Generate a PDB from Ghidra
This project is still very much a WIP, but the basic components should be usable.
- download the latest version from github releases
- copy
assets/PdbGen.javainto your ghidra_scripts folder (%USERPROFILE%/ghidra_scripts). - Run the pdbgen script via Ghidra's Script Manager.
- Run
assets/pdbgen.exe <path/name.exe> - The new pdb will be found at
path/name.pdb - Load your binary in windbg and it should automatically find the new pdb.
- Note: ensure windbg is not using a cached copy (
c:\ProgramData\Dbg\Sym\<name.exe>).
- Note: ensure windbg is not using a cached copy (
- Currently only global function symbols and data types are currently generated.
- dt <module!typename>
- x <module!symbolname>
- function names should be resolved in the callstack.
- You can dump a pdb using llvm's pdbutil tool:
llvm-pdbutil.exe dump --all <pdbpath> - We do not need the original binary for Ghidra (it has all the information already)
- however I would like to support IDA, which AFAIK discards the pe headers after importing.
# You will require a c++17 compliant compiler
git clone --config core.autocrlf=false --branch llvmorg-16.0.0 --single-branch https://github.com/llvm/llvm-project.git
git clone https://github.com/wandel/pdbgen.git --branch develop
git -C llvm-project apply ../pdbgen/llvm-debuginfo.patch # fix a bug in GSIStreamBuilder
cmake -B llvm-project/build -S llvm-project/llvm -Thost=x64
cmake --build llvm-project/build --target llvm-pdbutil # will take 10mins or so
cmake -B pdbgen/build -S pdbgen/core -DLLVM_DIR=../../llvm-project/build/lib/cmake/llvm -Thost=x64
cmake --build pdbgen/build- Clean this mess up
- Add symbols for function arguments
- Add symbols for local variables in functions
- Support Strings
- Build with Clang instead of Visual Studio 2019
- Support building & running on linux
- Support IDA
- Avoid requiring the original executable file