Reverse Engineering with GDB

Last modified: 2023-03-20

Reverse Engineering

GDB (GNU Debugger) is a portable debugger used for reverse engineering.

Start Debugger

chmod +x ./example
gdb ./example

Commands

# Print usage
(gdb) help <command>
(gdb) help print

# Print the address of x
(gdb) print <x>
(gdb) p <x>
(gdb) p main

# Quit
(gdb) quit

Debug

# Start the program
(gdb) run
(gdb) r

# Continue until the next breakpoint or the end
(gdb) continue
(gdb) c

# Execute the next line of code but do not enter any function calls on that line.
(gdb) next
(gdb) n

# Execute the next line of code
(gdb) step
(gdb) s

Breakpoints

# Set a breakpoint at a specified line number, function, or address.
(gdb) break main
(gdb) b main
(gdb) break *0x12345678

# Information about breakpoints
(gdb) info breakpoints
(gdb) i breakpoints
(gdb) i b

# Delete all breakpoints
(gdb) delete breakpoints
(gdb) d breakpoints
# Delete the specified breakpoint
(gdb) delete <breakpoint_number>
(gdb) delete 1
(bdb) d 1

Registers

# Information about registers
(gdb) info registers
(gdb) i registers