrs = sorted(cells_map.keys())
bin_collections = [
pwndbg.heap.current.fastbins(None),
pwndbg.heap.current.unsortedbin(None),
pwndbg.heap.current.smallbins(None),
pwndbg.heap.current.largebins(None),
]
if pwndbg.heap.current.has_tcache():
bin_collections.insert(0, pwndbg.heap.current.tcachebins(None))
printed = 0
out = ''
asc = ''
labels = []
for addr in addrs:
if printed % 2 == 0:
out += "\n0x%x" % addr
cell = unpack(pwndbg.memory.read(addr, ptr_size))
cell_hex = '\t0x{:0{n}x}'.format(cell, n=ptr_size * 2)
chunk_idx = cells_map[addr]
color_func_idx = chunk_idx % len(color_funcs)
color_func = color_funcs[color_func_idx]
out += color_func(cell_hex)
printed += 1
labels.extend(bin_labels(addr, bin_collections))
if addr == top_chunk:
labels.append('Top chunk')
asc += bin_ascii(pwndbg.memory.read(addr, ptr_size))
if printed % 2 == 0:
out += '\t' + color_func(asc) + ('\t <-- ' + ', '.join(labels)
if len(labels) else '')
asc = ''
labels = []
print(out)
def branch(x):
return generateColorFunction(config.disasm_branch_color)(x)
def integer(x):
return generateColorFunction(config.enhance_integer_value_color)(x)
def contiguous(x):
return generateColorFunction(config.chain_contiguous_marker_color)(x)
def flag_unset(x):
return generateColorFunction(config.context_flag_unset_color)(x)
