GDB basics

Changing to intel syntax

set disassembly-flavor intel

Finding the entry point and sections of a stripped binary

info file

View main function instructions

disassemble main

Setting a break point

break *main
break <ADDR> #0x00000000004005bd

Re-run the program

run <args> #(optional)

Stepping to the next instruction

Continue running the program

View variables

View registers

Set a value to a register

Display formats

  1. o => Display in octal.

  2. x => Display in hexadecimal.

  3. u => Display in unsigned, standard base-10 decimal.

  4. t => Display in binary.

Example using examine command ( x ):

The default size of a single unit is a four-byte unit called a word,This can be changed by adding the following letters to the end of the examine command.

  1. b => A single byte.

  2. h => A halfword, which is two bytes in size

  3. w => A word, which is four bytes in size

  4. g => A giant, which is eight bytes in size

Examples:

Examine command also accepts instruction ( i ) that display the memory as disassembled assembly language instructions.

Working with environment

GDB and other debuggers may add some more env vars, which could change offset of shellcode on the stack, so it's best to remove them.

PreviousReverse-EngineeringNextMASM Basics

Last updated