Last active
June 30, 2019 11:09
-
-
Save hc0d3r/ae7af9971b9558578be9db5ed6f84036 to your computer and use it in GitHub Desktop.
gdb script that provide better memory map information than "info proc map"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Demo: | |
| # (gdb) starti | |
| # Starting program: /usr/bin/id | |
| # Program stopped. | |
| # 0x00007ffff7fd4100 in _start () from /lib64/ld-linux-x86-64.so.2 | |
| # (gdb) maps | |
| # 555555554000-555555556000 r--p 00000000 fe:02 3945170 /usr/bin/id | |
| # 555555556000-55555555b000 r-xp 00002000 fe:02 3945170 /usr/bin/id | |
| # 55555555b000-55555555e000 r--p 00007000 fe:02 3945170 /usr/bin/id | |
| # 55555555e000-555555560000 rw-p 00009000 fe:02 3945170 /usr/bin/id | |
| # 7ffff7fce000-7ffff7fd1000 r--p 00000000 00:00 0 [vvar] | |
| # 7ffff7fd1000-7ffff7fd2000 r-xp 00000000 00:00 0 [vdso] | |
| # 7ffff7fd2000-7ffff7fd4000 r--p 00000000 fe:02 3935544 /usr/lib/ld-2.29.so | |
| # 7ffff7fd4000-7ffff7ff3000 r-xp 00002000 fe:02 3935544 /usr/lib/ld-2.29.so | |
| # 7ffff7ff3000-7ffff7ffb000 r--p 00021000 fe:02 3935544 /usr/lib/ld-2.29.so | |
| # 7ffff7ffc000-7ffff7ffe000 rw-p 00029000 fe:02 3935544 /usr/lib/ld-2.29.so | |
| # 7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 | |
| # 7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack] | |
| # (gdb) p $rsp | |
| # $1 = (void *) 0x7fffffffe770 | |
| # (gdb) maps 0x7fffffffe770 | |
| # 7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack] | |
| # (gdb) p $rip | |
| # $2 = (void (*)()) 0x7ffff7fd4100 <_start> | |
| # (gdb) maps 0x7ffff7fd4100 | |
| # 7ffff7fd4000-7ffff7ff3000 r-xp 00002000 fe:02 3935544 /usr/lib/ld-2.29.so | |
| # (gdb) maps 0x7fffffffe770 0x7ffff7fd4100 | |
| # 7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack] | |
| # 7ffff7fd4000-7ffff7ff3000 r-xp 00002000 fe:02 3935544 /usr/lib/ld-2.29.so | |
| import gdb | |
| import re | |
| class Maps(gdb.Command): | |
| def __init__(self): | |
| super(Maps, self).__init__("maps", gdb.COMMAND_STATUS) | |
| def invoke(self, arg, from_tty): | |
| pid = gdb.selected_inferior().pid | |
| if not pid: | |
| return | |
| if(len(arg)): | |
| nums = self.convert(arg) | |
| self.map_lookup(pid, nums) | |
| else: | |
| [print(line) for line in self.maps(pid)] | |
| def convert(self, arg): | |
| strnum = arg.split(' ') | |
| nums = [] | |
| for str in strnum: | |
| try: | |
| nums.append(int(str, 0)) | |
| except ValueError: | |
| print(str+' is an invalid number ...') | |
| return nums | |
| def map_lookup(self, pid, nums): | |
| lines = self.maps(pid) | |
| ranges = [] | |
| for line in lines: | |
| ranges.append([int(i, 16) for i in re.match(r'^(\w+)-(\w+)', line).groups()]) | |
| for num in nums: | |
| res = False | |
| for i in range(0, len(lines)): | |
| if ranges[i][0] <= num < ranges[i][1]: | |
| res = lines[i] | |
| break | |
| print(res if res else "address {} not found".format(hex(num))) | |
| def maps(self, pid): | |
| with open('/proc/{}/maps'.format(pid)) as f: | |
| lines = f.readlines() | |
| return [s.strip() for s in lines] | |
| Maps() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment