vagd 0.4.2

VirtuAlization GDb integrations in pwntools

VAGD

VirtuAlization GDb integrations in pwntools

Installation

pip install vagd

or from repo with

git clone https://github.com/gfelber/vagd
pip install ./vagd/

Usage

use python -m vagd to generate a template

# run as process in VM
./exploit.py
# run as gdb server in VM requires tmux
./exploit.py GDB
# run on remote IP:PORT
./exploit.py REMOTE

I recommend using pwndbg.

Files

All created files ares stored in the local ./.vagd/ directory. Additional large files (e.g. cloudimages) are stored in the home directory ~/.vagd/ or handled by tools themselfs (e.g. Vagrant, Docker).

Documentation

Boxes

the following boxes were tested and work, box constants are inside vagd.box.Box

• Vagrant
  • UBUNTU_JAMMY64 = 'ubuntu/jammy64'
  • UBUNTU_FOCAL64 = 'ubuntu/focal64'
  • UBUNTU_BIONIC64 = 'ubuntu/bionic64'
  • UBUNTU_XENIAL64 = 'ubuntu/xenial64'
• QEMU (cached in ~/.vagd/qemu-imgs)
  • CLOUDIMAGE_JAMMY
  • CLOUDIMAGE_FOCAL
  • CLOUDIMAGE_BIONIC
  • CLOUDIMAGE_XENIAL
• Docker
  • DOCKER_JAMMY = 'ubuntu:jammy'
  • DOCKER_FOCAL = 'ubuntu:focal'
  • DOCKER_BIONIC = 'ubuntu:bionic'
  • DOCKER_XENIAL = 'ubuntu:xenial'
  • DOCKER_ALPINE_316 = 'alpine:3.16.6'

currently only distributions that use apt and alpine for Docker are supported

Future plans

pre configured Vagrant boxes / QEMU Images / Docker Image

created pre configured environments with preinstalled lib debug symbols and gdbserver to lower init runtime.

Better Docker integration

created a Docker integration that allows loading existing Dockerfiles (maybe docker-compose), also add a feature that additionally virtualizes (Vagrant/Qemu) them to change the used kernel.