GDB tutorial

Introduction

gdb = GNU Debugger. It is a tool used for dynamic analysis, e.g. analysing a programs runtime behaviour, as opposed to its static source code, which is analysed using static analysis.

Essentialy, GDB lets you run binaries and see exactly what they are doing, by being able to stop the code at any point and inspect the state of the machine. GDB can also change the programs behaviour, by patching instructions, memory, or registers at runtime.

Basic Usage

  • start gdb

  • inspect the binary

  • inspect the code

  • set breakpoints

  • inspect / examine memory

  • stepping / continueing etc

  • Changing regs

  • backtrace

Automating behaviour

  • using the commands instruction

  • creating a better interface using the commands instruction

Extensions

  • gdb-peda

  • gef

  • writing your own

Some features of GEF

  • show some of the nice stuff gef implements

Advances Tricks for GDB

  • Conditional breakpoints

  • using commands instruction for on the fly patching

  • setting variables

  • using gdb as remote debugger

  • ‚Äč