GDB Cheatsheet

GDB is a famous tool for binary instrumentation, reverse engineering and debugging. You will find some common commands and tips.

Read registers and addresses

Show values of registers etc.

instruction explanation
x/i $pc show next asm instruction
x/x $esp view register as hex
x/200x $esp view 200 values starting at stackpointer
x/s $esp view register value as string
p system get address from system function
list main prints source code of main
disassemble main get asm code of main

Breakpoints, Run & Stop

instruction explanation
b *0x808080 breakpoint at address 0x808080
d delete all breakpoints
b id $esp == 0xffffffff break if stack pointer points to 0xffffffff
run [args] start programm execution
c continue execution after break
si one or n-simple steps (pass n as argument)

Manipulate

instruction explanation
set $esp = 0x08343876 set register

Tips

  • You can create an .gdbinit file in the current folder, which will be sourced at each gdb start in this folder.
  • If you want to see the data section call readelf -x .data yourbinary
  • If you want to instrument the registers of an interactive console application you can terminate it by sending SIGINT Ctrl+C. This will be catched by gdb and then its possible to view all registers etc.
  • You can also use objdump -d /path/to/your/binary to disassemble a binary.
  • If you want to generate a ROP-Chain for exploiting some stuff use ropper instead of ROPgadget. I tried both and ropper seems to be the better solution.

x86 behaviour

  • $esp-4 contains the next instruction on the stack.
  • $eax contains the return value.
  • stack grows downwards to lower addresses

Nice tools

  • Ropper for ROP Chain generation or to search for suitable gadgets in your binaries.
  • Valgrind/Callgrind to generate callgraphs an find memory leaks

Nice Websites: