-
Notifications
You must be signed in to change notification settings - Fork 415
REPL Client
snare edited this page Apr 29, 2016
·
3 revisions
The REPL client provides a way to interrogate Voltron from within a Python REPL.
First, start your debugger and load Voltron:
$ lldb tests/inferior
Voltron loaded.
(lldb) target create "/tmp/inferior"
Current executable set to '/tmp/inferior' (x86_64).
(lldb) b main
Breakpoint 1: where = inferior`main, address = 0x0000000100000d20
(lldb) run
Process 29539 launched: '/tmp/inferior' (x86_64)
Process 29539 stopped
* thread #1: tid = 0x2bf0b0, 0x0000000100000d20 inferior`main, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
frame #0: 0x0000000100000d20 inferior`main
inferior`main:
-> 0x100000d20 <+0>: push rbp
0x100000d21 <+1>: mov rbp, rsp
0x100000d24 <+4>: sub rsp, 0x50
0x100000d28 <+8>: mov dword ptr [rbp - 0x4], 0x0
Now start a Python REPL in another terminal and import the REPL client:
$ python
Python 2.7.10 (default, Oct 23 2015, 18:05:06)
[GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.59.5)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from voltron.repl import V
We can now use V
(an instance of the REPLClient
class) to interrogate the Voltron back end:
>>> V
<voltron.repl.REPLClient object at 0x106771dd0>
Registers can be retrieved by treating them as attributes:
>>> V.rip
4294970656
>>> V.rsp
140734799804552
Memory can be retrieved by using the index operators. For example, reading a byte at the value of the RSP
register:
>>> V[V.rsp]
'\xad'
Or reading a range of bytes:
>>> V[V.rsp:V.rsp+8]
'\xad\x95*\x8c\xff\x7f\x00\x00'
Debugger commands can be executed with the cmd
method:
>>> V.cmd('version')
u'lldb-350.0.21.3'
>>> print V.cmd("reg read")
General Purpose Registers:
rax = 0x0000000100000d20 inferior`main
rbx = 0x0000000000000000
rcx = 0x00007fff5fbff9b8
rdx = 0x00007fff5fbff8b8
rdi = 0x0000000000000001
rsi = 0x00007fff5fbff8a8
rbp = 0x00007fff5fbff898
rsp = 0x00007fff5fbff888
r8 = 0x0000000000000000
r9 = 0x00007fff7164b0c8 atexit_mutex + 24
r10 = 0x00000000ffffffff
r11 = 0xffffffff00000000
r12 = 0x0000000000000000
r13 = 0x0000000000000000
r14 = 0x0000000000000000
r15 = 0x0000000000000000
rip = 0x0000000100000d20 inferior`main
rflags = 0x0000000000000246
cs = 0x000000000000002b
fs = 0x0000000000000000
gs = 0x0000000000000000