GDB Cheat Sheet

Last modified: 2024-02-18

Reverse Engineering

GDB (GNU Debugger) is a portable debugger used for reverse engineering.

Using Enhanced GDB

It's recommended to use enhanced version of GDB such as GEF. These have some extended features.

Start Debugger

chmod +x ./example
gdb ./example

Commands in GDB


# Start the program

# Continue until the next breakpoint or the end

# Execute the next line of code but do not enter any function calls on that line.

# Execute the next line of code

# Jump to specific address
j *0x01234


# Disassemble the main function
disass main


# Set a breakpoint at a specified line number, function, or address.
break main
b main
break *0x12345678
# Add a breakpoint to the relative address position from the main function.
b *main+25

# Information about breakpoints
info breakpoints
i breakpoints
i b

# Delete all breakpoints
delete breakpoints
d breakpoints
# Delete the specified breakpoint
delete <breakpoint_number>
delete 1
d 1

View Values

# Print value of expression at specific address
p 0x01234

# Examine the memory as specific address as addresses
x/a 0x01234
# Examine the memory at specific address as 10 characters
x/10c 0x01234
# Examine the memory as specific address as string
x/s 0x01234
# Examine
x/g 0x01234

# Display information of registers
info registers
i r
# Display information of the stack frame
i f

Change Values

# Set N characters to specific address
set {char [5]} 0x01234 = "Hello"

# Set the value stored at memory address `0x01234` to `0x5678`
set *0x01234 = 0x5678