Page 4 of 7 FirstFirst 1234567 LastLast
Results 46 to 60 of 95

Thread: EDB Linux Debugger 0.8.0 Release :)

  1. #46
    I'm glad so many people are enjoying it. I have _many_ features planned for future releases

    It'll take time, but in the end I hope for EDB to become the best binary mode debugger out there.

    New release is coming soon with some more of the usual improvments.

    proxy

  2. #47
    highenergy
    Guest
    @proxy: I have a few questions to ask:

    1-) Does EDB currently support any scripting language similar to ollyscript?
    2-) Does EDB currently support loading dynamic libraries?
    3-) What is the best IDE or editor for assembly coding for linux?
    4-) What is best hex editor for linux?
    5-) Is there any decent tutorials for gnome asm programming for linux similar to iczelion's?
    6-) Is there any assembler for linux which supports high level constructions like masm? I am used to nasm but it lacks of high level constructions.


    regards
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #48
    1-) Does EDB currently support any scripting language similar to ollyscript?

    No, but this is a generally good idea, and there is no reason why it couldn't be implemented as a plugin. So i'll take a closer look at ollyscript and see what I can do.

    2-) Does EDB currently support loading dynamic libraries?

    Sort of, .so files are standard ELF files which have an entry point. But they don't have a windows style DllMain. Really all OllyDbg does special for dlls is it has a stub application which loads the chosen dll and it debugs that. I'm not sure if that would translate to something useful on linux, but I'll look into it.

    3-) What is the best IDE or editor for assembly coding for linux?

    too be honest, the editor of your choice, my favorite editor is nedit, but it's really just a glorified notepad.

    4-) What is best hex editor for linux?

    KHexEdit is pretty decent, but if you want commandline, there is also just hexedit. Both do their job and work well.

    5-) Is there any decent tutorials for gnome asm programming for linux similar to iczelion's?

    Well Gnome really has nothing to do with ASM generally, you can call it's API just as easily as you can from C. So just look into the general API documentation for the window manager of your choice, be it Gnome, KDE or anything else and dive right in.

    6-) Is there any assembler for linux which supports high level constructions like masm? I am used to nasm but it lacks of high level constructions.

    No idea, sorry

    proxy

  4. #49
    King of Redonda
    Join Date
    Jul 2006
    Posts
    109
    Blog Entries
    4
    Quote Originally Posted by highenergy View Post
    6-) Is there any assembler for linux which supports high level constructions like masm? I am used to nasm but it lacks of high level constructions.
    I attached the main include file for NASM32 ( http://www.asmcommunity.net/projects/nasm32/ ), which gives you a lot of MASM-style macros. Just %include it.
    Attached Files Attached Files
    <[TN]FBMachine> i got kicked out of barnes and noble once for moving all the bibles into the fiction section

  5. #50
    highenergy,

    tools -> woodmann.com/0xf001

    assembler with macros: nasm (and many others)

    asm tuts: see links on my page

    see pretty everything you need on my page

    cheers, 0xf001

  6. #51
    highenergy
    Guest
    @proxy:

    It would be great if you can make&upload precompiled ubuntu deb packages. It's not for every avarage joe to use terminal.

    regards
    H.E.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #52
    It should be. =/

  8. #53
    Heh, i'll work on more packages (though I have a gentoo one now). Once i set up some VMs for the various distros, I'll eventually get to packaging things up. Though to be honest, It's likely something I'll leave for when I start making 0.9.x releases.

    Speaking of which, I know I've been silent for a bit and it's been quite a while since the last release. I've been very busy with work and life, but don't fret, a new EDB is on the way with some cool new features and improvements .

    I have been hard at work with a replacement disassembler engine which will be more robust, faster and portable than libdisasm. It's almost done, the major missing feature is AT&T syntax output at the moment, not sure if it's even a big deal (please people, tell me if it is).

    Anyway, I hope to have another release real soon.

    proxy

  9. #54
    Will there will be 64 bit support?

  10. #55
    64-bit support is planned, but won't be supported quite yet. Support for other arches is something i have been slowly working towards, it is not that easy though.

    The big show-stoppers are the disassembly engine, which clearly needs to be aware of alternate arches, and the analysis/data display engines which I have made large efforts to separate from the GUI code itself.

    So it'll happen eventually, just not quite yet (especially since I don't have a 64-bit processor in my dev box).

    proxy

  11. #56
    highenergy
    Guest
    @proxy:
    I have been hard at work with a replacement disassembler engine which will be more robust, faster and portable than libdisasm. It's almost done, the major missing feature is AT&T syntax output at the moment, not sure if it's even a big deal (please people, tell me if it is).
    Nope, it's not a big deal. I don't even use AT&T syntax. Take your time You are great proxy. I wish you many more successes in your life&work. One more thing, just curiosity, what is your favorite assembler? Gas or nasm? Gas' AT&T syntax is horrible and nasm has lack of high level consructions. I can hear that you say why don't you use nasm32 with macros but I don't like doing that in that way. What I really want is an exact replacement of masm under linux. Maybe I am asking to much things but there is no one in linux community except from you who can make an assembler which has masm's syntax.

    regards
    H.E.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #57
    Thank you for the kind words, I really appreciate them

    Well it depends, if i'm doing inline ASM on linux, i don't mind AT&T. But I would never want to write a standalone large function in AT&T because i can't stand _reading_ it (writing is ok).

