Difference between revisions of "Gdb"

Revision as of 04:49, 30 August 2015

GDB is a bash debugger for ELF binaries.

It is a powerful tool to disassemble and view the memory of process, files and core dumps.

To view the stack trace, run:

bt

To view all registers:

i r
or
info registers

Select a stack frame to inspect:

frame {0,}

List the source code (if you have imported debugging symbols only

list +
list -
list

Print/inspect memory regions:

print <variable>
(print 200 bytes) x/200bx <variable>
(print 200 words) x/200wx $rip
(print 200 bytes => int => ascii) x/200xc $rip

Print all variables in program (requires debugging symbols)

info variables

This article contains too little information, it should be expanded or updated.
Things you can do to help: add more content. update current content.

@@ Line 3: / Line 3: @@
 It is a powerful tool to disassemble and view the memory of process, files and core dumps.
+To view the stack trace, run:
+<pre>
 bt
+</pre>
+To view all registers:
+<pre>
 i r
-frame {1..10}
+or
+info registers
+</pre>
+Select a stack frame to inspect:
+<pre>
+frame {0,}
+</pre>
+List the source code (if you have imported debugging symbols only
+<pre>
 list +
 list -
 list
+</pre>
+Print/inspect memory regions:
+<pre>
 print <variable>
-x/200x <variable>
+(print 200 bytes) x/200bx <variable>
-x/200x $rip-50
+(print 200 words) x/200wx $rip
-x/200c $rip
+(print 200 bytes => int => ascii) x/200xc $rip
-x/200bx whatever
+</pre>
+Print all variables in program (requires debugging symbols)
+<pre>
 info variables
+</pre>
 {{expand}}
 [[Category:Reverse Engineering]]