I first learned about Evan Teran's EDB Debugger (appropriately referred to as the Evan Debugger) when studying for a hands-on penetration testing certification. I instantly fell in love with the user interface and usability. EDB Debugger is licensed under the GNU General Public License v2.0 (GPL v2.0). I hope you enjoy using this tool as much as I do.

The EDB Debugger is a GUI-based debugger capable of performing static and dynamic analysis of binaries, similar to the GNU Debugger (GDB). The only difference is that GDB doesn't have a GUI like the EDB Debugger. I plan on teaching both tools in later chapters, so we'll retrieve the source code for the EDB Debugger and will use this recipe to compile it.

If the 32-bit and 64-bit Ubuntu virtual machines aren't running, go ahead and start them both now. Once they are running, log into both of them if needed, and start the Terminal application within each virtual machine. Once the Terminal is running, you can work through this recipe. We've already installed the dependencies for this tool in Installing the dependencies and the tools recipe earlier in this chapter, so we can move right along and compile this tool from the source.

Perform the following steps:

1. Using the open Terminal application, type the following commands:

$ cd ~/bac
$ git clone --recursive https://github.com/eteran/edb-debugger.git

2. If there are no errors when cloning the EDB Debugger source code, we'll compile the source code by issuing the following Terminal commands:

$ cd ~/bac/edb-debugger
$ mkdir build 
$ cd build
$ cmake ..
$ make

3. Wait for the compilation process to finish. As long as there are no errors, you should see the edb binary in the build directory we just created. For the sake of ease of use, we can create a symbolic link to the edb binary in /usr/local/bin. To do that, we need to issue the following Terminal command:

$ sudo ln -s ~/bac/edb-debugger/build/edb /usr/local/bin/

4. As long as there were no errors, you should be able to run edb from any directory from a Terminal:

$ edb

5. If the binary ran correctly, we should see the EDB Debugger start window, as shown in the following screenshot:

We started off by changing our current working directory to ~/bac, which we created in the previous recipe. Once our current working directory was changed, we used Git to clone the EDB Debugger source code from its repository on GitHub. Next, we followed the developer's instructions by making a build directory inside the edb-debugger directory, changing our current working directory into that build directory, running cmake against the primary edb-debugger directory, denoted by the .. in the cmake command, and finally, running make to compile the code from the developer's supplied makefile.

Once the compilation process was completed, we created a symbolic link to the binary in the build directory inside the /usr/local/bin directory on our virtual machines. Last, but not least, we verified that the compilation process went well by actually running the binary from our active Terminal session. If you get the same start window as I did, you're ready to move on to the next recipe. Just as a reminder, you need to perform this recipe on both the 32-bit and 64-bit Ubuntu virtual machines.

When we retrieved the source code using Git, the --recursive flag also retrieved all of the submodules and plugins that are available from the developers repository. I encourage you to read the wiki about the available plugins: https://github.com/eteran/edb-debugger/wiki.

While I would love to write an entire book on this tool, the developer already has a great wiki for us so that we can learn how to use the EDB Debugger. Visit https://github.com/eteran/edb-debugger/wiki if you want to get insight into how to use some of the features of this great tool work. We'll cover some of this functionality in later chapters as it pertains to looking for buffer overflow vulnerabilities in ELF binaries written in C.