1/ Adding BOC and BOR for gdb
As a reverse engineer, I like really gdb. It has a lot of cool features and is scriptable through python.While I was solving a crackme challenge I needed a break on call and a break on ret instructions. I search the web and did not find what I wanted.
So, I developped a boc (break on call) and a bor (break on ret) function and sharing it today.
2/ How it works?
You just have to source a python file and you end up with three commands:- boc : activate break on call with boc on or boc off. You can choose by breaking or printing on call by boc break or boc print
- bor : same commands for break on ret
- go : if you have selected boc on and/or bor on, typing go will executing the binary until next call or next ret
$ gdb -nx -q
(gdb) source bocbor.py
(gdb) boc
Status of Break on Call is off/break
Change with boc on/off and boc break/print
(gdb) bor
Status of Break on Ret is off/break
Change with bor on/off and bor break/print
(gdb) boc on
(gdb) boc
Status of Break on Call is on/break
Change with boc on/off and boc break/print
(gdb)
3/ Please, just show me the code!
It's on githubhttps://github.com/0xmitsurugi/gdbscripts
The Readme shows a typical bocbor session.