When trying to remote gdb to an wmvare linux shell, you soon find out that its almost impossiple.
You get message in ida pro
Even hex-rays own Toturial i shitty and dosent offer direct debugging.
http://lmgtfy.com/?q=ida+pro+vmware
Well after some research i can show howto do this correctly
It was an long road
account debug privilege
1)
1. Run the "Local security setting" administrator by typing "secpol.msc" in the Run... option of yout start menu.
2. Expand the tree by clicking the "Local policies" item.
3. Select the "User Rights Assignment" item.
4. Double-click the "Debug programs" option in the right panel.
5. Click "Add user or group..." button.
6. Insert the user name and click "Check names" button.
7. Click the OK button and close all opened windows.
8. You have to restart your session.
Setting up Wmware workstation
onfiguration Parameters
1. Open Virtual Machine Settings (Rightclick -> Settings…) and set your virtual machines network connection to “NAT”
2. Power on the Virtual Machine and write down the IP address (You could also use a static IP address)
3. Open Virtual Network Editor (Edit -> Virtual Network Editor…)
4. Select VMnet8 / NAT and press NAT Settings…
5. Click Add6. Configure Port and IP address
ida pro uses port 23946 remember to do both TCP and UDP
7.Press OK twice to close NAT Settings and Virtual Network Editor
Making Firewall Rule
3)
1. Open Windows Firewal with Advanced Security (Run > WF.msc)
2. Rightclick Inbound Rules and press New Rule…
3. Select the rule type Port
4. Select TCP and specify Port 23946
Do the same again just with UCP!!
click next then allow all >>> save
Do the same for OUTBOUND RULE !!
Make the image listen fo ida pro
5)
Locate your *.vmx file
mine is psl1ght-dev.vmx
open and insert these lines.
TESTING
6)
open virtual machine.
Copy linux_server and linux_serverx64 på virtual machine
Run command in shell
open ida With ADMIN Rights
i use ida 64
Press Debugger >> attatch remote debugger >>> Remote Linux Debugger
And Success
TEST 2
close ./linux_serverx64
Remote GDB
grapp the elf from here
http://techbliss.org/threads/linux-executable-walkthrough-binary-source.472/#post-1128
copy to VM machine
run in shell
open ida pro with admin rights
then debuggers >> attatch >> Remote GDB
You can change debugger settings to stop on debugging start, but this is only a test.
see what happends
yep finds it all right.normally it refuses to connect after this step
SUCCESS.
You get message in ida pro
Code:
Can not set debug privilege
or Target denide connection
Even hex-rays own Toturial i shitty and dosent offer direct debugging.
http://lmgtfy.com/?q=ida+pro+vmware
Well after some research i can show howto do this correctly
It was an long road
account debug privilege
1)
1. Run the "Local security setting" administrator by typing "secpol.msc" in the Run... option of yout start menu.
2. Expand the tree by clicking the "Local policies" item.
3. Select the "User Rights Assignment" item.
4. Double-click the "Debug programs" option in the right panel.
5. Click "Add user or group..." button.
6. Insert the user name and click "Check names" button.
7. Click the OK button and close all opened windows.
8. You have to restart your session.
Setting up Wmware workstation
onfiguration Parameters
- VMware Workstation 10 running on Windows 8 PRO
- The Virtual Machine is an Fedora / PSLGHT4ALL
- The virtual NIC is configured with DHCP
1. Open Virtual Machine Settings (Rightclick -> Settings…) and set your virtual machines network connection to “NAT”
2. Power on the Virtual Machine and write down the IP address (You could also use a static IP address)
3. Open Virtual Network Editor (Edit -> Virtual Network Editor…)
4. Select VMnet8 / NAT and press NAT Settings…
5. Click Add6. Configure Port and IP address
ida pro uses port 23946 remember to do both TCP and UDP
7.Press OK twice to close NAT Settings and Virtual Network Editor
Making Firewall Rule
3)
1. Open Windows Firewal with Advanced Security (Run > WF.msc)
2. Rightclick Inbound Rules and press New Rule…
3. Select the rule type Port
4. Select TCP and specify Port 23946
Do the same again just with UCP!!
click next then allow all >>> save
Do the same for OUTBOUND RULE !!
Make the image listen fo ida pro
5)
Locate your *.vmx file
mine is psl1ght-dev.vmx
open and insert these lines.
Code:
debugStub.listen.guest32 = "TRUE"
debugStub.listen.guest64 = "TRUE"
debugStub.hideBreakpoints = "TRUE"
debugStub.listen.guest32.remote = "TRUE"
debugStub.listen.guest64.remote = "TRUE"
TESTING
6)
open virtual machine.
Copy linux_server and linux_serverx64 på virtual machine
Run command in shell
Code:
[user@psl1ght-dev server]$ sudo ./linux_server64 -Ppass
IDA Linux 64-bit remote debug server(ST) v1.14. Hex-Rays (c) 2004-2011
Listening on port #23946...
open ida With ADMIN Rights
i use ida 64
Press Debugger >> attatch remote debugger >>> Remote Linux Debugger
And Success
TEST 2
close ./linux_serverx64
Remote GDB
grapp the elf from here
http://techbliss.org/threads/linux-executable-walkthrough-binary-source.472/#post-1128
copy to VM machine
run in shell
Code:
[user@psl1ght-dev server]$ gdbserver localhost:23946 simple.elf
Process simple.elf created; pid = 1831
Listening on port 23946
open ida pro with admin rights
then debuggers >> attatch >> Remote GDB
You can change debugger settings to stop on debugging start, but this is only a test.
see what happends
yep finds it all right.normally it refuses to connect after this step
SUCCESS.