Tuesday, October 22, 2024

Wherein We Share Some Useful GDB Commands

 

Expectations were like fine pottery. The harder you held them, the more likely they were to crack.                                                                               



New to GDB, the Linux Debugger, or just looking for a quick reference guide? Then I got you covered.

Here are some useful commands and tips that will help you navigate and debug your programs efficiently:



GDB Debugger Quick Reference Guide


Essential GDB Commands

Program Control

  • break [breakpoint] - Set a breakpoint
    • Example: break main, break *0x4004a0
    • Tip: Use break file.c:42 to break at specific source lines
  • run [args] - Start program with optional arguments
  • continue (c) - Continue execution
  • next (n) - Step over function calls
  • step (s) - Step into function calls
  • stepi - Step one assembly instruction
  • finish - Run until current function returns

Inspection

  • print [expression] - Print value
    • Example: print x, print *ptr, print $eax
  • display [expression] - Auto-print at each stop
  • x/[n][f][u] [address] - Examine memory
    • n: Number of units to display
    • f: Format (x=hex, d=decimal, s=string)
    • u: Unit size (b=byte, h=halfword, w=word, g=giant)
    • Example: x/32xb $esp - Show 32 bytes at stack pointer
  • info registers - Show register values
  • bt [full] - Show backtrace (call stack)

Interface

  • layout asm - Show assembly view
  • layout src - Show source code view
  • layout regs - Show registers view
  • layout split - Split view (source/assembly)
  • focus cmd/src/asm/regs - Switch between views
  • refresh - Refresh screen

Data & Variables

  • info locals - Show local variables
  • info args - Show function arguments
  • watch [expression] - Break on value change
  • set variable [name]=[value] - Modify variable
  • whatis [variable] - Show variable type


Compilation for Debugging

gcc -g -O0 program.c -o program

Key flags:

  • -g - Include debug symbols
  • -O0 - Disable optimization
  • -fno-stack-protector - Disable stack protection
  • -no-pie - Disable position-independent code
  • -m32 - Force 32-bit compilation


Advanced Features

Core Dumps

# Enable core dumps
ulimit -c unlimited

# Load core dump
gdb ./program core

ASLR Control

# Disable ASLR for debugging
echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
# Or temporarily:
setarch `uname -m` -R ./program

Remote Debugging

# On target machine
gdbserver :2345 ./program

# On host machine
gdb
(gdb) target remote target_ip:2345


Tips for Effective Debugging

  1. Use conditional breakpoints:
    break main if argc > 1
  2. Save common commands in .gdbinit:
    set disassembly-flavor intel
set history save on
set print pretty on
  3. Create command aliases:
    define reg
  info registers
end
  4. Use Python scripting for complex debugging:
    python
class MyCommand(gdb.Command):
    def __init__(self):
        super(MyCommand, self).__init__("mycommand", gdb.COMMAND_USER)
MyCommand()
end


I think that these commands will serve you well in your journey with a debugger.


Whether you're stepping through code, inspecting memory, or trying to exploit vulnerabilities, remember to keep experimenting with this stuff! It's all about hands-on practice.
If you have any questions, doubts or ideas to improve this list, just send them my way.

Enjoy!
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Securing Your Website (Part 2): Cloudflare Tunnels, WAF Traps, and More Hands-On Security

                 So it goes...     After setting up my website with Cloudflare Tunnels to bypass ISP restrictions and adding some basic WAF ...