From a225fbedfbbc7e253bcc74cd5441014f9de84137 Mon Sep 17 00:00:00 2001 From: "P.D. Parnoff" Date: Wed, 6 Aug 2014 08:53:43 +0700 Subject: [PATCH] development/edb-debugger: Added (Evan's Debugger). Signed-off-by: Willy Sudiarto Raharjo --- development/edb-debugger/README | 34 ++++++ development/edb-debugger/doinst.sh | 3 + .../edb-debugger/edb-debugger.SlackBuild | 101 ++++++++++++++++++ development/edb-debugger/edb-debugger.info | 10 ++ development/edb-debugger/slack-desc | 19 ++++ 5 files changed, 167 insertions(+) create mode 100644 development/edb-debugger/README create mode 100644 development/edb-debugger/doinst.sh create mode 100644 development/edb-debugger/edb-debugger.SlackBuild create mode 100644 development/edb-debugger/edb-debugger.info create mode 100644 development/edb-debugger/slack-desc diff --git a/development/edb-debugger/README b/development/edb-debugger/README new file mode 100644 index 0000000000..9ee724b666 --- /dev/null +++ b/development/edb-debugger/README @@ -0,0 +1,34 @@ +edb (Evan's Debugger) is a graphical, Qt4-based debugger similar to OllyDbg, +written on top of the ptrace API. It is built on a plugin-based architecture. + +Its features include: + +*Intuitive GUI interface +*The usual debugging operations (step-into/step-over/run/break) +*Conditional breakpoints +*Debugging core is implemented as a plugin so people can have drop in replacements. + Of course if a given platform has several debugging APIs available, + then you may have a plugin that implements any of them. +*Basic instruction analysis +*View/Dump memory regions +*Effective address inspection +*The data dump view is tabbed, allowing you to have several views of memory open at the same time and quickly switch between them. +*Importing and generation of symbol maps + +*Plugins + Code analysis engine which can identify functions + Search for binary strings + Code Bookmarks + Breakpoint management + Check for updates + Output the current state to the console + Environment variable viewer + Hardware Breakpoints + Heap block enumeration + Opcode search engine plugin has basic functionality (similar to msfelfscan/msfpescan) + Open file enumeration + Reference finder + String searching (like strings command in *nix) + Basic ROP instruction search + +Compared to gdb, edb is more suited to reverse engineering, rather than white-box software debugging. diff --git a/development/edb-debugger/doinst.sh b/development/edb-debugger/doinst.sh new file mode 100644 index 0000000000..a6514a23d2 --- /dev/null +++ b/development/edb-debugger/doinst.sh @@ -0,0 +1,3 @@ +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi diff --git a/development/edb-debugger/edb-debugger.SlackBuild b/development/edb-debugger/edb-debugger.SlackBuild new file mode 100644 index 0000000000..1cee13c21b --- /dev/null +++ b/development/edb-debugger/edb-debugger.SlackBuild @@ -0,0 +1,101 @@ +#!/bin/sh + +# Slackware build script for Evan's Debugger (edb-debugger) + +# Copyright 2014 P.D. Parnoff +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAMPREFIX=edb +PRGNAM=debugger +VERSION=${VERSION:-0.9.20} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i486 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tgz +cd $PRGNAM +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +qmake +make + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/bin +cp -a edb $PKG/usr/bin + +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/$PRGNAMPREFIX +cp -a lib*.so $PKG/usr/lib${LIBDIRSUFFIX}/$PRGNAMPREFIX + +mkdir -p $PKG/usr/man/man1 +gzip -9 edb.1 edb.1.gz +cp -a edb.1.gz $PKG/usr/man/man1 + +mkdir -p $PKG/usr/include/$PRGNAMPREFIX +cp -a include/. $PKG/usr/include/$PRGNAMPREFIX + +mkdir -p $PKG/usr/doc/$PRGNAMPREFIX-$PRGNAM-$VERSION +cp -a doc/. BUGS CHANGELOG COPYING README README.plugins TODO $PKG/usr/doc/$PRGNAMPREFIX-$PRGNAM-$VERSION +cat $CWD/$PRGNAMPREFIX-$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAMPREFIX-$PRGNAM-$VERSION/$PRGNAMPREFIX-$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAMPREFIX-$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/development/edb-debugger/edb-debugger.info b/development/edb-debugger/edb-debugger.info new file mode 100644 index 0000000000..9ec237c167 --- /dev/null +++ b/development/edb-debugger/edb-debugger.info @@ -0,0 +1,10 @@ +PRGNAM="edb-debugger" +VERSION="0.9.20" +HOMEPAGE="http://codef00.com/projects#debugger" +DOWNLOAD="http://codef00.com/projects/debugger-0.9.20.tgz" +MD5SUM="5916d415f598fae8632dd763f58e11d1" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="" +MAINTAINER="P.D. Parnoff" +EMAIL="cryptoanarquismo@biofcentral.com" diff --git a/development/edb-debugger/slack-desc b/development/edb-debugger/slack-desc new file mode 100644 index 0000000000..f4db15f0cf --- /dev/null +++ b/development/edb-debugger/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +edb-debugger: edb-debugger (Evan's Debugger) +edb-debugger: +edb-debugger: Evan's Debugger is a graphical, Qt4-based debugger, similar to +edb-debugger: OllyDbg. It is built on top of the ptrace API and implements +edb-debugger: a plugin-based architecture. It boasts numerous features, and +edb-debugger: is well tailored to reverse engineering applications. +edb-debugger: +edb-debugger: +edb-debugger: Homepage: http://codef00.com/projects#debugger +edb-debugger: +edb-debugger: