Skip to content

Add support for registers in target remote post hook #1131

New issue
New issue
Open
Open
Add support for registers in target remote post hook#1131
Assignees
hugsy
Milestone
 
next
@Legoclones

Description

@Legoclones
Legoclones
opened on Sep 6, 2024

Type of feature request

New architecture support/Existing architecture improvement

Misc

No response

Summary Description

I've been doing exploit development with pwntools and GEF together on the mips32elr6 architecture. When I use qemu for remote debugging with pwntool's gdb.attach(), it runs target remote instead of gef-remote.

I did my research and found this was discussed in December of 2023 (Gallopsled/pwntools#2264) where the consensus was made to have GEF fix it instead of pwntools. This created the #1020 pull request where a remote posthook was created that catches the target remote command and establishes basic functionality. However, it says in the description:

Note that this isn't a perfect solution since we do not have all the information needed for a proper instantiation of the GefRemoteSessionManager, but it seems to be a good workaround in order to make tools like pwntools work correctly with gef.

It "works" for me, but the main issue I have is that the registers don't propagate because the registers command fails.

image

I guess no one else has complained about this yet but I would love it if the registers could at least show up there. Other stuff (like vmmap) I don't know if that's possible to show up accurately just based on the data transferred by qemu with remote debugging, but my main request is that registers show up with target remote.

Implementation idea/suggestion

Ideally, pwntools would just bite the bullet and figure out how to do gef-remote, but since it was decided that GEF will deal with it, I'm asking here. I also am aware the documentation says

Note: If using GEF, gef-remote must be your way or debugging remote processes, never target remote. Maintainers will provide minimal support or help if you decide to use the traditional target remote command. For many reasons, you should not use target remote alone with GEF. It is still important to note that the default target remote command has been overwritten by a minimal copy gef-remote, in order to make most tools relying on this command work.

I'm not familiar enough with the GEF or pwntools codebases to know the best way to deal with this, but would it be possible to just add the registers command or functionality so they show up in this situation? My current workaround is to patch the pwntools source code to run gef-remote instead...

Existing alternatives?

No response

Additional information

No response

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions