Fix Gallopsled#814: better aslr output (Gallopsled#818)

Kyle-Kyle · Aug 15, 2020 · 487caa1 · 487caa1
1 parent 301012a
commit 487caa1
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 11 deletions.
diff --git a/pwndbg/commands/aslr.py b/pwndbg/commands/aslr.py
@@ -12,28 +12,27 @@
 
 options = {'on':'off', 'off':'on'}
 
-parser = argparse.ArgumentParser(description='Inspect or modify ASLR status')
+parser = argparse.ArgumentParser(description='''
+Check the current ASLR status, or turn it on/off.
+
+Does not take effect until the program is restarted.
+''')
 parser.add_argument('state', nargs='?', type=str, choices=options,
                     help="Turn ASLR on or off (takes effect when target is started)")
 
 @pwndbg.commands.ArgparsedCommand(parser)
 def aslr(state=None):
-    """
-    Check the current ASLR status, or turn it on/off.
-
-    Does not take effect until the program is restarted.
-    """
     if state:
         gdb.execute('set disable-randomization %s' % options[state], 
                     from_tty=False, to_string=True)
 
         if pwndbg.proc.alive:
             print("Change will take effect when the process restarts")
 
-    aslr = pwndbg.vmmap.check_aslr()
+    aslr, method = pwndbg.vmmap.check_aslr()
     status = message.off('OFF')
 
     if aslr:
         status = message.on('ON')
 
-    print("ASLR is %s" % status)
+    print("ASLR is %s (%s)" % (status, method))
diff --git a/pwndbg/vmmap.py b/pwndbg/vmmap.py
@@ -444,7 +444,7 @@ def check_aslr():
         data = pwndbg.file.get('/proc/sys/kernel/randomize_va_space')
         if b'0' in data:
             vmmap.aslr = False
-            return vmmap.aslr
+            return vmmap.aslr, 'kernel.randomize_va_space == 0'
     except Exception as e:
         print("Could not check ASLR: Couldn't get randomize_va_space")
         pass
@@ -456,7 +456,7 @@ def check_aslr():
             personality = int(data, 16)
             if personality & 0x40000 == 0:
                 vmmap.aslr = True
-            return vmmap.aslr
+            return vmmap.aslr, 'read status from process\' personality'
         except:
             print("Could not check ASLR: Couldn't get personality")
             pass
@@ -469,7 +469,7 @@ def check_aslr():
     if "is off." in output:
         vmmap.aslr = True
 
-    return vmmap.aslr
+    return vmmap.aslr, 'show disable-randomization'
 
 @pwndbg.events.cont
 def mark_pc_as_executable():