libdebug.data package#

Submodules#

libdebug.data.breakpoint module#

class libdebug.data.breakpoint.Breakpoint(address: int = 0, symbol: str = '', hit_count: int = 0, hardware: bool = False, callback: None | Callable[[ThreadContext, Breakpoint], None] = None, condition: str = 'x', length: int = 1, enabled: bool = True, _linked_thread_ids: list[int] = <factory>, _disabled_for_step: bool = False, _changed: bool = False)[source]#

Bases: object

A breakpoint in the target process.

address#

The address of the breakpoint in the target process.

Type:

int

symbol#

The symbol, if available, of the breakpoint in the target process.

Type:

str

hit_count#

The number of times this specific breakpoint has been hit.

Type:

int

hardware#

Whether the breakpoint is a hardware breakpoint or not.

Type:

bool

callback#

The callback defined by the user to execute when the breakpoint is hit.

Type:

Callable[[ThreadContext, Breakpoint], None]

condition#

The breakpoint condition. Available values are “X”, “W”, “RW”. Supported only for hardware breakpoints.

Type:

str

length#

The length of the breakpoint area. Supported only for hardware breakpoints.

Type:

int

enabled#

Whether the breakpoint is enabled or not.

Type:

bool

address: int = 0#
symbol: str = ''#
hit_count: int = 0#
hardware: bool = False#
callback: None | Callable[[ThreadContext, Breakpoint], None] = None#
condition: str = 'x'#
length: int = 1#
enabled: bool = True#
enable() None[source]#

Enable the breakpoint.

disable() None[source]#

Disable the breakpoint.

hit_on(thread_context: ThreadContext) bool[source]#

Returns whether the breakpoint has been hit on the given thread context.

libdebug.data.memory_map module#

class libdebug.data.memory_map.MemoryMap(start: int = 0, end: int = 0, permissions: str = '', size: int = 0, offset: int = 0, backing_file: str = '')[source]#

Bases: object

A memory map of the target process.

start#

The start address of the memory map.

Type:

int

end#

The end address of the memory map.

Type:

int

permissions#

The permissions of the memory map.

Type:

str

size#

The size of the memory map.

Type:

int

offset#

The relative offset of the memory map.

Type:

int

backing_file#

The backing file of the memory map, or the symbolic name of the memory map.

Type:

str

start: int = 0#
end: int = 0#
permissions: str = ''#
size: int = 0#
offset: int = 0#

The relative offset of the memory map inside the backing file, if any.

backing_file: str = ''#

The backing file of the memory map, such as ‘libc.so.6’, or the symbolic name of the memory map, such as ‘[stack]’.

static parse(vmap: str) MemoryMap[source]#

Parses a memory map from a /proc/pid/maps string representation.

Parameters:

vmap (str) – The string containing the memory map.

Returns:

The parsed memory map.

Return type:

MemoryMap

libdebug.data.memory_view module#

class libdebug.data.memory_view.MemoryView(getter: Callable[[int], bytes], setter: Callable[[int, bytes], None], unit_size: int = 8, align_to: int = 1)[source]#

Bases: MutableSequence

A memory interface for the target process.

This class must be used to read and write memory of the target process.

getter#

A function that reads memory from the target process.

Type:

Callable[[int], bytes]

setter#

A function that writes memory to the target process.

Type:

Callable[[int, bytes], None]

maps_provider#

A function that returns the memory maps of the target process.

Type:

Callable[[], list[MemoryMap]]

unit_size#

The data size used by the getter and setter functions. Defaults to 8.

Type:

int, optional

align_to#

The address alignment that must be used when reading and writing memory. Defaults to 1.

Type:

int, optional

context: InternalDebugger#

The debugging context of the target process.

read(address: int, size: int) bytes[source]#

Reads memory from the target process.

Parameters:
  • address (int) – The address to read from.

  • size (int) – The number of bytes to read.

Returns:

The read bytes.

Return type:

bytes

write(address: int, data: bytes) None[source]#

Writes memory to the target process.

Parameters:
  • address (int) – The address to write to.

  • data (bytes) – The data to write.

insert(index: int, value: int) None[source]#

MemoryView doesn’t support insertion.

libdebug.data.register_holder module#

class libdebug.data.register_holder.RegisterHolder[source]#

Bases: ABC

An abstract class that holds the state of the registers of a process, providing setters and getters for them.

abstract apply_on_thread(target: ThreadContext, target_class: type) None[source]#

Applies the current register values to the specified thread target.

