Installing GEF on Arch Linux

In this post i show you a small guide for installing GEF on Arch Linux with solutions to possible issues that you may experience when running it.

GEF (pronounced ʤɛf – “Jeff”) is a command set for x86/64, ARM, MIPS, PowerPC and SPARC. It provides additional features to GDB using the Python API to help during the process of dynamic analysis and exploit development.GEF removes much of the usual obscurity from GDB, avoiding repetition of traditional commands, or pulling relevant information from the debug runtime.

To be able to run both GDB and GEF it is necessary to have Python3 installed previously.

1. GDB Installation

As a first step it is necessary to install GDB as a base, we can download it with Paru as follows:

Shell

paru -S gdb

Once installed we can check that the process has been done correctly by checking the version:

Shell

gdb -version

The GEF package is not included in the Arch repositories so we have to perform the following procedure:

2. GEF Instalation

Requeirements:

For the correct functioning of GEF it is necessary to install the following pyhton libraries:

Run the following command to install them quickly:

Shell

pip3 install capstone unicorn keystone-engine ropper

Download & Instalation:

To download and install GEF just run the following command from the command line which will download a script that automates the download and installation of the necessary packages:

Shell

bash -c "$(curl -fsSL http://gef.blah.cat/sh)"

If everything has gone well the command should not show any output. If you are curious to analyze the code it executes you can check it out at https://gef.blah.cat/sh .

At this point if you run GDB it should start with GEF:

If you want to use GEF with the root user you must make the same steps from the root account
Important

SOLVING POSSIBLE ERRORS

UnicodeEncodeError:

When running GDB, the GEF console may not be displayed and the following error may occur:

Shell

Python Exception <class 'UnicodeEncodeError'>: 'ascii'codec can't encode character '\u27a4' in position 12: ordinal not in range(128)

The problem arises from a misconfiguration of the language configured in GDB so it is not able to recognize some characters, if we execute the following command we can visualize the environment variables that store the language:

Shell

locale

To solve this problem, follow the steps below:

Open the file:

Shell

sudo nano /etc/environment

Add the following:

Shell

/etc/enviroment

LANG="en_US.UTF-8"				
LC_MESSAGES="C"				
LC_ALL="en_US.UTF-8"

The final content of the file should be as follows:

Save and restart the system to apply the configuration:

Shell

sudo reboot now

Once applied, the configuration will be saved in the system and the other variables will be configured to this value:

Run GDB again to verify that the problem has been fixed and it shows you the GEF interface.

Permission denied:

In case you get the permission denied error when executing the file:

Shell

zsh:1: permission denied: /yourpath/program			
During startup program exited with code 126.

It is necessary to give it execution permissions beforehand:

Shell

chmod +x program

I hope it will be as useful to you as it was to me.

Regards.