Questions tagged [gdb]
A source level debugger based on `ptrace` for *NIX systems and developed by the GNU project.
272 questions
1
vote
1
answer
77
views
How to instruction-step through programs that take stdin?
I'd like to be able to use gdb to debug CTF challenges.
Here's the gdb script and how I use it:
> cat gdb_commands
set pagination off
# readelf -a shrimple_vm | grep Entry | awk '{ print $NF }'
...
- 339
1
vote
0
answers
43
views
GDB Struct Deref
Let's say I have a type MyStruct. I would like to check if 40 bytes from the structs start, there is a pointer. If there is, I would like to get the type of that pointer. Is there a way to do that ?
I ...
- 11
0
votes
1
answer
56
views
Why does the value stored in a register change after an x/s call? (GDB)
I have run the following commands at a breakpoint in gdb and I don't understand how the x/d $rdx commands returns two different values, one before and one after x/s $rdx is executed. To my ...
- 3
2
votes
2
answers
139
views
What is the gdb command equivalent of bp MODULE_NAME+0x12345678 in WinDBG?
What is the gdb command equivalent of bp MODULE_NAME+0x12345678 in WinDBG?
I found this command useful to debug with ASLR (w/o disabling it).
- 113
1
vote
2
answers
647
views
Adding debug symbols with GDB
In CTFs when I'm given some ELF file, it usually wasn't compiled with the -g flag. Is there a way to to somehow edit the file to make it be as if the ELF file was originally compiled with the -g flag?
...
- 141
2
votes
0
answers
77
views
Difference between __openat and openat (Android)
While reverse engineering an Android process, I wanted to explore the openat function. I noticed that there is a symbol "openat" and another symbol "__openat". What is the ...
- 183
2
votes
0
answers
61
views
IDA Pro ignores present database with remote debugging
I have a qemu instance running a custom Linux distribution, within which I'd like to debug an (already running) application. I have already embedded a gdbserver inside (and have a root shell available)...
- 121
1
vote
1
answer
349
views
Why this x64 shellcode doesn't work?(segmentation fault)
I found a simple shellcode on the internet.
Then, to test this shellcode, I make the simple ret overwrite code.
test.c
#include <stdio.h>
#include <string.h>
char buf[100];
int main(void)...
- 55
1
vote
0
answers
113
views
Binary Exploitation
I am trying to learn binary exploitation. I can modify the binary behaviour with gdb, but I have not understood how to exploit the binary in C.
I've found some references on "Hacking - the art of ...
- 31
2
votes
0
answers
234
views
How to get the address of a glibc private symbol at runtime programmatically?
I am trying to get the address of a private function in GLIBC.
For instance - the function __run_prefork_handlers().
I have done it with gdb, using info symbol __run_prefork_handlers and info address ...
- 121
3
votes
0
answers
149
views
format-string + ret2libc (or format string only)?
I found that we have a format-string bug with in argument 7. I found a function containing system(/bin/sh)). So I'm not saying stupidity I have to mess with a format-string and a ret2libc (correct me ...
- 31
3
votes
0
answers
66
views
IDA remote GDB debugger cannot suspend linux machine
I am starting Debugging Linux Virtual Machine by IDA GDB debugger. I can say I am able to connect to process (0) and start the machine (by using IDA 32bit, IMO it has something to do with bios! or I ...
- 31
3
votes
1
answer
224
views
GDB breakpoint crashes at a correct memory location
I'm trying to debug binaries of a a firmware running Linux with no ASLR, binaries are not compiled with PIE either so I have no issue getting the memory locations.
So after including gdbserver in the ...
3
votes
0
answers
133
views
debug stripped file
I've system embedded mips big endian with gdb-server and I want debug stripped file of the target, I can run in target gdb server with stripped file (--attach PID), but when I try to connect with gdb-...
- 31
3
votes
1
answer
464
views
How can I verify section -> segment mapping for ELFs on linux?
I'm looking at at ELF on linux and I have readelf --segments ./myELF which shows:
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR ...
- 1,880