Skip to main content

gdb: How To Use In Reverse engineering CTFs

 gdb (GNU Debugger) is a powerful tool for debugging programs in C and other languages. It allows you to inspect the program's state, set breakpoints, step through code, and examine variables.

Start gdb:

Open a terminal and run gdb with the executable as an argument:

gdb ./your_program

Replace your_program with the name of your executable.

Run the Program:

Once inside gdb, you can run your program by typing:

run [program arguments]

It points out exactly where the segmentation fault occurred.

Review Assembly Code:

If you want to inspect the assembly code, use disassemble:

disassemble main

Set a Breakpoint:

Use breakpoints to stop the program’s execution at a specific line.

break main

Set a breakpoint at a specific line number:

break <line_number>

Continue Execution:

Continue the program’s execution until the next breakpoint or until it completes:

continue

Step through Code:

Use step to execute the next line of code and enter into functions:

step

Use next to execute the next line of code, but it won't enter functions:

next

Print Variables:

To print the value of a variable, use the print command:

print variable_name

Backtrace (Call Stack):

To see the call stack (backtrace), use:

bt

Inspect Memory:

View the content of memory at a specific address:

x/size_format address

For example, to print the contents of 4 bytes at the address stored in the rsp register:

x/4x $rsp

Info Registers:

Display the values of all registers:

info registers

View Source Code:

Use list to show the source code around the current line:

list

Quit gdb:

To exit gdb, type:

quit
Labels:

Comments

Post a Comment

Popular posts from this blog

Bug Boundy Methodology, Tools & Resources

Start by defining a clear objective, such as exploiting a remote code execution (RCE) vulnerability or bypassing authentication on your target. Then, consider how you can achieve this goal using various attack vectors like XSS, SSRF, or others - these are simply tools to help you reach your objective. Use the target as how a normal user would, while browsing keep these questions in mind: 1)How does the app pass data? 2)How/where does the app talk about users? 3)Does the app have multi-tenancy or user levels? 4)Does the app have a unique threat model? 5)Has there been past security research & vulnerabilities? 6)How does the app handle XSS, CSRF, and code injection?
Post a Comment
Read more

Install & set up mitmweb or mitmproxy in Linux

Step 1: Go to the mitmproxy page and download the binaries. Step 2: Install the downloaded tar file with the command " tar -xzf <filename>.tar.gz " Step 3: In the FoxyProxy add the proxy 127.0.0.1:8080  and turn it on. Step 4 : In the terminal run command " ./mitmweb " Step 5: Go to the page  http://mitm.it/   and download the mitmproxy's Certificate. Step 6: If you downloaded the certificate for Firefox, then go to " settings -> Privacy & Security -> Click View Certificates -> Click  Import ", then import the certificate.  Step 7: Now you are ready to capture the web traffic. Step 8 : In terminal run " ./mitmweb"
Post a Comment
Read more

CISCO devises configuration commands & info CCNA 200–301

  Repository with all the labs and necessary screenshots: GitHub — AdithyakrishnaV/CCNA_200–301: CCNA 200–301 Practical LABS. CCNA (Cisco Certified Network… CCNA 200–301 Practical LABS. CCNA (Cisco Certified Network Associate) is an information technology (IT) certification… github.com Configure the hostname : Router>en Router #conf t Router (config) #hostname R1 R1 (config)# en  is the shortcut for  enable  command. “ennable” is used to enter Privileged EXEC mode conf t  is the shortcut for  configure terminal command. Used to enter the global configuration mode delete or remove Just put a no in front, it is same across all devices. R1(config)#no interface g0 /0.20 show ip interface Checks the status of the interfaces R1(config) #do show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 unassigned YES unset administratively down down GigabitEthernet0/1 unassigned ...
Post a Comment
Read more