summaryrefslogtreecommitdiff
path: root/md/writeup/using_gdb.md
blob: 9f2cbcbdbc76476c190c8df5b4894543c11d7ce7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# Using GDB

GDB is gnu debugger that excists for years and it work on any linux/bsd
 supported platform. And time to time there is situation when you definetly 
whant debuger, just becouse of our favorite segfaults or just becose whant
to solve at weekends evening some crackme. If you hace used some before
some DOS debugers like Borland Turbo Debuger or just debug then comparing
to gdb this are easy to use tools, and if you compare to OllyDbg then gdb is
just nightmare =]. But yea there is no other choice then that 
([ald](http://ald.sourceforge.net/)).

Will add main points that are need to know to run/debug programm. With time
more stuff will added

## Run

```bash
gdb [PROGRAM]
```

```
(gdb) run [CMD LINE PARAMS TO PROGRAM]
```

## Setting breakpoints

Setting breakpoint on speific address

```bash
(gdb) break *0x800000
```

on specific function

```bash
(gdb) break _start
```

Here is more breakpoint types [Link1](http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html) and [Link2](http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html) 

## Print registers

### Intel platform

General purpose register values

```bash
(gdb) p $eax
(gdb) p $ebx
(gdb) p $ebp
```

print value in hex

```bash
(gdb) p/x $eax
```



## Print memory

print one byte in specific adress
```bash
(gdb) x/u *0x808080
```

print array of 16 bytes in hex
```bash
gdb) x/16xu *0xffffd310
```


from register value

```bash
(gdb) x/4xb $ebp-0xc
```

## Print current position instruction

```bash
(gdb) x/i $pc
```

## Step

```bash
(gdb) step
(gdb) next
```

### Links

1. [http://althing.cs.dartmouth.edu/secref/resources/plt-got.txt](http://althing.cs.dartmouth.edu/secref/resources/plt-got.txt)
2. [http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html](http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html)
3. [http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html](http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html)