2024.08.29 Release

Since last release we got a lot of new features and improvements done in Pwndbg.

Among others, we now show register/memory values in disasm view for different architectures, added Binary Ninja integration, added commands helping with Go debugging, added glibc heap
UAF tracking and refactored lots of Pwndbg code for future LLDB port.

Some of this work was paid thanks to the Python Summer of Code program (@OBarronCS, @mbrla0 and @jetchirag's projects) and thanks to Trail of Bits' internships (@Aplet123 and @mbrla0 projects). Here are hightlights from their work:

• @OBarronCS extended the disasm context panel to display the values of registers and memory, fetched statically or through emulation. Read about this work on his personal blog.
• @Aplet123 developed a script to synchronize Binary Ninja view and symbols with Pwndbg as well as added new commands for dumping Go types. He detailed those features on a Trail of Bits blog post.
• @mbrla0 developed glibc heap tracking and UAF detection
• @mbrla0 works on making Pwndbg debugger-agnostic and porting it to LLDB. Read his gist about this work.

Major changes

• The prompt is now colored green if process is alive and red if it is dead (#2326)
• The disassembly context view now resolves and displays register and memory values on the right. Some values are resolved statically (such as xor eax, eax) and some through emulation (requires set emulation on).
  • It also displays future syscalls for syscall instructions
  • We now also honor MIPS delay slots

• We now underline WX memory instead of (previous) RWX

• The disasm banner now displays ARM mode (ARM vs Thumb) (#2281)

• Added go-dump <type> <address> command to dump Go types. Note that the any type below works only for addresses of Go interface objects. (read more in blog post)

• Added go-type <address> command to dump Go type infromation (read more in blog post):

• Added option to search to look for assembly instructions (search --asm <code>) and to set breakpoints on found instructions (search --asmbp <code>)
• Added vmmap --gaps which displays mapped memory with gaps instead of the normal vmmap display:

• Added commands to display Android Binder driver info (experimental; #1488), and a pcp command to print Linux kernel per-cpu page cache (#1487)

Full changelog

The full changelog can be found here: 2024.02.14...2024.08.29

New Contributors

• @Rajpratik71 made their first contribution in #2068
• @knowanegg made their first contribution in #2072
• @Tcc100 made their first contribution in #2069
• @diivi made their first contribution in #2076
• @urosh1g made their first contribution in #2083
• @RoboSchmied made their first contribution in #2088
• @jetchirag made their first contribution in #2092
• @TheLazron made their first contribution in #2103
• @chrf01 made their first contribution in #2097
• @Ordoviz made their first contribution in #2141
• @MatejKafka made their first contribution in #2147
• @B1N4RY-P4R45173 made their first contribution in #2198
• @k4lizen made their first contribution in #2226
• @raffifu made their first contribution in #2228
• @Aplet123 made their first contribution in #2252
• @cfreal made their first contribution in #2321
• @Costinteo made their first contribution in #2326
• @wwwXOX made their first contribution in #2331
• @0xhebi made their first contribution in #2360
• @dguerri made their first contribution in #2395

Also thanks to @patryk4815 for all the help with packaging and releases.