full screen background image
Search
Monday 22 January 2018
  • :
  • :

edb-debugger: cross platform x86/x86-64 debugger

edb is a cross-platform x86/x86-64 debugger. It was inspired by Ollydbg, but aims to function on x86 and x86-64 as well as multiple OS’s. Linux is the only officially supported platform at the moment, but FreeBSD, OpenBSD, OSX and Windows ports are underway with varying degrees of functionality.

Screenshot

Install

git clone –recursive https://github.com/eteran/edb-debugger.git

Compiling edb is generally quite simple. edb currently depends on the following packages:

DependencyVersion Required
Qt>= 4.6
Boost (Headers Only)>= 1.35
Capstone>= 3.0
Graphviz>= 2.38.0 (Optional)

Many distributions already have packages that satisfy these. The wiki contains examples for some popular distributions:

  • https://github.com/eteran/edb-debugger/wiki/Compiling-(Fedora)
  • https://github.com/eteran/edb-debugger/wiki/Compiling-(Ubuntu)
  • https://github.com/eteran/edb-debugger/wiki/Compiling-(Debian)

Once you have the necessary dependencies installed, the compilation is done with cmake:

CMake
If you plan to just run edb out of the build directory, it’s as simple as this:

$ mkdir build
$ cd build
$ cmake ..
$ make
$ ./edb

If you would like to properly install edb on the system for all users, it’s only a little different:

$ mkdir build
$ cd build
$ cmake -DCMAKE_INSTALL_PREFIX=/usr/local/ ..
$ make
$ make install
$ edb

Installing

Basic installation is simple, you may run

$ make install

In which case the plugins will be installed in /usr/local/lib/edb and the binaries will be installed in /usr/local/bin/.

Usage

The interface is broken down into 4 primary regions.

Screenshot

Each of these can be dragged, docked, undocked, hidden and shown according to the users preferences and needs.

Additionally, some optional components are visible in this example, such as the additional Register View at the top, which can be added to the Plugins -> Ollydbg-like Register View -> New Register View menu. and the Analysis bar which functions similarly to the one found in IDA Pro. Colors are used to show different regions and you can click/drag to scroll the Disassembly View rapidly.

Tutorial

Source: https://github.com/eteran/

 

Read more…



Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Part-Time Hacker || Child Pornography & Sexual Abuse Combat


Leave a Reply

Your email address will not be published. Required fields are marked *