{"id":19390633,"url":"https://github.com/mandiant/rpdebug_qnx","last_synced_at":"2025-04-24T00:31:28.221Z","repository":{"id":146046292,"uuid":"522606651","full_name":"mandiant/rpdebug_qnx","owner":"mandiant","description":null,"archived":true,"fork":false,"pushed_at":"2023-06-01T13:31:58.000Z","size":11,"stargazers_count":13,"open_issues_count":1,"forks_count":5,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-03-13T12:32:16.672Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mandiant.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-08T15:31:04.000Z","updated_at":"2024-08-06T05:55:46.000Z","dependencies_parsed_at":null,"dependency_job_id":"781a740f-92bf-4a1d-aa94-c4aa4afd4fd4","html_url":"https://github.com/mandiant/rpdebug_qnx","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Frpdebug_qnx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Frpdebug_qnx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Frpdebug_qnx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mandiant%2Frpdebug_qnx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mandiant","download_url":"https://codeload.github.com/mandiant/rpdebug_qnx/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250539416,"owners_count":21447305,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T10:22:30.474Z","updated_at":"2025-04-24T00:31:28.201Z","avatar_url":"https://github.com/mandiant.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# rpdbg\r\n`rpdbg.py` is designed to communicate with the QNX operating system's `pdebug` utility. The `pdebug` utility was written by QNX and appears to be designed to support `GDB` in a very lightweight capacity. The protocol is similar to GDB, but also appears to have been modified. QNX provides their version of `GDB` with their software development platform. The primary purpose of this script is to extract process-level memory from any process leveraging `pdebug`.\r\n\r\n**This script will only work on Windows (for now).**\r\n\r\n## pdebug\r\n`pdebug` must be instantiated on the QNX machine for this script to connect to it. The following commands were used to instantiate `pdebug` in QNX. Note that the `-1` option specifies that `pdebug` is to terminate when the debug session ends- this is optional (as are the other options).\r\n\r\n```\r\n# export PDEBUG_DEBUG=1\r\n# pdebug -1efv 8001\r\n```\r\n\r\n## Usage\r\n1. Launch `pdebug` as described above.\r\n```\r\n# export PDEBUG_DEBUG=1\r\n# pdebug -1efv 8001\r\n\r\nThis version of pdebug was built on May 20 2009.\r\nProtoVer 0.3\r\n```\r\n2. Run `rpdbg.py` using `Python3`\r\n```\r\nλ python3 rpdbg.py\r\nQNX Process Memory Viewer \u0026 Dumper\r\npdbg\u003e\r\n```\r\n3. `help` to view options, and `help \u003coption\u003e` for light description.\r\n```\r\npdbg\u003e help\r\n\r\nDocumented commands (type help \u003ctopic\u003e):\r\n========================================\r\nattach   dump           dump_range  quit        verbose\r\nconnect  dump_complete  help        set_outdir\r\n\r\npdbg\u003e help connect\r\nConnect to QNX target via IPv4.\r\n* Usage: connect \u003cqnx_ip\u003e \u003cqnx_port\u003e\r\n\r\npdbg\u003e\r\n```\r\n\r\n4. There are three ways to dump memory (`dump`, `dump_range`, `dump_complete`).\r\n  * `dump` - Dump up to 0x400 (1024) bytes from a known address. Bytes will be dumped to console and optionally a file.\r\n    * Usage: `dump \u003caddr=0x...\u003e \u003clen (max 1024)\u003e [outfile]`\r\n  * `dump_range` - Dump an address range's worth of pages to a single file.\r\n    * Usage: `dump_range \u003cstart_addr: 0x...\u003e \u003cend_addr: 0x...\u003e \u003coutfile\u003e`\r\n  * `dump_complete` - Dump entire address space of process into separate files based on accessible regions.\r\n    * Usage: `dump_complete \u003coutfile_prefix\u003e`\r\n\r\n## Example Usage\r\n```\r\nλ python3 rpdbg.py\r\nQNX Process Memory Viewer \u0026 Dumper\r\npdbg\u003e connect 192.168.126.139 8001\r\nConnected\r\npdbg\u003e attach 847910\r\nAttached\r\npdbg\u003e dump 0x8048000 256\r\n7f454c460101010000000000000000000200030001000000a8970408340000000cc306000000000034002000060028001b00180006000000340000003480040834800408c0000000c0000000050000000400000003000000f4000000f4800408f4800408140000001400000004000000010000000100000000000000008004080080040862510600625106000500000000100000010000006451060064e10a0864e10a08bc690000dcc300000600000000100000020000007451060074e10a0874e10a08d0000000d000000006000000040000000400000020bb06000881040808810408180000000000000004000000010000002f7573722f6c69622f6c6471\r\npdbg\u003e dump_range 0x8040000 0x8080000 dump_804_8080000.bin\r\npdbg\u003e quit\r\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmandiant%2Frpdebug_qnx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmandiant%2Frpdebug_qnx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmandiant%2Frpdebug_qnx/lists"}