Ubuntu vagrant box with 32/64 bit protostar binaries to practice exploit development.
vagrant up
vagrant ssh
cd exercises
Protostar introduces basic memory corruption issues such as buffer overflows, format strings and heap exploitation under “old-style” Linux system that does not have any form of modern exploit mitigation systems enabled.
alias peda="gdb -iex 'source /opt/peda/peda.py' --nh -q"
alias gef="gdb -iex 'source /opt/gef/gef.py' --nh -q"
alias pwndbg="gdb -iex 'source /opt/pwndbg/gdbinit.py' --nh -q"
PEDA (Python Exploit Development Assistance) is an extension to GDB that adds on a whole bunch of useful commands and quality of life improvements to the standard GDB experience. The provisioning script should have made the necessary additions to the GDB configuration so all you need to do to start it is launch GDB with the alias peda
.
$ peda binary
GEF (pronounced ʤɛf - "Jeff") is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime.
$ gef binary
pwndbg (/poʊndbæg/) is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.
$ pwndbg binary