summaryrefslogtreecommitdiff
path: root/md/writeup/using_gdb.md
blob: 3346e413150fe85866e8a2290c3ba9cfde61e6f1 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
title: Using GDB
keywords:gdb,debug,linux

# Using GDB

GDB is gnu debugger that excists for years and it work on any linux/bsd
 supported platform. And time to time there is situation when you definetly 
whant debuger, just becouse of our favorite segfaults or just becose whant
to solve at weekends evening some crackme. If you hace used some before
some DOS debugers like Borland Turbo Debuger or just debug then comparing
to gdb this are easy to use tools, and if you compare to OllyDbg then gdb is
just nightmare =]. But yea there is no other choice then that 
([ald](http://ald.sourceforge.net/)).

Will add main points that are need to know to run/debug programm. With time
more stuff will added

## Run

```bash
gdb [PROGRAM]
```


Run program

```
(gdb) run [CMD LINE PARAMS TO PROGRAM]
```

Load ELD fileas with stuff and symbols

```bash
load file.elf
file file.elf
```

## Setting breakpoints

### Speific address

```bash
(gdb) break *0x800000
```

### Function

```bash
(gdb) break _start
```

### Source line

```bash
(gdb) break src/main.c:12
```

### List breakpoints

```bash
(gdb) info b
```

### Delete breakpoints
```bash
(gdb) clear src/main.c:12
```

Here is more breakpoint types [Link1](http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html) and [Link2](http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html) 

## Print registers

### Intel platform

General purpose register values

```bash
(gdb) p $eax
(gdb) p $ebx
(gdb) p $ebp
```

print value in hex

```bash
(gdb) p/x $eax
```



## Print memory

### Byte
print one byte from specific adress
```bash
(gdb) x/u *0x808080
```

### Array

print 16 bytes in hex
```bash
(gdb) x/16xu *0xffffd310
```

print from pointer value array

```bash
(gdb) print/x *array_var@123
```

### Register value

```bash
(gdb) x/4xb $ebp-0xc
```

### Print current position instruction

```bash
(gdb) x/i $pc
```

### Structure

turn on more nicer structure otutput

```bash
set print pretty on
```

```bash
(gdb) ptype SPI_HandleTypeDef
```


## Step

```bash
(gdb) step
(gdb) next
```

### Links

1. [http://althing.cs.dartmouth.edu/secref/resources/plt-got.txt](http://althing.cs.dartmouth.edu/secref/resources/plt-got.txt)
2. [http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html](http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html)
3. [http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html](http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html)