Linux / GDB Commands

Question 1

What commands can be used to view the system CPU info on Linux?

Answer 1

cat proc/cpuinfo or lscpu

Question 2

How do you run a program in GDB on a Linux system?

Answer 2

The following syntax runs a program in GDB:
"gdb /bin/bash"
"break main"
"run"
(gdb has started at this point)

Question 3

What commands allow viewing of registers for a program from Linux GDB?

Answer 3

The following will display registers:
“info registers” or “display /x $eax”

“info all-registers” -> (displays ALL registers)

Question 4

What command disassembles a register?

Answer 4

“disassemble $eip” as an example

Question 5

What command changes the syntax of a GDB disassembler to Intel syntax?

Answer 5

“set disassembly-flavor intel”

Question 6

How do you add debug symbols while compiling a program?

Answer 6

“gcc -ggdb main.c -o main”

Question 7

What command displays the functions within a file/program?

Answer 7

“info functions”

Question 8

What command displays all the sources for a file?

Answer 8

“info sources”

Question 9

What command displays the global variables for a file?

Answer 9

“info variables”

Question 10

What command displays the local variables of a function?

Answer 10

“info scope function_name”

Question 11

What command allows you to copy debug symbols from a binary file to a new file?

Answer 11

“objcopy –only-keep-debug File_w_symbols New_symbols_file”

Question 12

What command allows you to remove debug symbols from a binary file?

Answer 12

“strip –strip-debug File_w_symbols”

Question 13

What is the command strace?

Answer 13

Traces system calls made by a program and arguments passed by the program.

Question 14

What strace command attaches to a running program?

Answer 14

“strace -p [PID]”

Question 15

How to print the statistics for the syscalls in a program?

Answer 15

“strace -s Program_Name”

Question 16

What command traces a specific syscall(s)?

Answer 16

“strace -e syscall_name(s)”

Question 17

What are the commands to set breakpoints in GDB?

Answer 17

“break [address]”
“break [function name]”
“break [line #}”

Question 18

How can you view the breakpoints previously set?

Answer 18

“info breakpoints”

Question 19

How can you examine a specific address?

Answer 19

“x/[format letter]”

Ex: x/s (string) 0x80490a4 => “Another World!”

Question 20

What does “stepi” do?

Answer 20

It steps through each instruction within the code.

Question 21

What does “step” do?

Answer 21

It steps through the code per source line.

Question 22

What command changes the value registers or data within the running code?

Answer 22

“set [$eax] = 0xbffff272”

“set argv[1] = D”

Question 23

What are convenience variables commands?

Answer 23

“set $demo = 10”
“set argv[1] = $demo”
print argv[1]= 10
call Funtion_name [add argu]

Question 24

What can the command “strings” do?

Answer 24

Display strings contained in a program. Maybe useful to discover poorly coded information.

Question 25

What are conditional breaks in GDB?

Answer 25

Conditional breaks are used to break only when a condition is met. These are great for loops.