GDB Flashcards
Tips and tricks for GDB
Start gdb quietly
gdb -q ./helloworld
How to view the functions in a binary?
info functions
How to get an entry point of a particular binary?
shell readelf -h
info files
How do you change or set a disassembly flavor?
set disassembly-flavor intel
How to check all the variables and symbols within a binary?
info variables
Note: This only displays global variables and static variables. Local variables aren’t printed.
What is the difference between stepi and nexti?
nexti will execute one machine instruction, but if it is a function call then it will proceed until the function returns. stepi is more verbose executing one machine instruction, stopping, and returns the debugger.
What are the different debug symbols file types?
DWARF2
COFF
XCOFF
Stabs
Note: That a flag to include debug symbols must be explicitly specified at compile time.
If the flag is -g is included gcc will include the native operating systems native format for debugging symbols.
The -ggdb will compile the binary with gdb specific symbols.
What do symbols files actually tell us?
info sources info variables info scope function_name info functions main print symbols filename_to_store
Explain the diff symbol types within the nm utility output.
A - Absolute symbol B - In the uninitialized data section D - In the initialized data section N - Debug symbol T - In the text section U - Undefined symbol right now Note: Lower case is local symbol while upper case is external symbol
How to disable/enable/purge breakpoints once set?
disable 1
enable 1
delete 1
How to create vars to hold data during debugging?
set $i = 10
These are called convenience variables
How do you view the stack?
$esp
What are the different eflags?
AF - Auxiliary carry flag
ID - ID flag
IF - Interrupt enable flag
SF - Sign flag
