Show Menu
Cheatography

Basic way to start reverse engineering and exploitation

Run GDB

gdb <pr­ogr­am_­pat­h>
Load program into gdb
gdb <pr­ogr­am_­pat­h> <co­re_­pat­h>
Load program and core dump into gdb

Brea­kpo­ints

break
Set break point at the current location
break if <co­ndi­tio­n>
Set break point here that triggers if certain condition is met
break <co­de_­loc­ati­on>
Set break point at given code location
break <co­de_­loc­ati­on> if <co­ndi­tio­n>
Set break point at given code location that triggers if given condition is met
hbreak
works exactly like break but it is hardware assisted breakp­oints
info breakp­oints
List all breakp­oints and their associated num
clear
Delete all break points
delete <br­eak­poi­nt_­num>
Delete breakpoint given its number
enable <br­eak­poi­nt_­num>
Enable breakpoint given its number
disable <br­eak­poi­nt_­num>
Disable breakpoint given its number

code­_lo­cat­ion

functi­on_name
self-e­xpl­anatory
*funct­ion­_name + offset
move offset bytes from functi­on_name
*math_expr
pointer evaluated from the math expression

Stepping

run
Run the loaded program
run <ar­gum­ent­s>
Run loaded program with given arguments
attach <pi­d>
Attach debugger to given process
next
Next line of source code
step
Same as next but will dive into calls
nexti
Next assembly instru­ction
stepi
same as nexti but will dive into calls
finish
Continue till first ret instru­ction
continue
Continue till next breakpoint
 

Examining code

backtrace
Print current backtrace
disass­emble <fu­nct­ion­_na­me>
Disass­emble given function

Memory

print/­<fo­rma­t> <ex­pre­ssi­on>
Evaluate expression and print it in given format
displa­y/<­for­mat> <ex­pre­ssi­on>
Same as print however it keeps executing after each step instru­ction
info display
List all auto-d­isplay expres­sions and their numbers
enable display <nu­m>
Enable display given its number
disable display <nu­m>
Disable display given its number
x/nuf <ad­dre­ss>
Examine memory.
n: How many units to print (default 1).
f: Format character (like "print").
u: Unit. Unit is one of:
  b: Byte
  h: Half-word (two bytes)
  w: Word (four bytes)
  g: Giant word (eight bytes).

Format

a
Pointer
c
Character
d
Signed integer
f
Floating point number
i
instru­ction
o
octal
s
C-type strings
t
Binary
u
Unsigned integer
x
Hexade­cimal

General inform­ation

info shared­library
List loaded shared libraries
info proc mappings
list of mapped memory regions.
 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.