    As for NASM, to be honest, I never used MASM that much, so I don't miss the lack of high level constructs. Maybe I'm a little but not the norm since I see people asking for these things very often, but it's something that never bothered me.

    proxy

  13. #58
    0.8.17 released, some big fixes and new features, this one has a lot of changes Hope you all enjoy!:

    2007-08-06
    ----------

    * Improved the build system a little for plugins. They now all share common
    portions.

    * Added ascii string display in heap viewer plugin. Now if, the heap block
    contains an ascii string, it'll be displayed in the data column. I plan to
    add more types of known "data" to this column over time.

    * Added a filter to the environment viewer plugin so you can quickly find the
    variable you are looking for.

    2007-08-02
    ----------

    * Conditional MOVs are now part of the instruction analysis, it will display
    whether or not the MOV will be performed based on the current flags.

    * I am making the config file entries use a more organized naming convention in
    the past they were very ad-hoc, but now i am going with namespaces. For
    example: debugger.terminal.enabled=true. For now this will only apply to new
    settings so no one loses settings, but the old names will eventually be phased
    out in 0.9.0 which is when I will start to stabilize the varying APIs in EDB.

    * The view options for the stack and data views (word width/row width/which
    columns to display) are now stored in the config file and restored on reload.
    Data view is stored as well but is based on the options dialog because saving
    the options set in the context menu makes no sense (many tabs, which to use).

    2007-08-01
    ----------

    * Added different binary fill options to the CPU context menu. Good for REMing
    out individual ops quickly.

    * Command window program is now configurable in the debugging options dialog.
    You can enable/disable it, and you can use the terminal program of your
    choice. The default is /usr/bin/xterm, as this should be fairly ubiquitous.
    "konsole --nomenubar --notabbar" works well for us KDE users out there as
    well. The only real rule is that whitespace is assumed to be an argument
    separator and bad things may happen if you try to be clever and use a program
    name or argument with a space in it. I was able to get launching konsole to
    simply lock up EDB (no idea why) simply by using it from a path with a space
    in it.

    2007-07-31
    ----------

    * Experimental code for opening an I/O window for command line apps is almost
    done. It actually works well, just need it to be more tunable. This is a
    big feature as it will allow more complete debugging of applications with a
    CLI.

    2007-07-30
    ----------

    * Made the 3 byte UD opcode no decode as "invalid" but as "ud", since this op
    isn't really invalid, just is hardwired to generate an exception.

    * FPU registers are now highlighted on changes.

    * Made changes towards abstracting State such that it can be an opaque type.

    * Renamed types.h to EDBTypes.h to avoid conflict with system types.h. Sorry
    if this makes people change code, but API isn't stable yet .

    * Moved *nix specific headers to ROOT/include/os/unix from src, since plugins
    may and likely need to see those types, now the include dir is all that is
    NEEDED to have a plugin development setup.

    * Changed getValueFromUser to get a reg_t value, this should be more
    portable. (Thanks Thomas Faber!)

    * Improved DebuggerCore's reading/writing routines to be more portable and
    more flexible with regards to endian size and word size.
    (Thanks Thomas Faber!)

    * Thomas Faber's changes make EDB a few steps closer to compiling and
    functioning correctly in an x86-64 setup.


    2007-07-26
    ----------

    * Implemented PID enumeration on FreeBSD. Still a lot to go for things to
    compile and work...

    * Made edb_make_symbolmap work if you have md5 instead of md5sum in your system.

    * Added breakpoint management to CPU view context menu.

    2007-07-25
    ----------
    * Fixed error in which a shallow copy of a transient variable was being used
    which is bad because the data could be trashed.

    2007-07-21
    ----------

    * You can now see the FPU registers, they are currently read only, but it
    appears to work correctly.

    2007-07-19
    ----------

    * Fixed a silly bug introduced recently where registers aren't properly
    un-highlighted when no longer attached.

    * Internally layed some ground work for reading FPU register support.

    * Fixed a bug in the debugging core plugin which could cause a caller of a
    read or write to think it succeeded when it didn't. It was very unlikely to
    get triggered and even so would likely have little to no side effects.

    2007-07-17
    ----------

    * Made it so when you try to modify bytes which overlap a breakpoint,
    you are given the option to continue (which removes the breakpoints), or
    abort the modification.

    * Finally made the breakpoint dialog show the breakpoint type.

    * Introduced initial code for supporting more than one binary type. It still
    only accepts ELF32, but the framework is in place.

    * Fixed a bug where misaligned jumps were fooling the disassembly view widget
    this was pretty bad since a lot of the point of active debugging versus static
    analysis is to avoid getting fooled by tricks like this!