Parameters:
  • target (ThreadContext) – The object to which the register values should be applied.

  • target_class (type) – The class of the target object, needed to set the attributes.

abstract apply_on_regs(target: object, target_class: type) None[source]#

Applies the current register values to the specified regs target.

Parameters:
  • target (object) – The object to which the register values should be applied.

  • target_class (type) – The class of the target object, needed to set the attributes.

abstract poll(target: ThreadContext) None[source]#

Polls the register values from the specified target.

Parameters:

target (ThreadContext) – The object from which the register values should be polled.

abstract flush(source: ThreadContext) None[source]#

Flushes the register values from the specified source.

Parameters:

source (ThreadContext) – The object from which the register values should be flushed.

libdebug.data.registers module#

class libdebug.data.registers.Registers[source]#

Bases: ABC

Abtract class that holds the state of the architectural-dependent registers of a process.

libdebug.data.signal_catcher module#

class libdebug.data.signal_catcher.SignalCatcher(signal_number: int, callback: Callable[[ThreadContext, SignalCatcher], None], recursive: bool = True, enabled: bool = True, hit_count: int = 0)[source]#

Bases: object

Catch a signal raised by the target process.

signal_number#

The signal number to catch.

Type:

int

callback#

The callback defined by the user to execute when the

Type:

Callable[[ThreadContext, CaughtSignal], None]

signal is caught.
recursive#

Whether, when the signal is hijacked with another one, the signal catcher associated with the

Type:

bool

new signal should be considered as well. Defaults to False.
enabled#

Whether the signal will be caught or not.

Type:

bool

hit_count#

The number of times the signal has been caught.

Type:

int

signal_number: int#
callback: Callable[[ThreadContext, SignalCatcher], None]#
recursive: bool = True#
enabled: bool = True#
hit_count: int = 0#
enable() None[source]#

Enable the signal catcher.

disable() None[source]#

Disable the signal catcher.

hit_on(thread_context: ThreadContext) bool[source]#

Returns whether the signal catcher has been hit on the given thread context.

libdebug.data.syscall_handler module#

class libdebug.data.syscall_handler.SyscallHandler(syscall_number: int, on_enter_user: Callable[[ThreadContext, int], None], on_exit_user: Callable[[ThreadContext, int], None], on_enter_pprint: Callable[[ThreadContext, int, Any], None], on_exit_pprint: Callable[[int | tuple[int, int]], None], recursive: bool = False, enabled: bool = True, hit_count: int = 0, _has_entered: bool = False, _skip_exit: bool = False)[source]#

Bases: object

Handle a syscall executed by the target process.

syscall_number#

The syscall number to handle.

Type:

int

on_enter_user#

The callback defined by the user to execute when the

Type:

Callable[[ThreadContext, int], None]

syscall is entered.
on_exit_user#

The callback defined by the user to execute when the

Type:

Callable[[ThreadContext, int], None]

syscall is exited.
on_enter_pprint#

The callback defined by the pretty print to execute when

Type:

Callable[[ThreadContext, int], None]

the syscall is entered.
on_exit_pprint#

The callback defined by the pretty print to execute when

Type:

Callable[[ThreadContext, int], None]

the syscall is exited.
recursive#

Whether, when the syscall is hijacked with another one, the syscall handler associated with

Type:

bool

the new syscall should be considered as well. Defaults to False.
enabled#

Whether the syscall will be handled or not.

Type:

bool

hit_count#

The number of times the syscall has been handled.

Type:

int

syscall_number: int#
on_enter_user: Callable[[ThreadContext, int], None]#
on_exit_user: Callable[[ThreadContext, int], None]#
on_enter_pprint: Callable[[ThreadContext, int, Any], None]#
on_exit_pprint: Callable[[int | tuple[int, int]], None]#
recursive: bool = False#
enabled: bool = True#
hit_count: int = 0#
enable() None[source]#

Handle the syscall.

disable() None[source]#

Unhandle the syscall.

hit_on_enter(thread_context: ThreadContext) bool[source]#

Returns whether the syscall handler has been hit during the syscall entry on the given thread context.

hit_on_exit(thread_context: ThreadContext) bool[source]#

Returns whether the syscall handler has been hit during the syscall exit on the given thread context.

Module contents#