voltron: A hacky debugger UI for hackers
Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB, and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host. By running these views in other TTYs, you can build a customized debugger user interface to suit your needs.
Voltron does not aim to be everything to everyone. It’s not a wholesale replacement for your debugger’s CLI. Rather, it aims to complement your existing setup and allow you to extend your CLI debugger as much or as little as you like. If you just want a view of the register contents in a window alongside your debugger, you can do that. If you want to go all out and have something that looks more like OllyDbg, you can do that too.
Built-in views are provided for:
The author’s setup looks something like this:
Any debugger command can be split off into a view and highlighted with a specified Pygments lexer:
Voltron supports LLDB, GDB, VDB and WinDbg/CDB (via PyKD) and runs on macOS, Linux, and Windows.
WinDbg support is still fairly new, please open an issue if you have problems.
The following architectures are supported:
Note: Only macOS and Debian derivatives are fully supported by the install script. It should hopefully not fail on other Linux distros, but it won’t try to install package dependencies. If you’re using another distro, have a look at
install.sh to work out what dependencies you might need to install before running it.
Download the source and run the install script:
- If your debugger has an init script (
.lldbinitfor LLDB or
.gdbinitfor GDB) configure it to load Voltron when it starts by sourcing the
entry.pyentry point script. The full path will be inside the
voltronpackage. For example, on macOS it might be /Library/Python/2.7/site-packages/voltron/entry.py. The
install.shscript will add this to your
.lldbinitfile automatically if it detects GDB or LLDB in your path.LLDB:
command script import /path/to/voltron/entry.py
- Start your debugger and initialize Voltron manually if necessary.On recent versions of LLDB you do not need to initialize Voltron manually:
$ lldb target_binary
On older versions of LLDB you need to call
voltron initafter you load the inferior:
$ lldb target_binary (lldb) voltron init
$ gdb target_binary
$ ./vdbbin target_binary > script /path/to/voltron/entry.py
$ cdb -c '.load C:\path\to\pykd.pyd ; !py --global C:\path\to\voltron\entry.py' target_binary
- In another terminal (I use iTerm panes) start one of the UI views. On LLDB, WinDbg and GDB the views will update immediately. On VDB they will not update until the inferior stops (at a breakpoint, after a step, etc):
$ voltron view register $ voltron view stack $ voltron view disasm $ voltron view backtrace
- Set a breakpoint and run your inferior.
(*db) b main (*db) run
- When the debugger hits the breakpoint, the views will be updated to reflect the current state of registers, stack, memory, etc. Views are updated after each command is executed in the debugger CLI, using the debugger’s “stop hook” mechanism. So each time you step, or continue and hit a breakpoint, the views will update.
Copyright (c) 2016 snare