pal-gdb.py 1.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041
  1. #!/usr/bin/env python
  2. import os, sys, gdb
  3. class LoadCommandBreakpoint(gdb.Breakpoint):
  4. def __init__(self):
  5. gdb.Breakpoint.__init__(self, spec="load_gdb_command", internal=1)
  6. def stop(self):
  7. command = gdb.parse_and_eval("(const char *) $rdi").string()
  8. gdb.execute(command)
  9. return False
  10. def signal_handler(event):
  11. if isinstance(event, gdb.SignalEvent):
  12. if event.stop_signal == 'SIGILL':
  13. # handle CPUINFO and RDTSC
  14. inst = gdb.parse_and_eval("*(const unsigned short *) $rip")
  15. if inst == 0xa20f:
  16. print("CPUID bypassed. Ignore this exception.")
  17. gdb.execute("continue")
  18. return
  19. if inst == 0x310f:
  20. print("RDTSC bypassed. Ignore this exception.")
  21. gdb.execute("continue")
  22. return
  23. if __name__ == "__main__":
  24. gdb.execute("set env IN_GDB = 1")
  25. gdb.execute("handle SIGCONT pass noprint nostop")
  26. gdb.execute("handle SIGKILL pass print stop")
  27. gdb.execute("set disable-randomization off")
  28. gdb.execute("set detach-on-fork off")
  29. gdb.execute("set schedule-multiple on")
  30. gdb.execute("set follow-exec-mode same")
  31. gdb.execute("set follow-fork-mode child")
  32. LoadCommandBreakpoint()
  33. gdb.events.stop.connect(signal_handler)