symrepl is a small utility that helps you investigate the type information
inside binaries. It uses lldb in order to access the symbolic information
inside a binary.
The main use case of this little helper tool is to help vulnerability researchers find interesting things to use while exploiting software.
The following example shows the loading of the XUL binary and how symrepl
can be used to inspect the internals of the types used inside the binary.
The script works only on macOS and Linux. On macOS, XCode is required. On
Linux, lldb and llvm-config are required.
# Install `pip` if not installed.
$ easy_install pip
# Install `virtualenv` if not installed.
$ pip install virtualenv
# Create a virtual python environment.
$ virtualenv venv_symrepl
# Activate the environment (POSIX system).
$ source ./venv_symrepl/bin/activate
# Install `symrepl` into the virtual environment.
$ python setup.py install
All the python requirements will be installed automatically using python's
setuptools.
XCodepythonpipvirtualenv (optional)
Execute symrepl with -h to get help:
$ symrepl -h
usage: symrepl.py [-h] [-f FILENAME]
Symbol REPL.
optional arguments:
-h, --help show this help message and exit
-f FILENAME, --file FILENAME
Path to the file with symbols.