https://juntheworld.tistory.com/82

설치

sudo apt install ruby

sudo gem install one_gadget

사용

one_gadget ./[libc파일]

one_gadget ./libc_XX.so

https://infosecwriteups.com/pwndbg-gef-peda-one-for-all-and-all-for-one-714d71bf36b8

There is no doubt, GDB is an amazing tool that almost every single cyber security professional, trainee, hobbyist and researcher has used it before. It is the swiss army knife of process debugging however there is one problem. Vanilla GDB sucks in terms of user experience.

This is the reason behind the development of many plug-ins that can make the process of reversing and debugging so much easier. Namely, three of the most popular are:

Pwndbg: https://github.com/pwndbg/pwndbg

Peda: https://github.com/longld/peda

GEF: https://github.com/hugsy/gef

Of course, all of them come with their pros and cons. Maybe for the task, maybe the features, or even the interface. We all have our preferences. Personally, I prefer Pwndbg’s interface more, but seriously Peda’s cyclic pattern creation and offset search functionality are extremely handy.

Still, I hate having to manually change or replace the .gdbinit file every time I want to use a different plugin. It’s not about the time and effort, but more because it’s a distraction from my primary task, that I would like to avoid.

Therefore, the purpose of this blog post is to describe a very simple way of switching between plugins in a single command.

TL;DR;

I have created a bash script that executes the instructions below in one command so for a rapid setup clone the repository below and run install.sh .

Installation

Initially, the plugins need to be downloaded and set up. As such follow the commands below:

Pwndbg

git clone https://github.com/pwndbg/pwndbg
cd pwndbg
./setup.sh
cd ..
mv pwndbg ~/pwndbg-src
echo "source ~/pwndbg-src/gdbinit.py" > ~/.gdbinit_pwndbg

Peda

git clone https://github.com/longld/peda.git ~/peda

GEF

wget -q -O ~/.gdbinit-gef.py https://github.com/hugsy/gef/raw/master/gef.py
echo source ~/.gdbinit-gef.py >> ~/.gdbinit

Combining all in One

Inherently, these plugins modify the .gdbinit file and are launched along with gdb. Now, here is the trick, what if we had a .gdbinit file that contains configurations for all plugins so that they are conditionally activated based on the gdb command? This is exactly what we will be doing.

Open your .gdbinit file, delete any contents and paste the following configuration:

define init-peda
source ~/peda/peda.py
end
document init-peda
Initializes the PEDA (Python Exploit Development Assistant for GDB) framework
end

define init-pwndbg
source ~/.gdbinit_pwndbg
end
document init-pwndbg
Initializes PwnDBG
end

define init-gef
source ~/.gdbinit-gef.py
end
document init-gef
Initializes GEF (GDB Enhanced Features)
end

Additionally, create the following 3 files in your /usr/bin folder:

First create /usr/bin/gdb-peda and paste the following:

#!/bin/sh
exec gdb -q -ex init-peda "$@"

Then /usr/bin/gdb-pwndbg

#!/bin/sh
exec gdb -q -ex init-pwndbg "$@"

And lastly, /usr/bin/gdb-gef

#!/bin/sh
exec gdb -q -ex init-gef "$@"

The last step is to give executable permissions to all three of the files created previously. For that, run:

chmod +x /usr/bin/gdb-*

That was all! You see? Simple.

Now you can test it by running either one of the three commands:

gdb-peda
gdb-pwndbg
gdb-gef

Hope this helps folks. Till next time.

https://league-cat.tistory.com/347

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

위와 같은 명령어가 뜨면 docker service가 실행이 안되어있는것이다.

$sudo systemctl status docker  // 상태 stop 확인

아래 명령어를 입력하여 실행을 진행해보자

$sudo systemctl start docker
$sudo systemctl enable docker

확인