Baseer 0.2.0
Baseer is an advanced binary analysis tool designed to provide deep insights into any file.
Loading...
Searching...
No Matches
debugger.h
Go to the documentation of this file.
1
8
9#ifndef DEBUG_H
10#define DEBUG_H
11
12#include "../bparser/bparser.h"
13#include <stdint.h>
14#include <stdbool.h>
15#include <sys/user.h>
16
20#define ERROR(str) printf(COLOR_RED "[x] " COLOR_RESET "%s",str);
21
25#define INFO(str) printf(COLOR_BLUE "[*] " COLOR_RESET "%s",str);
26
30typedef struct bp_list bp_list;
31typedef struct bp bp;
32typedef struct sym_list sym_list;
33typedef struct context context;
34typedef struct func_list func_list;
35typedef struct pos_name pos_name;
36
43typedef bool (*func_callback_t)(context *ctx, void *args);
44
48typedef struct {
49 char *op;
50 uint64_t addr;
51} Cmd;
52
56struct sym_list {
57 char *name;
58 uint64_t addr;
59 sym_list *next;
60};
61
65struct bp_list {
66 bp *first;
67 bp *last;
68 uint32_t counter;
69};
70
74struct bp {
75 uint64_t orig;
76 uint64_t addr;
77 bp *next;
78 unsigned int id;
79};
80
88
92struct pos_name {
93 char *name;
94 int pos;
95};
96
100struct context {
101 char *mmaps;
102 uint64_t base;
103 uint64_t entry;
104 struct user_regs_struct regs;
105 bp_list *list;
106 sym_list *sym;
107 Cmd cmd;
108 unsigned int pid;
109 uint32_t arch;
110 bool do_wait;
111 bool pie;
112 bool do_exit;
113};
114
115/* ==== Function Prototypes ==== */
116
120void destroy_bp_sym(context *ctx);
121
125void destroy_all(context *ctx);
126
130void print_helpCMD();
131
135void init_values(bparser *target, context *ctx);
136
140bool b_debugger(bparser *target, void *arg);
141
145void dis_ctx(context *ctx);
146
150void handle_bpoint(context *ctx);
151
155bool setBP(context *ctx, void *args);
156
160bool delBP(context *ctx, void *args);
161
165bool step_over(context *ctx, void *args);
166
170bool listBP(context *ctx, void *args);
171
175bool examin_mem(context *ctx, void *args);
176
180bool set_mem_reg(context *ctx, void *args);
181
185void restore_all_BP(context *ctx, int opt);
186
190bool handle_action(context *ctx, void *args);
191
195void parse_cmd(context *ctx);
196static func_list cmds[] = {
197 {"bp",setBP},
198 {"dp",delBP},
199 {"lp",listBP},
200 {"so",step_over},
201 {"x",examin_mem},
202 {"set",set_mem_reg},
203 {"h",handle_action},
204 {"c",handle_action},
205 {"q",handle_action},
206 {"si",handle_action},
207 {"vmmap",handle_action},
208 {"i",handle_action},
209};
210static pos_name flags[] = {
211 {"CF",0},
212 {"PF",2},
213 {"AF",4},
214 {"ZF",6},
215 {"SF",7},
216 {"DF",10},
217 {"OF",11},
218};
219static pos_name regs_64[] = {
220{"RAX ",0x50},
221{"RDX ",0x60},
222{"RCX ",0x58},
223{"RBX ",0x28},
224{"RDI ",0x80},
225{"RSI ",0x68},
226{"R8 ",0x48},
227{"R9 ",0x40},
228{"R10 ",0x38},
229{"R11 ",0x30},
230{"R12 ",0x18},
231{"R13 ",0x10},
232{"R14 ",0x8},
233{"R15 ",0},
234{"RSP ",0x98},
235{"RBP ",0x20},
236{"RIP ",0x80},
237};
238static pos_name regs_32[] = {
239{"EAX ",0x50},
240{"EDX ",0x60},
241{"ECX ",0x58},
242{"EBX ",0x28},
243{"EDI ",0x80},
244{"ESI ",0x68},
245{"R8d ",0x48},
246{"R9d ",0x40},
247{"R10d ",0x38},
248{"R11d ",0x30},
249{"R12d ",0x18},
250{"R13d ",0x10},
251{"R14d ",0x8},
252{"R15d ",0},
253{"ESP ",0x98},
254{"EBP ",0x20},
255{"EIP ",0x80},
256};
257#endif /* DEBUG_H */
258
bparser.h
Binary parser abstraction supporting memory and streaming files.
step_over
bool step_over(context *ctx, void *args)
Step over a function call instruction.
Definition debugger.c:338
listBP
bool listBP(context *ctx, void *args)
List all active breakpoints.
Definition debugger.c:486
handle_action
bool handle_action(context *ctx, void *args)
Handle actions that correspond directly to simple commands (e.g., quit, help, continue,...
