Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- can give some tips:
- launch gdb with app:
- gdb ./app
- launch gdb with app and args
- gdb --args ./app first_arg second_arg etc
- attach to running app
- gdb ./app 123
- where 123 is PID. probably will require to run from superuser like root. sudo gdb ./app 123
- break *0x123 -- breakpoint on address 0x123
- stepi -- step into opcode
- nexti -- step over opcode
- c -- continue until breakpoint
- if you send empty line by hitting enter, it will repeat last command, so very useful:
- nexti
- <enter>
- <enter>
- <enter>
- p -- to write var
- for example
- p $eax -- output what value eax has
- /x option -- output in hex
- p /x $eax -- output eax in hex
- display args of func which has __cdecl call convention:
- break on its start (first opcode)
- then, for 32 bit system:
- p *(void**)($esp) -- return address
- p *(void**)($esp + 4) -- first arg
- p *(void**)($esp + 4 + 4) -- second arg
- p *(void**)($esp + 4 + 4 + 4) -- third arg
- and so on
- for example, we want to know args to fopen:
- p *(char**)($esp + 4)
- p *(char**)($esp + 8)
- -- will print "file_path" and "rb" for example.
- also
- bt
- -- shows backtrace (call stack)
- next, sometimes you want to always see disassembly, use
- layout asm
- -- will show disassembly always
- but it has downsides. up and down keys scroll disassembly, doesn't look commands in history. similarly left-right doesn't move carret, but scroll disassembly.
- to exit this view use CTRL+X and then A.
- similarly there is
- layout src
- -- will always display source
- it's useful when you debug open-source app / library, or at least when your app interact with library which has open sources.
- in layout src often useful
- next -- step over single operation of src
- step -- step into single operation of src
- [
- 18:41
- ]
- r57shell
- :
- sometimes you want to see $eax in hex ALWAYS, after each issued gdb command.
- it's done like this:
- display $eax
- if you want to see it always in hex
- display /x $eax
- and, if you want to see all files opened by fopen, use:
- break fopen
- display *(char**)($esp + 4)
- next, if you want to setup breakpoint on write on address, use:
- watch *0x123
- -- here 0x123 is address where to setup breakpoint
- you may disable breakpoint / watchpoint by:
- disable 5
- -- here 5 is index of breakpoint / watchpoint
- i b
- -- will display current breakpoints.
- you may make conditions on breakpoints.
- condition 5 ($eax > 10)
- will set condition on breakpoint index 5 to break only if $eax > 10
- you may tell gdb execute command instead of break on breakpoint.
- you may override register / data using:
- set $eax = 10
- -- will set $eax to 10
- similarly
- set *(int*)(0x123) = 123
- will set int on address 0x123 to 123.
- you can call functions.
- for example
- call glGetError()
- to find out why opengl failed something, but developers didnt check error code, so you may retrieve it without patching!!!!
- you can use it as an interactive C
- but I don't know how to use it when you need to pass pointer where result will be stored. perhaps you may call malloc first. didn't check.
- and, in the end:
- when app is running under GDB you can hit CTRL+C in console and you'll be able to issue commands in gdb.
- and when you want to restart gdb from the start without loosing of all breakpoints / display etc, just use run command.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement