Using GDB

GDB is gnu debugger that excists for years and it work on any linux/bsd supported platform. And time to time there is situation when you definetly whant debuger, just becouse of our favorite segfaults or just becose whant to solve at weekends evening some crackme. If you hace used some before some DOS debugers like Borland Turbo Debuger or just debug then comparing to gdb this are easy to use tools, and if you compare to OllyDbg then gdb is just nightmare =]. But yea there is no other choice then that (ald).

Will add main points that are need to know to run/debug programm. With time more stuff will added

Run

gdb [PROGRAM]

Run program

(gdb) run [CMD LINE PARAMS TO PROGRAM]

Load ELD fileas with stuff and symbols

load file.elf
file file.elf

Setting breakpoints

Speific address

(gdb) break *0x800000

Function

(gdb) break _start

Source line

(gdb) break src/main.c:12

List breakpoints

(gdb) info b

Delete breakpoints

(gdb) clear src/main.c:12

Here is more breakpoint types Link1 and Link2

Print registers

Intel platform

General purpose register values

(gdb) p $eax
(gdb) p $ebx
(gdb) p $ebp

print value in hex

(gdb) p/x $eax

Print memory

Byte

print one byte from specific adress

(gdb) x/u *0x808080

Array

print 16 bytes in hex

(gdb) x/16xu *0xffffd310

print from pointer value array

(gdb) print/x *array_var@123

Register value

(gdb) x/4xb $ebp-0xc

Print current position instruction

(gdb) x/i $pc

Structure

turn on more nicer structure otutput

set print pretty on
(gdb) ptype SPI_HandleTypeDef

Step

(gdb) step
(gdb) next

Links

  1. http://althing.cs.dartmouth.edu/secref/resources/plt-got.txt
  2. http://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_28.html
  3. http://www.unknownroad.com/rtfm/gdbtut/gdbbreak.html