From ef16b33fd80a005f420fdfd5291a1ebb1dd4b88f Mon Sep 17 00:00:00 2001 From: David Tomaschik Date: Mon, 23 Sep 2019 13:31:03 -0700 Subject: [PATCH] Improve gef support. --- dotfiles/gef.rc | 125 ++++++++++++++++++++++++++++++++++++++++++++++++ python3.pip | 5 ++ 2 files changed, 130 insertions(+) create mode 100644 dotfiles/gef.rc create mode 100644 python3.pip diff --git a/dotfiles/gef.rc b/dotfiles/gef.rc new file mode 100644 index 0000000..6624d21 --- /dev/null +++ b/dotfiles/gef.rc @@ -0,0 +1,125 @@ +[context] +clear_screen = False +enable = True +grow_stack_down = False +ignore_registers = +layout = legend regs stack code args source memory threads trace extra +nb_lines_backtrace = 10 +nb_lines_code = 6 +nb_lines_code_prev = 3 +nb_lines_stack = 8 +nb_lines_threads = -1 +peek_calls = True +peek_ret = True +redirect = +show_registers_raw = False +show_stack_raw = False + +[dereference] +max_recursion = 7 + +[entry-break] +entrypoint_symbols = main _main __libc_start_main __uClibc_main start _start + +[gef-remote] +clean_on_exit = False + +[gef] +autosave_breakpoints_file = +debug = False +disable_color = False +extra_plugins_dir = +follow_child = True +readline_compat = False + +[got] +function_not_resolved = yellow +function_resolved = green + +[heap-analysis-helper] +check_double_free = True +check_free_null = False +check_heap_overlap = True +check_uaf = True +check_weird_free = True + +[heap-chunks] +peek_nb_byte = 16 + +[hexdump] +always_show_ascii = False + +[highlight] +regex = False + +[ida-interact] +host = 127.0.0.1 +port = 1337 +sync_cursor = False + +[pattern] +length = 1024 + +[pcustom] +struct_path = /tmp/gef/structs + +[process-search] +ps_command = /bin/ps auxww + +[syscall-args] +path = /tmp/gef/syscall-tables + +[theme] +address_code = red +address_heap = green +address_stack = pink +context_title_line = gray +context_title_message = cyan +default_title_line = gray +default_title_message = cyan +dereference_base_address = cyan +dereference_code = gray +dereference_register_value = bold blue +dereference_string = yellow +disassemble_current_instruction = green +registers_register_name = blue +registers_value_changed = bold red +source_current_line = green +table_heading = blue + +[trace-run] +max_tracing_recursion = 1 +tracefile_prefix = ./gef-trace- + +[aliases] +pf = print-format +status = process-status +binaryninja-interact = ida-interact +bn = ida-interact +binja = ida-interact +lookup = scan +grep = search-pattern +xref = search-pattern +flags = edit-flags +sc-search = shellcode search +sc-get = shellcode get +ps = process-search +start = entry-break +nb = name-break +ctx = context +telescope = dereference +pattern offset = pattern search +hl = highlight +highlight ls = highlight list +hll = highlight list +hlc = highlight clear +highlight set = highlight add +hla = highlight add +highlight delete = highlight remove +highlight del = highlight remove +highlight unset = highlight remove +highlight rm = highlight remove +hlr = highlight remove +fmtstr-helper = format-string-helper +screen-setup = tmux-setup + diff --git a/python3.pip b/python3.pip new file mode 100644 index 0000000..7979379 --- /dev/null +++ b/python3.pip @@ -0,0 +1,5 @@ +ipython +keystone-engine +unicorn +capstone +ropper