Hi, I’m just wondering if anyone else has encountered problems when trying to install peda for gdb? I just can not get it to work. I have used it in the past but this time around I just can’t get gdb to boot into gdb-peda
What problem does the gdb report to you?
Well when i open a binary in gdb it just opens in standard gdb rather than gdb-peda. It has also started showing this error:
Download failed: Function not implemented. Continuing without debug info for /ruser/./bow32.
What error are you getting to avoid peda from starting?
I’m not getting anything apart from the error i posted above, it just doesn’t boot into peda, when I open a binary in gdb it’s just regular gdb with the error above
I can not confirm the error.
I started a new Docker container to check the situation in a clean environment:
- Debian, current testing version “bookworm” via docker hub
- Python 3 and gdb from standard Debian package source via apt
- peda version 1.2 (the latest release) from github via git clone
It looks as usual:
$ ssh core@flatcar1.home.arpa
Last login: Tue Jul 5 12:22:07 UTC 2022 on tty1
Flatcar Container Linux by Kinvolk stable 3139.2.3 for QEMU
core@flatcar1:~$ docker pull debian:bookworm-slim
bookworm-slim: Pulling from library/debian
d5fd00c1393c: Pull complete
Digest: sha256:5815b03b62714320c1cf3cbd15204503b71d8749982cde91901c8edd4a7d76c1
Status: Downloaded newer image for debian:bookworm-slim
docker.io/library/debian:bookworm-slim
core@flatcar1:~$ docker run --interactive --tty --name peda_test debian:bookworm-slim
root@926ebd4c80d6:/# apt update
Get:1 http://security.debian.org/debian-security bookworm-security InRelease [35.6 kB]
[...]
9 packages can be upgraded. Run 'apt list --upgradable' to see them.
root@926ebd4c80d6:/# apt --yes full-upgrade
Reading package lists... Done
[...]
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@926ebd4c80d6:/# apt install --yes git python3 gdb
Reading package lists... Done
[...]
Processing triggers for libc-bin (2.33-7) ...
root@926ebd4c80d6:/# git clone --depth 1 --branch v1.2 https://github.com/longld/peda.git ~/peda
Cloning into '/root/peda'...
remote: Enumerating objects: 15, done.
remote: Counting objects: 100% (15/15), done.
remote: Compressing objects: 100% (15/15), done.
remote: Total 15 (delta 0), reused 7 (delta 0), pack-reused 0
Receiving objects: 100% (15/15), 68.06 KiB | 1.42 MiB/s, done.
Note: switching to '84d38bda505941ba823db7f6c1bcca1e485a2d43'.
[...]
root@926ebd4c80d6:/# echo "source ~/peda/peda.py" >> ~/.gdbinit
root@926ebd4c80d6:/# gdb /bin/ls
GNU gdb (Debian 10.1-2+b1) 10.1.90.20210103-git
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /bin/ls...
(No debugging symbols found in /bin/ls)
gdb-peda$ elfheader
.interp = 0x2a8
.note.gnu.build-id = 0x2c4
.note.ABI-tag = 0x2e8
.gnu.hash = 0x308
.dynsym = 0x3b8
[...]
Have you include peda in the gdbinit file echo "source ~/peda/peda.py" >> ~/.gdbinit?
I just tried reinstalling peda, I have included the output below. As you can see when i open bow32 in gdb it doesn’t boot into gdb-peda.
root@kali:~# git clone https://github.com/longld/peda.git
Cloning into 'peda'...
remote: Enumerating objects: 382, done.
remote: Counting objects: 100% (9/9), done.
remote: Compressing objects: 100% (7/7), done.
remote: Total 382 (delta 2), reused 8 (delta 2), pack-reused 373
Receiving objects: 100% (382/382), 290.84 KiB | 1.20 MiB/s, done.
