Skip to content

Instantly share code, notes, and snippets.

@trulyronak

trulyronak/gdb.md

Created February 4, 2021 04:15
Show Gist options
  • Save trulyronak/e63704def092d9c57c90924405fa8f3f to your computer and use it in GitHub Desktop.
Save trulyronak/e63704def092d9c57c90924405fa8f3f to your computer and use it in GitHub Desktop.
Download ZIP
GDB Commands
Raw
gdb.md

GDB Commands, I made these for when I was taking CSE 127, and realized that they might be useful to more people. I didnn't write everything on this list, and the full list is available in the piazza

command description
p &buf gives u the address of buf
p $ebp gives you the address of ebp
x/wx 0x1234567 gives you the 4 byte word at a specific address (use this with buf and $ebp)
x/10wx you can specify how many words you want
x/nx something replace n with a number (e.g. 4, 8, ...) to get the hex values at n locations, starting at (something) and increasing in increments of 4 bytes. (added by Anon Comp)
p/x something gives you the value at something in hex
b main sets a breakpoint at all functions named main (so if you gdb sploit1, then b main, then run it, it'll trigger twice, once in sploit1.c, and another time in target1.c)
b LINE if VARNAME CONDITION e.g. b 20 if i > 100, useful for setting a conditional breakpoint, which you can then jump to using c. Useful for going through loops quickly to stop at a certain loop count.
continue (shortcut: c) continues the execution of the current program
run (shortcut: r) runs the program
si step next instruction
disas see what is going on where you are right now
disas 0x9849023213,+45 see what is going on at a specific address + 45 from that point (useful to see if your shellcode is working)
list (shortcut: l) see what part of C code you're at (before & after current position)
backtrace (shortcut: bt) usually used when you segfault and want to see the sequence of how it happened (could also be used to check what line of what file you're at)
layout src see current line of execution on the program that's currently executing along with line numbers for the entire program. Incredibly useful for setting breakpoints and analyzing how the code executes line by line.
info frame provides information about the current stack frame (useful for getting the base pointer, saved registers, current instruction pointer, etc.)
info register provides information about the registers in the current stack frame (one of the methods that can be used to check if the %eip or %ebp's values are correctly changed)

feel free to add more / correct my syntax

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment