Add context.debugger to select which debugger to use

peace-maker · peace-maker · commit d786c07cfd3a · 2025-12-02T13:50:00.000+01:00
Allow to choose the debugger to start when using `windbg.attach`.
By default it autodetects which debugger is available.
You can specify the path to the debuggers using
`context.windbg_binary` and `context.windbgx_binary`.
diff --git a/pwnlib/context/__init__.py b/pwnlib/context/__init__.py
@@ -364,6 +364,9 @@ class ContextType(object):
         'endian': 'little',
         'gdbinit': "",
         'gdb_binary': "",
+        'windbg_binary': "",
+        'windbgx_binary': "",
+        'debugger': "auto",
         'kernel': None,
         'local_libcdb': "/var/lib/libc-database",
         'log_level': logging.INFO,
@@ -453,6 +456,9 @@ class ContextType(object):
 
     valid_signed = sorted(signednesses)
 
+    #: Valid values for :attr:`debugger`
+    debugger_choices = ['auto', 'gdb', 'windbgx', 'windbg']
+
     def __init__(self, **kwargs):
         """
         Initialize the ContextType structure.
@@ -1576,6 +1582,60 @@ def gdb_binary(self, value):
         """
         return str(value)
 
+    @_validator
+    def windbg_binary(self, value):
+        """Path to the binary that is used when running WinDbg locally.
+
+        This is useful when you have multiple versions of WinDbg installed or the WinDbg binary is
+        called something different.
+
+        Usually, it is installed to ``C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\windbg.exe``.
+        Adding the path to the Windows SDK to your PATH variable is recommended.
+
+        If set to an empty string, pwntools will try to search for a reasonable WinDbg binary from 
+        the path.
+
+        Default value is ``""``.
+        """
+        return str(value)
+
+    @_validator
+    def windbgx_binary(self, value):
+        """Path to the binary that is used when running WinDbgX locally.
+
+        This is useful when you have multiple versions of WinDbgX installed or the WinDbgX binary is
+        called something different.
+
+        Usually, it is installed to ``%LocalAppData%\Microsoft\WindowsApps\WinDbgX.exe``.
+
+        If set to an empty string, pwntools will try to search for a reasonable WinDbgX binary from 
+        the path.
+
+        Default value is ``""``.
+        """
+        return str(value)
+
+    @_validator
+    def debugger(self, value):
+        """Type of debugger to use when running locally.
+
+        Possible values are:
+
+        - ``gdb``: Use GDB as the debugger.
+        - ``windbg``: Use WinDbg as the debugger.
+        - ``windbgx``: Use WinDbgX as the debugger.
+
+        Defaults to ``windbgx`` on Windows and ``gdb`` on other platforms.
+
+        ``auto``: Automatically select the available debugger based on the platform.
+        On Windows, it will prefer ``windbgx`` over ``windbg`` if both are available.
+        
+        Default value is ``"auto"``.
+        """
+        if value not in self.debugger_choices:
+            raise AttributeError("debugger must be one of %r" % sorted(self.debugger_choices))
+        return str(value)
+
     @_validator
     def cyclic_alphabet(self, alphabet):
         """Cyclic alphabet.
diff --git a/pwnlib/gdb.py b/pwnlib/gdb.py
@@ -765,6 +765,9 @@ def binary():
         >>> gdb.binary() # doctest: +SKIP
         '/usr/bin/gdb'
     """
+    if context.debugger not in ('auto', 'gdb'):
+        log.error('Unsupported debugger: {}'.format(context.debugger))
+
     if context.gdb_binary:
         gdb = misc.which(context.gdb_binary)
         if not gdb:
diff --git a/pwnlib/windbg.py b/pwnlib/windbg.py
@@ -3,10 +3,23 @@
 target binary under WinDbg. This module provides a simple interface
 to do so under Windows.
 
+By default, :attr:`.context.debugger` is set to ``"auto"``, which will
+attempt to automatically select an appropriate debugger based on the
+available debuggers on the system.
+
+The order of preference is:
+- ``windbgx``
+- ``windbg``
+
+If automatic lookup fails, you can manually set :attr:`.context.debugger` to
+the debugger of your choice and provide the path to the debugger binary
+using :attr:`.context.windbgx_binary` or :attr:`.context.windbg_binary`.
+
 Useful Functions
 ----------------
 
 - :func:`attach` - Attach to an existing process
+- :func:`debug` - Start a new process under the debugger
 
 Debugging Tips
 --------------
@@ -127,15 +140,60 @@ def debug(args, dbgscript=None, exe=None, env=None, creationflags=0, **kwargs):
 def binary():
     """binary() -> str
 
-    Returns the path to the WinDbg binary.
+    Returns the path to the debugger binary depending on the context.
+    :attr:`.context.debugger` is used to determine which debugger to use.
 
     Returns:
         str: Path to the appropriate ``windbg`` binary to use.
     """
-    windbg = misc.which('windbgx.exe') or misc.which('windbg.exe')
-    if not windbg:
-        log.error('windbg is not installed or in system PATH')
-    return windbg
+    if context.debugger == 'auto':
+        for debugger in context.debugger_choices:
+            with context.local(debugger=debugger, log_level='critical'):
+                try:
+                    return binary()
+                except Exception:
+                    pass
+        else:
+            log.error('No debugger found. Please set context.debugger to one of: %s\n'
+                      'You might have to specify the path to the debugger binary with context.windbg_binary or context.windbgx_binary.',
+                      ', '.join(context.debugger_choices))
+    
+    if context.debugger == 'windbg':
+        if context.windbg_binary:
+            windbg = misc.which(context.windbg_binary)
+            if not windbg:
+                log.warn_once('Path to WinDbg binary `{}` not found'.format(context.windbg_binary))
+            return windbg
+
+        windbg = misc.which('windbg.exe')
+        if not windbg and os.environ.get('ProgramFiles(x86)'):
+            arch_str = {
+                'i386': 'x86',
+                'amd64': 'x64',
+                'aarch64': 'arm64',
+            }.get(context.arch)
+            if not arch_str:
+                log.error('Unsupported architecture for windbg: {}'.format(context.arch))
+            windbg = os.path.join(os.environ.get('ProgramFiles(x86)'), 'Windows Kits', '10', 'Debuggers', arch_str, 'windbg.exe')
+        if not windbg:
+            log.error('windbg is not installed or in system PATH. You can set context.windbg_binary to specify the path manually.')
+        return windbg
+
+    if context.debugger == 'windbgx':
+        if context.windbgx_binary:
+            windbg = misc.which(context.windbgx_binary)
+            if not windbg:
+                log.warn_once('Path to WinDbgx binary `{}` not found'.format(context.windbgx_binary))
+            return windbg
+
+        windbg = misc.which('windbgx.exe')
+        if not windbg and os.environ.get('LocalAppData'):
+            windbg = os.path.join(os.environ.get('LocalAppData'), 'Microsoft', 'WindowsApps', 'WinDbgX.exe')
+        if not windbg:
+            log.error('windbgx is not installed or in system PATH. You can set context.windbgx_binary to specify the path manually.')
+        return windbg
+
+    log.error('Invalid debugger selection: %s', context.debugger)
 
 @LocalContext
 def attach(target, dbgscript=None, dbg_args=[]):
