LINUX INTERACTIVE EXPLOIT DEVELOPMENT WITH GDB AND PEDA

Exploit development requires a lot of interactive works with debugger, automating time consuming tasks will help speed up that process. People is familiar with GDB (GNU Debugger) on Linux/Unix, unfortunately GDB lacks of commands specific to exploit development. Since version 7.0, GDB added support for Python scripting, this brings opportunities to improve the situation. PEDA - Python Exploit Development Assistance for GDB - is a wrapper for Python GDB that comes as a gdbinit script with many handy commands to ease exploit development tasks. PEDA is the first script in its class with notable features:

  • Debugging helpers: smart context display with detail memory references; function calls tracing with detail arguments; specific instructions tracing; stepping until specific instruction; bypass/deactive undesired functions (e.g ptrace); execution statistics with profiling; process snapshoting.
  • Advanced memory operations: fast, convenient memory searching for regex/value/reference/address/pointer; display, dump, load, compare, XOR memory content.
  • Exploit helpers: cyclic pattern create and search; ELF headers and symbols retrieval; simple ASM instructions and ROP gadgets search; common shellcodes and ROP payloads generation (ret2plt data transfer, ret2dlresolve); exploit skeleton generation; in memory fuzzer; crashdump logging.

PEDA's commands and wrapper API can also be reused to write custom automation scripts easily, hence makes GDB become a powerful exploit development toolkit.

During this hands-on workshop, attendees will learn how to use PEDA interactive commands, write python automation scripts through various exploit exercises, wargame/CTF challenges and real world exploits.

Binging your laptop with an Ubuntu Live to play with and get a special copy of PEDA.

Presented by