pwndbg/pwndbg 2025.02.19

2025.02.19 Release

on GitHub

This release features commands for dumping Linux kernel nftables internals, initial support for LoongArch64 architecture, fix for GDB 16+, improved LLDB support, few commands improvements as well as lots of fixes!

See What's changed and Community Contributions for a summary of user-facing changes from this release and a list of other relevant contributions from the Pwndbg team and contributors.

Want to support us or buy us a coffee? See our Pwndbg sponsors page!

What's changed

General

• Added commands for dumping Linux kernel nftables internals: knft_dump, knft_list_tables, knft_list_chains, knft_list_rules, knft_list_exprs, knft_list_sets, knft_list_objects and knft_list_flowtables (#2679)
• Added initial support for LoongArch64 architecture
  • Native GDB/LLDB disassemblers are used to display the code in "disasm" context section (#2693)
  • Capstone disassembly, Unicorn Engine emulation or Pwnlib related features are not there yere (we wait for upstream libraries releases support this arch which should happen in Capstone 6 and Unicorn 2.20)
• The cymbol command can now load symbols from header files with the -f header-filepath.h flag (#2661)
• The dumpargs command can now display formatted bit flags - currently only for mmap flags (#2740)
• The IDA/Binary Ninja integration server can now be configured via PWNDBG_{BINJA,IDA}_SERVER_HOST and PWNDBG_{BINJA,IDA}_SERVER_PORT environment variables (#2746)
• Speed up installation by moving to uv package manager - useful for CI builds (#2726)
• Updated Unicorn Engine to 2.1.2 (#2731)
• Argparse parsing errors are now displayed more user-friendly (#2711)
• Fixed aglib's reg_write API when writing to PC register (#2539)
• Fixed procinfo and xinfo commands when remote debugging (#2732)
• Fixed the onegadget command printing redundant memory access errors (#2682)
• Fixed the mp, arena and tcache ptmalloc2 glibc heap inspection commands (#2724, #2729)
• Fixed IPython autocompletion in ipi command on portable installation (#2739)
• Fixed PowerPC rs6000 architecture (#2741)

GDB

• Added support for GDB 16+ (#2686)
• Added a workaround for GDB TUI ANSI escape sequence translation bug (#2721)
• Fixed pwndbg.aglib.file.get_file corrupting downloaded files due to incorrect gdbstub data decoding (#2730)
• Fixed setting/syncing of parameters set via set <param> <value> (#2749)
• Fixed gdb.Value format failure in when context sections displayed the last_signal section (#2753)

LLDB

• Added fallback/support for architectures supported by LLDB but not supported by Capstone disassembly engine like LoongArch64 (#2693)
• Fixed process handling when attaching to process and added support for attach <pid|name> (#2685, #2705)
• Fixed behavior on detach (#2709)
• Ported version and bugreport commands (#2708)

...and many many others (updates to docs, developer docs, installation, CI workflows, refactorings etc)

Also thanks to new contributors: @podd0 (#2715), @0xRavenspar (#2661) and @LorenVS (#2740)!

Full Changelog since previous release (2025.01.20) can be found at: 2025.01.20...2025.02.19

Community Contributions

Our team and Pwndbg contributors are actively contributing to the broader open-source ecosystem. Here are some of their contributions:

• We reported two QEMU bugs with its gdbstub and fixed the one impacting us by @disconnect3d.
• @disconnect3d sent a patch to GDB to fix an info proc mapping bug reported a year ago.
• @disconnect3d fixed a PPC target compilation error in Unicorn Engine.
• @k4lizen optimized the glibc heap which got released in glibc 2.41.
• @k4lizen reported a few bugs in GDB recently: incorrect GOT entries, an assertion failure and an UAF when deleting breakpoints.
• @patryk4815 fixed a bug in esp32-openocd downstream fork concerning incorrect sending of RISC-V registers in its gdbstub.
• @patryk4815 debugged programs on rp2350 with OpenOCD and found several bugs related to gdb server protocol packets, reported her here.
• @patryk4815 reported two issues in LLDB: missing aliases for registers in RISC-V and LoongArch architectures; and also missing files in Capstone PyPi packages.
• @OBarronCS sent a fix for MIPS64 architecture to Unicorn Engine.
• @OBarronCS sent a feature request to Pwntools so that its asm function would allow specifying extensions of a target architecture (e.g. "Zbs" extension of RISC-V)

Which version to download?

Don't know which version to download? Here are two helpful tables: the first one, with portable packages and the second one with packages for each Linux distro.

All of those builds include and use the same version of all Pwndbg dependencies (GDB 15.2, Python 3.12.8, latest Pwndbg, Capstone 5.0.5, Unicorn Engine 2.1.2, Pwntools 4.14.0, OneGadget etc.).

For install instructions see our README. Pwndbg can also be installed with Nix package manager as detailed here.