Resolving deltas: 100% (231/231), done.
root@kali:~# echo "source ~/peda/peda.py" >> ~/.gdbinit
root@kali:~# gdb -q bow32
/root/.gdbinit:2: Error in sourced command file:
~/peda/peda.py:8: Error in sourced command file:
Undefined command: "from". Try "help".
Reading symbols from bow32...
Download failed: Function not implemented. Continuing without debug info for /root/bow32.
(No debugging symbols found in bow32)
(gdb) disassemble main
Dump of assembler code for function main:
0x000011e2 <+0>: lea ecx,[esp+0x4]
0x000011e6 <+4>: and esp,0xfffffff0
0x000011e9 <+7>: push DWORD PTR [ecx-0x4]
0x000011ec <+10>: push ebp
0x000011ed <+11>: mov ebp,esp
0x000011ef <+13>: push ebx
0x000011f0 <+14>: push ecx
0x000011f1 <+15>: call 0x10b0 <__x86.get_pc_thunk.bx>
0x000011f6 <+20>: add ebx,0x2e0a
0x000011fc <+26>: mov eax,ecx
0x000011fe <+28>: mov eax,DWORD PTR [eax+0x4]
0x00001201 <+31>: add eax,0x4
0x00001204 <+34>: mov eax,DWORD PTR [eax]
0x00001206 <+36>: sub esp,0xc
0x00001209 <+39>: push eax
0x0000120a <+40>: call 0x11ad <bowfunc>
That is the important error message: The peda.py Python script file could not be correct interpreted. It looks like the gdb uses the bash shell interpreter for the peda.py file and not the python interpreter.
In the web I found this issue :8: Error in sourced command file
As solution is given there:
“On my system I had gdb 8.x, but it was not compiled with python support.
Fixed it by running sudo apt install gdb (no idea why I had a bad version of gdb)”
Thank you for your reply. I will be at the computer shortly, I will try both reinstalling gdb, and running from the standard terminal. I do use terminator but I didn’t have any problems using peda in terminator a couple of years back.
It works! Thank you!!
Although what is this error message and how can i get rid of it?
Download failed: Function not implemented. Continuing without debug info for /root/bow32.
root@kali:~# gdb -q bow32
Reading symbols from bow32...
Download failed: Function not implemented. Continuing without debug info for /root/bow32.
(No debugging symbols found in bow32)
gdb-peda$ disassemble main
Dump of assembler code for function main:
0x000011e2 <+0>: lea ecx,[esp+0x4]
0x000011e6 <+4>: and esp,0xfffffff0
0x000011e9 <+7>: push DWORD PTR [ecx-0x4]
0x000011ec <+10>: push ebp
0x000011ed <+11>: mov ebp,esp
0x000011ef <+13>: push ebx
0x000011f0 <+14>: push ecx
0x000011f1 <+15>: call 0x10b0 <__x86.get_pc_thunk.bx>
0x000011f6 <+20>: add ebx,0x2e0a
0x000011fc <+26>: mov eax,ecx
0x000011fe <+28>: mov eax,DWORD PTR [eax+0x4]
0x00001201 <+31>: add eax,0x4
0x00001204 <+34>: mov eax,DWORD PTR [eax]
0x00001206 <+36>: sub esp,0xc
0x00001209 <+39>: push eax
0x0000120a <+40>: call 0x11ad <bowfunc>
I figured out, this message is independent from peda. It is message of the GDB. The GDB has the option to download debug info. Typical useful for standard libraries. But typical useless for analyzing programs.
The feature becomes active if the environment variable DEBUGINFOD_URLS is defined. Additional it seems there are GDB version which don’t handle empty environment variable DEBUGINFOD_URLS.
See:
Thank you for all your help!
One last question, is it possible now that i have peda installed, to just use regular gdb without peda or will it always boot into peda?
Loading of PEDA extensions is init by the command line source ~/peda/peda.py in the file ~/.gdbinit.
You can suppress loading of PEDA by marking this line as a comment: Insert a # character at the beginning of the line.
Again thank you so much.