Pranaam to all bhai ji _/\_
Today i am going to share few commands of GDB (GNU Debugger) which comes handy during learning process.
This list is having command commands which ease GDB for beginners.
File to Disable/enable ASLR
/proc/sys/kernel/randomize_va_space
download PEDA
https://github.com/longld/peda
integrate into gdb
echo "source ~/peda/peda.py" >> ~/.gdbinit
-----
| GCC
-----
=> compile option to
make stack executable
-z execstack
remove stack guard/canaries
-fno-stack-protector
=> Attach program to GDB
using program executable - > gdb program_file
using running program process ID - > gdb --pid=process_id
=> Show list of command classes
help
help class_of_command
=> breakpoint
set break point
break function_name
break memory address
information regarding breakpoint
info breakpoints
info break breakpoint number
=> Disassemble a function
disas function_name
=> print function list
info func
=> Run program with different mode of input
r data
r $(python -c 'some python code')
r < file_having_data
=> print value at spcific memory address or in a register
p memory_address/register
different print format
p/x Print as integer variable in hex.
p/d Print variable as a signed integer.
p/u Print variable as a un-signed integer.
p/o Print variable as a octal.
p/c Print integer as character.
p/f Print variable as floating point number.
p/a Print as a hex address.
=> Examine memory space using x
x/format
supported FMT is a repeat count followed by a format letter and a size letter.
Format letters are
o(octal)
x(hex)
d(decimal)
u(unsigned decimal)
t(binary)
f(float)
a(address)
i(instruction)
c(char)
s(string)
and z(hex, zero padded on the left).
Size letters are b(byte), h(halfword), w(word), g(giant, 8 bytes).
example: - x/10s $esp/memory_address or x/10sw $esp/memory_address
x/10s $esp/memory_address-offset
=> display current information related to CPU registers
info r
=> execute next instruction
ni
=> step inside a function
si
=> set value of register or memory address
set $register = hex_value
=> print memory address of a function
p function name
example: - p system
=> search memory for string
find &system,+9999999,"/bin/sh" (for old gdb)
find "/bin/sh"
--==[[ With Love from Team IndiShell ]]==--
Today i am going to share few commands of GDB (GNU Debugger) which comes handy during learning process.
This list is having command commands which ease GDB for beginners.
File to Disable/enable ASLR
/proc/sys/kernel/randomize_va_space
download PEDA
https://github.com/longld/peda
integrate into gdb
echo "source ~/peda/peda.py" >> ~/.gdbinit
-----
| GCC
-----
=> compile option to
make stack executable
-z execstack
remove stack guard/canaries
-fno-stack-protector
=> Attach program to GDB
using program executable - > gdb program_file
using running program process ID - > gdb --pid=process_id
=> Show list of command classes
help
help class_of_command
=> breakpoint
set break point
break function_name
break memory address
information regarding breakpoint
info breakpoints
info break breakpoint number
=> Disassemble a function
disas function_name
=> print function list
info func
=> Run program with different mode of input
r data
r $(python -c 'some python code')
r < file_having_data
=> print value at spcific memory address or in a register
p memory_address/register
different print format
p/x Print as integer variable in hex.
p/d Print variable as a signed integer.
p/u Print variable as a un-signed integer.
p/o Print variable as a octal.
p/c Print integer as character.
p/f Print variable as floating point number.
p/a Print as a hex address.
=> Examine memory space using x
x/format
supported FMT is a repeat count followed by a format letter and a size letter.
Format letters are
o(octal)
x(hex)
d(decimal)
u(unsigned decimal)
t(binary)
f(float)
a(address)
i(instruction)
c(char)
s(string)
and z(hex, zero padded on the left).
Size letters are b(byte), h(halfword), w(word), g(giant, 8 bytes).
example: - x/10s $esp/memory_address or x/10sw $esp/memory_address
x/10s $esp/memory_address-offset
=> display current information related to CPU registers
info r
=> execute next instruction
ni
=> step inside a function
si
=> set value of register or memory address
set $register = hex_value
=> print memory address of a function
p function name
example: - p system
=> search memory for string
find &system,+9999999,"/bin/sh" (for old gdb)
find "/bin/sh"
--==[[ With Love from Team IndiShell ]]==--
--==[[ Greetz To ]]==--#############################################################################################Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba,#Silent poison India,Magnum sniper,ethicalnoob Indishell,Reborn India,L0rd Crus4d3r,cool toad,#Hackuin,Alicks,mike waals,Suriya Prakash, cyber gladiator,Cyber Ace,Golden boy INDIA,#Ketan Singh,AR AR,saad abbasi,Minhal Mehdi ,Raj bhai ji ,Hacking queen,lovetherisk,Bikash Dash############################################################################################# --==[[Love to]]==--# My Father ,my Ex Teacher,cold fire hacker,Mannu, ViKi ,Ashu bhai ji,Soldier Of God, Bhuppi,#Mohit,Ffe,Ashish,Shardhanand,Budhaoo,Jagriti,Salty, Hacker fantastic, Jennifer Arcuri and Don(Deepika kaushik)
:)
:-)
:))
=))
:(
:-(
:((
:d
:-d
@-)
:p
:o
:>)
(o)
[-(
:-?
(p)
:-s
(m)
8-)
:-t
:-b
b-(
:-#
=p~
:-$
(b)
(f)
x-)
(k)
(h)
(c)
cheer
Thank you ffor this
ReplyDelete