libdebug.ptrace package#

Subpackages#

Submodules#

libdebug.ptrace.ptrace_constants module#

class libdebug.ptrace.ptrace_constants.StopEvents(value)[source]#

Bases: IntEnum

An enumeration of the stop events that ptrace can return.

CLONE_EVENT = 773#
EXEC_EVENT = 1029#
EXIT_EVENT = 1541#
FORK_EVENT = 261#
VFORK_EVENT = 517#
VFORK_DONE_EVENT = 1285#
SECCOMP_EVENT = 1797#
class libdebug.ptrace.ptrace_constants.Commands(value)[source]#

Bases: IntEnum

An enumeration of the available ptrace commands.

PTRACE_TRACEME = 0#
PTRACE_PEEKTEXT = 1#
PTRACE_PEEKDATA = 2#
PTRACE_PEEKUSER = 3#
PTRACE_POKETEXT = 4#
PTRACE_POKEDATA = 5#
PTRACE_POKEUSER = 6#
PTRACE_CONT = 7#
PTRACE_KILL = 8#
PTRACE_SINGLESTEP = 9#
PTRACE_GETREGS = 12#
PTRACE_SETREGS = 13#
PTRACE_GETFPREGS = 14#
PTRACE_SETFPREGS = 15#
PTRACE_ATTACH = 16#
PTRACE_DETACH = 17#
PTRACE_GETFPXREGS = 18#
PTRACE_SETFPXREGS = 19#
PTRACE_SYSCALL = 24#
PTRACE_SETOPTIONS = 16896#
PTRACE_GETEVENTMSG = 16897#
PTRACE_GETSIGINFO = 16898#
PTRACE_SETSIGINFO = 16899#
PTRACE_GETREGSET = 16900#
PTRACE_SETREGSET = 16901#
PTRACE_SEIZE = 16902#
PTRACE_INTERRUPT = 16903#
PTRACE_LISTEN = 16904#
PTRACE_PEEKSIGINFO = 16905#
PTRACE_GETSIGMASK = 16906#
PTRACE_SETSIGMASK = 16907#
PTRACE_SECCOMP_GET_FILTER = 16908#
PTRACE_SECCOMP_GET_METADATA = 16909#
PTRACE_GET_SYSCALL_INFO = 16910#

libdebug.ptrace.ptrace_interface module#

class libdebug.ptrace.ptrace_interface.PtraceInterface[source]#

Bases: DebuggingInterface

The interface used by _InternalDebugger to communicate with the ptrace debugging backend.

process_id: int | None#

The process ID of the debugged process.

detached: bool#

Whether the process was detached or not.

hardware_bp_helpers: dict[int, PtraceHardwareBreakpointManager]#

The hardware breakpoint managers (one for each thread).

reset() None[source]#

Resets the state of the interface.

run() None[source]#

Runs the specified process.

attach(pid: int) None[source]#

Attaches to the specified process.

Parameters:

pid (int) – the pid of the process to attach to.

detach() None[source]#

Detaches from the process.

kill() None[source]#

Instantly terminates the process.

cont() None[source]#

Continues the execution of the process.

step(thread: ThreadContext) None[source]#

Executes a single instruction of the process.

Parameters:

thread (ThreadContext) – The thread to step.

step_until(thread: ThreadContext, address: int, max_steps: int) None[source]#

Executes instructions of the specified thread until the specified address is reached.

Parameters:

  • thread (ThreadContext) – The thread to step.

  • address (int) – The address to reach.

  • max_steps (int) – The maximum number of steps to execute.

finish(thread: ThreadContext, heuristic: str) None[source]#

Continues execution until the current function returns.

Parameters:

  • thread (ThreadContext) – The thread to step.

  • heuristic (str) – The heuristic to use.

wait() None[source]#

Waits for the process to stop. Returns True if the wait has to be repeated.

forward_signal() None[source]#

Set the signals to forward to the threads.

migrate_to_gdb() None[source]#

Migrates the current process to GDB.

migrate_from_gdb() None[source]#

Migrates the current process from GDB.

register_new_thread(new_thread_id: int) None[source]#

Registers a new thread.

Parameters:

new_thread_id (int) – The new thread ID.

unregister_thread(thread_id: int, exit_code: int | None, exit_signal: int | None) None[source]#

Unregisters a thread.

Parameters:

  • thread_id (int) – The thread ID.

  • exit_code (int) – The exit code of the thread.

  • exit_signal (int) – The exit signal of the thread.

set_breakpoint(bp: Breakpoint, insert: bool = True) None[source]#

Sets a breakpoint at the specified address.

Parameters:

  • bp (Breakpoint) – The breakpoint to set.

  • insert (bool) – Whether the breakpoint has to be inserted or just enabled.

unset_breakpoint(bp: Breakpoint, delete: bool = True) None[source]#

Restores the breakpoint at the specified address.

Parameters:

  • bp (Breakpoint) – The breakpoint to unset.

  • delete (bool) – Whether the breakpoint has to be deleted or just disabled.

set_syscall_hook(hook: SyscallHook) None[source]#

Sets a syscall hook.

Parameters:

hook (SyscallHook) – The syscall hook to set.

unset_syscall_hook(hook: SyscallHook) None[source]#

Unsets a syscall hook.

Parameters:

hook (SyscallHook) – The syscall hook to unset.

set_signal_hook(hook: SignalHook) None[source]#

Sets a signal hook.

Parameters:

hook (SignalHook) – The signal hook to set.

unset_signal_hook(hook: SignalHook) None[source]#

Unsets a signal hook.

Parameters:

hook (SignalHook) – The signal hook to unset.

peek_memory(address: int) int[source]#

Reads the memory at the specified address.

poke_memory(address: int, value: int) None[source]#

Writes the memory at the specified address.

maps() list[MemoryMap][source]#

Returns the memory maps of the process.

libdebug.ptrace.ptrace_register_holder module#

class libdebug.ptrace.ptrace_register_holder.PtraceRegisterHolder(register_file: object)[source]#

Bases: RegisterHolder

An abstract class that holds the state of the registers of a process, providing setters and getters for them.

Intended for use with the Ptrace debugging backend.

register_file: object#

The register file of the target process, as returned by ptrace.

poll(target: ThreadContext) None[source]#

Poll the register values from the specified target.

flush(source: ThreadContext) None[source]#

Flush the register values from the specified source.

libdebug.ptrace.ptrace_status_handler module#

class libdebug.ptrace.ptrace_status_handler.PtraceStatusHandler[source]#

Bases: object

This class handles the states return by the waitpid calls on the debugger process.

manage_change(result: list[tuple]) None[source]#

Manage the result of the waitpid and handle the changes.

check_for_new_threads(pid: int) None[source]#

Check for new threads in the process and register them.

Module contents#

On this page
Show Source