uDdbg – Unicorn DOPE Debugger

A gdb-like debugger that provides a runtime env to unicorn emulator and additionals features!

Unicorn DOPE Debugger (uDdbg) is a tool that extends the functionality of the epic Unicorn emulator. As GDB, it aim to provide a runtime env, through cli, with an elegant output and some more useful things that are possible thanks to the fact we are emulating a static context, which basically allows us to interact with the emulation even after the first execution of a cycle or to totally restore a specific situation in the context.

The structure of the project, designed together with @rEDSAMK, is with plug-and-play modules. Each module has a set of commands with a lot of shortcuts to reduce timings (obviously once you are familiar with the tool, but that’s pretty easy).

Taking, for example, an available command:

memory read 0x10000 128

the same result can be achieved with:

m r 0x10000 64+64

or:

mem r 0x5000*2 +64*2

Once you have arrived here, you are ready to take a look at the command list. Simply type helpinside uDdbg or help command_name to get additional info about a specific command.

help memory

Help for: memory

memory operations

usage: memory [dump|read|write] [...]



command    short    usage

---------  -------  ----------------------------------------------------

dump       d        memory dump *offset *length *file_path

read       r        memory read *offset *length [format: h|i]

write      w        memory write *offset *hex_payload

 

Download

git clone https://github.com/iGio90/uDdbg.git
pip install -r requirements.txt

Use

If you are familiar with GDB, the executors are something very similar to commands for the GNU debugger. They basically allow you to avoid cyclic and redundant tasks. Here is a very quick example of an executor to give you a better idea:

$> ex new

executor name: sample_executor

creating executor 0. add 1 command per line. type "end" to save

memory map 0x10000 128

registers write r0 0xFF

r w r2 0xD34DB33F

load target_library.so 0x50000   

patch add 0x51000 00BF00BF

end

$> ex

----------------------------------------------[ help ]----------------------------------------------

usage: exec [delete|load|new|run|save]

--------------------------------------------[ executors ]--------------------------------------------

  id  name               commands

----  ---------------  ----------

   0  sample_executor           5

$> ex save 0

saved 5 commands into executors/sample_executor

$> ex load sample_executor

mapped 1024 at 0x10000

0xff written into R0

0xd34db33f written into R2

....

Copyright (C) 2018
Giovanni -iGio90- Rocca, Vincenzo -rEDSAMK- Greco

Source: https://github.com/iGio90/