debugger.py (5238B)
1 # XXX - execute until line number/cursor 2 # XXX - more memory printing he thumping 3 4 from talon import Context, Module 5 6 mod = Module() 7 mod.tag("debugger", desc="Tag for enabling generic debugger commands") 8 9 ctx = Context() 10 ctx.matches = r""" 11 tag: debugger 12 """ 13 14 x86_registers = { 15 "air": "eax", 16 "bat": "ebx", 17 "cap": "ecx", 18 "drum": "edx", 19 "source": "esi", 20 "dest": "edi", 21 "stack": "esp", 22 "frame": "ebp", 23 "instruction": "eip", 24 } 25 26 x64_registers = { 27 # general purpose 28 "air": "rax", 29 "racks": "rax", 30 "bat": "rbx", 31 "cap": "rcx", 32 "drum": "rdx", 33 "source": "rsi", 34 "dest": "rdi", 35 "stack": "rsp", 36 "stack pointer": "rsp", 37 "frame": "rbp", 38 "frame pointer": "rbp", 39 "base": "rbp", 40 "base pointer": "rbp", 41 "eight": "r8", 42 "nine": "r9", 43 "ten": "r10", 44 "eleven": "r11", 45 "twelve": "r12", 46 "thirteen": "r13", 47 "fourteen": "r14", 48 "fifteen": "r15", 49 # pointers 50 "instruction": "rip", 51 "rip": "rip", 52 # segment 53 } 54 55 # XXX - pass by windbg to dump 56 windows_x64_register_parameters = ["rcx", "rdx", "r8", "r9"] 57 58 # XXX - make this dynamic 59 ctx.lists["self.registers"] = x64_registers 60 61 # assembly_languages = { 62 # "x86": x86_registers, 63 # "x64": x64_registers, 64 # } 65 66 mod.list("registers", desc="Main architecture register set") 67 68 69 @mod.capture(rule="{self.registers}") 70 def registers(m) -> str: 71 "Returns a register" 72 return m.registers 73 74 75 @mod.action_class 76 class Actions: 77 def debugger_step_into(): 78 """Step into an instruction in the debugger""" 79 80 def debugger_step_over(): 81 """Step over an instruction in the debugger""" 82 83 def debugger_step_line(): 84 """Step into a source line in the debugger""" 85 86 def debugger_step_over_line(): 87 """Step over a source line in the debugger""" 88 89 def debugger_step_out(): 90 """Step until function exit in the debugger""" 91 92 def debugger_continue(): 93 """Continue execution in the debugger""" 94 95 def debugger_restart(): 96 """Restart execution in the debugger""" 97 98 def debugger_start(): 99 """Start debugging""" 100 101 def debugger_stop(): 102 """Stop the debugger""" 103 104 def debugger_exit(): 105 """Exit the debugger""" 106 107 def debugger_detach(): 108 """Detach the debugger""" 109 110 def debugger_backtrace(): 111 """Print a back trace in the debugger""" 112 113 def debugger_get_register(): 114 """Print specific register in the debugger""" 115 116 def debugger_set_register(): 117 """Set specific register in the debugger""" 118 119 def debugger_show_registers(): 120 """Print the current registers in the debugger""" 121 122 def debugger_break_now(): 123 """Break into the debugger""" 124 125 def debugger_break_here(): 126 """Set a break on the current line""" 127 128 def debugger_show_breakpoints(): 129 """Print the current breakpoints in the debugger""" 130 131 def debugger_add_sw_breakpoint(): 132 """Add one software breakpoint in the debugger""" 133 134 def debugger_add_hw_breakpoint(): 135 """Add one hardware breakpoint in the debugger""" 136 137 def debugger_clear_all_breakpoints(): 138 """Clear all breakpoints in the debugger""" 139 140 def debugger_clear_breakpoint(): 141 """Clear one breakpoint in the debugger""" 142 143 def debugger_clear_breakpoint_id(number_small: int): 144 """Clear one breakpoint id in the debugger""" 145 146 def debugger_disable_breakpoint_id(number_small: int): 147 """Disable one breakpoint id in the debugger""" 148 149 def debugger_disable_breakpoint(): 150 """Disable one breakpoint in the debugger""" 151 152 def debugger_disable_all_breakpoints(): 153 """Disable all breakpoints in the debugger""" 154 155 def debugger_enable_breakpoint(): 156 """Enable one breakpoint in the debugger""" 157 158 def debugger_enable_breakpoint_id(number_small: int): 159 """Enable one breakpoint id in the debugger""" 160 161 def debugger_enable_all_breakpoints(): 162 """Enable all breakpoints in the debugger""" 163 164 def debugger_disassemble(): 165 """Preps the disassemble command in the debugger""" 166 167 def debugger_disassemble_here(): 168 """Disassembles instructions at the current instruction pointer""" 169 170 def debugger_disassemble_clipboard(): 171 """Disassemble instructions at an address in the clipboard""" 172 173 def debugger_goto_address(): 174 """Jump to a specific address in the debugger""" 175 176 def debugger_goto_clipboard(): 177 """Jump to a specific address stored in the clipboard""" 178 179 def debugger_goto_highlighted(): 180 """Jump to a specific highlighted address in the debugger""" 181 182 def debugger_dump_ascii_string(): 183 """Display as specific address as an ascii string in the debugger""" 184 185 def debugger_dump_unicode_string(): 186 """Display as specific address as an unicode string in the debugger""" 187 188 def debugger_dump_pointers(): 189 """Display as specific address as a list of pointers in the debugger""" 190 191 def debugger_inspect_type(): 192 """Inspect a specific data type in the debugger""" 193 194 def debugger_clear_line(): 195 """Clear unwanted data from the command line""" 196 197 def debugger_list_modules(): 198 """List the loaded modules in the debuggee memory space"""