Definition debugger.c:88
setBP
bool setBP(context *ctx, void *args)
Set a breakpoint at a given address or symbol name.
Definition debugger.c:404
examin_mem
bool examin_mem(context *ctx, void *args)
Examine memory at a specific address.
Definition debugger.c:228
set_mem_reg
bool set_mem_reg(context *ctx, void *args)
Modify the value of a register or memory location.
Definition debugger.c:163
delBP
bool delBP(context *ctx, void *args)
Delete a breakpoint by ID.
Definition debugger.c:284
step_over
bool step_over(context *ctx, void *args)
Step over a function call.
Definition debugger.c:338
listBP
bool listBP(context *ctx, void *args)
List all breakpoints.
Definition debugger.c:486
handle_action
bool handle_action(context *ctx, void *args)
Execute a user command.
Definition debugger.c:88
b_debugger
bool b_debugger(bparser *target, void *arg)
Launch and manage the debugger main loop.
Definition debugger.c:757
init_values
void init_values(bparser *target, context *ctx)
Initialize context values from target binary.
Definition debugger.c:613
parse_cmd
void parse_cmd(context *ctx)
Parse and dispatch a command from the user.
Definition debugger.c:37
setBP
bool setBP(context *ctx, void *args)
Set a breakpoint at an address or symbol.
Definition debugger.c:404
print_helpCMD
void print_helpCMD()
Print available debugger commands.
Definition debugger.c:138
restore_all_BP
void restore_all_BP(context *ctx, int opt)
Restore all breakpoints (enable or disable).
Definition debugger.c:510
examin_mem
bool examin_mem(context *ctx, void *args)
Examine memory at a given address.
Definition debugger.c:228
set_mem_reg
bool set_mem_reg(context *ctx, void *args)
Modify memory or registers.
Definition debugger.c:163
delBP
bool delBP(context *ctx, void *args)
Delete a breakpoint by ID.
Definition debugger.c:284
dis_ctx
void dis_ctx(context *ctx)
Display current registers, flags, disassembly, and stack.
Definition debugger.c:540
func_callback_t
bool(* func_callback_t)(context *ctx, void *args)
Callback type for command handler functions.
Definition debugger.h:43
destroy_bp_sym
void destroy_bp_sym(context *ctx)
Free all breakpoints and symbols in the context.
Definition debugger.c:713
handle_bpoint
void handle_bpoint(context *ctx)
Handle breakpoint hit logic.
Definition debugger.c:457
destroy_all
void destroy_all(context *ctx)
Destroy all context-related memory.
Definition debugger.c:737
Cmd
Represents a parsed user command.
Definition debugger.h:48
Cmd::addr
uint64_t addr
Definition debugger.h:50
Cmd::op
char * op
Definition debugger.h:49
bp_list
A linked list of breakpoints.
Definition debugger.h:65
bp_list::last
bp * last
Definition debugger.h:67
bp_list::counter
uint32_t counter
Definition debugger.h:68
bp_list::first
bp * first
Definition debugger.h:66
bp
Represents a single breakpoint.
Definition debugger.h:74
bp::addr
uint64_t addr
Definition debugger.h:76
bp::id
unsigned int id
Definition debugger.h:78
bp::next
bp * next
Definition debugger.h:77
bp::orig
uint64_t orig
Definition debugger.h:75
bparser
Parser object.
Definition bparser.h:19
context
Holds debugger state and process information.
Definition debugger.h:100
context::mmaps
char * mmaps
Definition debugger.h:101
context::do_wait
bool do_wait
Definition debugger.h:110
context::cmd
Cmd cmd
Definition debugger.h:107
context::pid
unsigned int pid
Definition debugger.h:108
context::sym
sym_list * sym
Definition debugger.h:106
context::base
uint64_t base
Definition debugger.h:102
context::entry
uint64_t entry
Definition debugger.h:103
context::do_exit
bool do_exit
Definition debugger.h:112
context::pie
bool pie
Definition debugger.h:111
context::regs
struct user_regs_struct regs
Definition debugger.h:104
context::arch
uint32_t arch
Definition debugger.h:109
context::list
bp_list * list
Definition debugger.h:105
func_list
Represents a debugger command and its associated function.
Definition debugger.h:84
func_list::cmd
char * cmd
Definition debugger.h:85
func_list::func
func_callback_t func
Definition debugger.h:86
pos_name
Maps a register/flag name to its position.
Definition debugger.h:92
pos_name::name
char * name
Definition debugger.h:93
pos_name::pos
int pos
Definition debugger.h:94
sym_list
Represents a symbol entry (function name and address).
Definition debugger.h:56
sym_list::name
char * name
Definition debugger.h:57
sym_list::next
sym_list * next
Definition debugger.h:59
sym_list::addr
uint64_t addr
Definition debugger.h:58