    2007-07-16
    ----------

    * Fixed a bug where certain strings may not be reported corrected
    (some characters chopped out).

    * Fixed bug where offsets of 16-bit relative jumps were not being truncated like
    the CPU actually does. In the real thing, the target address has the upper
    16-bits cleared. Not very useful in 32-bit code, but important to be correct.

    * Fixed bug in new register reading code.

    * Removed segfault due to settings invalid segments from TODO list, this is a
    kernel bug and entirely out of EDB's control.

    2007-07-13
    ----------

    * Numerous improvements to the disassembler, I believe it is fairly complete
    the only thing that's missing that I'm aware of is enforcement of certain
    rules (like mod/rm that must only be mem, and which ops certain prefixes are
    valid for).

    2007-07-12
    ----------

    * Worked around a bug where QT would deliver events to disabled actions if the
    shortcut key-combination is pressed. For now I have a check in each action
    where it simply returns if that action is not enabled. The QT people seem
    to be aware of the issue, hopefully it'll be addressed in a future version
    of QT.

    * Fixed ability to debug a process which receives unknown stop signals. Now it
    will simply break if you were trying to step. It is still annoying since
    frequent signals will make you have to step twice all the time, but at least
    it is now possible.

    * Fixed long standing (apparently no one noticed) bug where if you detached
    from a process while a breakpoint was set, the process had a chance of
    crashing.

    * Made operand analysis smarter, it now knows about different expression types
    (byte ptr, word ptr, dword ptr).

    * Identified a few bugs I would like ironed out before next release.

    * Many minor improvements in the disassembly output. It is difficult to decide
    when to use hex and when to use decimal, but I think I have something
    reasonable.

    * Good speedup in instruction analysis.

    2007-07-11
    ----------

    * Finally compiled EDB with edisassm ! This disassembly engine is faster and
    more robust than the previous one because I am more easily able to add
    specific features that EDB can use into it. Unfortunately, this does mean
    that AT&T syntax is temporarily disabled.

    * Fixed a major crashable bug in QDisassemblyView widget, it was very subtle.

    2007-07-06
    ----------

    * Finished environment viewer plugin

    * edisassm is almost complete and ready for integration

    * Condition flags can now be seen in the register view as a sub item to eflags

    * Split out the i386 stuff away from the GUI yet more, almost at a good point
    of portability.

    * More robust error checking

    * A few minor UI updates.


    2007-05-31
    ----------

    * Multibyte invalid ops are now displayed properly.

    2007-05-23
    ----------

    * Very preliminary TTY support.

    2007-05-20
    ----------

    * Fixed a bug in getBinaryStringFromUser where it was setting the value
    before the maximum allowed length. This made it so values were truncated
    incorrectly.

    * Added Edit bytes to the QDisassembly viewer!

    * Fixed DebuggerCore incorrectly reporting success on reads/writes of where
    no bytes are read.

    enjoy

    http://www.codef00.com/projects.php#Debugger

    proxy

  14. #59
    Quick release, last version introduced a crashable bug, so 0.8.18 comes early

    Hope you all enjoy!:


    2007-08-08
    ----------

    * Fixed a crashable bug introduced in last version, this was related to clearing
    the process state variable. Now that the state has virtual functions, it is
    no longer correct to use memset.

    * Added search filter to the opcode search plugin so you can find the region you
    want to search more easily.

    * Added search filter to the strings plugin so you can find the region you
    want to search more easily.

    * Made the MemoryRegions object also a QAbstraceItemModel, suitable for a
    QTableView. This should make it simpler/cleaner to display a table of
    available regions (there were already 3 copies of the code to fill the table
    in edb which will now no longer be needed, in addition to making the filtering
    code MUCH simpler since QT can do it for us.

    enjoy

    http://www.codef00.com/projects.php#Debugger

    proxy

  15. #60
    Looks like I accidentally created a QT 4.3 dependancy with 0.8.18, so I just release 0.8.19. Please try this tarball if you had issues building 0.8.18. If you had no issues, not real reason to upgrade quite yet :-P

    Evan

Similar Threads

  1. EDB Linux Debugger 0.9.0 Release :)
    By proxy in forum Linux RCE
    Replies: 57
    Last Post: April 14th, 2011, 15:48
  2. Immunity Debugger v1.1 Release
    By OpenRCE_nicowow in forum Blogs Forum
    Replies: 0
    Last Post: November 24th, 2007, 18:50
  3. Syser Debugger 1.8 Release
    By wuyanfeng in forum Tools of Our Trade (TOT) Messageboard
    Replies: 11
    Last Post: July 6th, 2007, 17:06
  4. Syser Debugger 1.4 Release
    By wuyanfeng in forum Tools of Our Trade (TOT) Messageboard
    Replies: 9
    Last Post: May 24th, 2006, 20:19
  5. New Syser Debugger 1.3 Release
    By wuyanfeng in forum Advanced Reversing and Programming
    Replies: 2
    Last Post: March 12th, 2006, 05:30

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •