This is a collection of commands I’ve found useful when working with GDB.
Run an executable with args:
gdb --args path/to/executable -every -arg you can=think < of
gdb -q --args ./bof $(/opt/metasploit-framework/tools/pattern_create.rb 1000)
Set a breakpoint:
break main
b main
Set a breakpoint at an instruction:
b *0x80484b5
Disassemble a function:
disassemble main
disas main
Show registers:
info registers
i r
Show a specific register:
info registers eip
i r eip
Show a backtrace with local valirables:
bt full
Examine
View the value of a register ($ = value)
x/x $eip
View next four hex word values:
x/4x $eip
View next 100 strings at esp:
x/100s $esp
View string at address:
x/s 0x4005ec
View the assembly instruction at a register:
x/i $eip
View the next four instructions:
x/4i $eip
Next instruction:
nexti
ni
Print out stack:
x/wx $esp
x/4xw $sp # four hex words
x/1000xw $sp # 1000 hex words
Find a function address
info address foo
Misc
Intel syntax
set dis intel
GCC compile with debugging options for x86
gcc -g -m32 -o bof example.c
Show source if compiled with the -g flag
list
Generate core dump on segfault
ulimit -c unlimited