Reverse Engineering with GDB
Last modified: 2023-03-20
Reverse Engineering
GDB (GNU Debugger) is a portable debugger used for reverse engineering.
Start Debugger
chmod +x ./example
gdb ./example
Commands
# Print usage
(gdb) help <command>
(gdb) help print
# Print the address of x
(gdb) print <x>
(gdb) p <x>
(gdb) p main
# Quit
(gdb) quit
Debug
# Start the program
(gdb) run
(gdb) r
# Continue until the next breakpoint or the end
(gdb) continue
(gdb) c
# Execute the next line of code but do not enter any function calls on that line.
(gdb) next
(gdb) n
# Execute the next line of code
(gdb) step
(gdb) s
Breakpoints
# Set a breakpoint at a specified line number, function, or address.
(gdb) break main
(gdb) b main
(gdb) break *0x12345678
# Information about breakpoints
(gdb) info breakpoints
(gdb) i breakpoints
(gdb) i b
# Delete all breakpoints
(gdb) delete breakpoints
(gdb) d breakpoints
# Delete the specified breakpoint
(gdb) delete <breakpoint_number>
(gdb) delete 1
(bdb) d 1
Registers
# Information about registers
(gdb) info registers
(gdb) i registers