Skip to main content

gdb: How To Use In Reverse engineering CTFs

 gdb (GNU Debugger) is a powerful tool for debugging programs in C and other languages. It allows you to inspect the program's state, set breakpoints, step through code, and examine variables.

Start gdb:

Open a terminal and run gdb with the executable as an argument:

gdb ./your_program

Replace your_program with the name of your executable.

Run the Program:

Once inside gdb, you can run your program by typing:

run [program arguments]

It points out exactly where the segmentation fault occurred.

Review Assembly Code:

If you want to inspect the assembly code, use disassemble:

disassemble main

Set a Breakpoint:

Use breakpoints to stop the program’s execution at a specific line.

break main

Set a breakpoint at a specific line number:

break <line_number>

Continue Execution:

Continue the program’s execution until the next breakpoint or until it completes:

continue

Step through Code:

Use step to execute the next line of code and enter into functions:

step

Use next to execute the next line of code, but it won't enter functions:

next

Print Variables:

To print the value of a variable, use the print command:

print variable_name

Backtrace (Call Stack):

To see the call stack (backtrace), use:

bt

Inspect Memory:

View the content of memory at a specific address:

x/size_format address

For example, to print the contents of 4 bytes at the address stored in the rsp register:

x/4x $rsp

Info Registers:

Display the values of all registers:

info registers

View Source Code:

Use list to show the source code around the current line:

list

Quit gdb:

To exit gdb, type:

quit

Comments

Popular posts from this blog

Bug Boundy Methodology, Tools & Resources

Start by defining a clear objective, such as exploiting a remote code execution (RCE) vulnerability or bypassing authentication on your target. Then, consider how you can achieve this goal using various attack vectors like XSS, SSRF, or others - these are simply tools to help you reach your objective. Use the target as how a normal user would, while browsing keep these questions in mind: 1)How does the app pass data? 2)How/where does the app talk about users? 3)Does the app have multi-tenancy or user levels? 4)Does the app have a unique threat model? 5)Has there been past security research & vulnerabilities? 6)How does the app handle XSS, CSRF, and code injection?

Install & set up mitmweb or mitmproxy in Linux

Step 1: Go to the mitmproxy page and download the binaries. Step 2: Install the downloaded tar file with the command " tar -xzf <filename>.tar.gz " Step 3: In the FoxyProxy add the proxy 127.0.0.1:8080  and turn it on. Step 4 : In the terminal run command " ./mitmweb " Step 5: Go to the page  http://mitm.it/   and download the mitmproxy's Certificate. Step 6: If you downloaded the certificate for Firefox, then go to " settings -> Privacy & Security -> Click View Certificates -> Click  Import ", then import the certificate.  Step 7: Now you are ready to capture the web traffic. Step 8 : In terminal run " ./mitmweb"

API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an API

  In order to target APIs, you must first be able to find them.APIs meant for consumer use are meant to be easily discovered. Typically, the API provider will market their API to developers who want to be consumers. So, it will often be very easy to find APIs, just by using a web application as an end-user. The goal here is to find APIs to attack and this can be accomplished by discovering the API itself or the API documentation. Bug Boundy Methodology, Tools & Resources Start by defining a clear objective, such as exploiting a remote code execution (RCE) vulnerability or bypassing… adithyakrishnav.blogspot.com Reconnaissance Passive Reconnaissance It is obtaining information about a target without directly interacting with the target’s systems. Google Dorking Firstly, google search for “<app name> API”. intitle:” api” site:”google.com” inurl:”/api/v2" site:”google.com” inurl:”/api/v1" intext:”index of /” inurl:json site:”google.com” intitle:”index.of” intext:”api.t...