Difference between revisions of "Command line GDB"

From Klaus' wiki
Jump to: navigation, search
 
Line 1: Line 1:
 +
I've come across this '''gdb''' cheatsheet. I find it helpful when performing command line debugging.
 +
 
===Start gdb===
 
===Start gdb===
  

Latest revision as of 12:00, 25 May 2016

I've come across this gdb cheatsheet. I find it helpful when performing command line debugging.

Start gdb

Open a program in gdb:

$ gdb ./my_proggie

Open a program in gdb with a core dump:

$ gdb ./my_proggie core

Open a program in gdb and attach to PID:

$ gdb ./my_proggie 15835

Open a program in gdb and execute all gdb commands in commands.gdb:

$ gdb -X commands.gdb ./my_proggie

gdb commands in ./.gdbinit is usually always executed

gdb commands i ~/.gdbinit is usually always executed

gdb set up

Use intel style disassembly:

$ set disassembly-flavor intel

If a program fork wrong follow the child process:

$ set follow-fork-mode child

Allow auto load of .gdbinit from all paths:

$ set auto-load safe-path /

Execute program

Execute the program:

$ r

Execute the program with arguments:

$ r hello world

Execute the program with more complex arguments:

$ r $(python -c "print 'A' * 200 + '\xef\xbe\xad\xde'")

Execute the program with stdin from a file:

$ r < some_file

Kill the running program:

$ k

Execute a shell command:

$ shell cyclic 50

Read memory

Disassemble 10 instructions from a specific address:

$ x/10i 0x08048956

Disassemble 10 instructions from current line:

$ x/10i $eip

Dump a string from a specific address:

$ x/s 0x080492d4

Dump 10 hex words (4 byte integers) from a specific address:

$ x/10xw 0x080492d4

Dump 10 hex words from the stack:

$ x/10xw $esp

Dump 100 hex bytes from a specific address:

$ x/100xb 0x080492d4

Dump 2 hex words relative to register:

$ x/2xw $ebp - 0x8

Read or change register

Read register:

$ i r eax ebx eip esp

Change content of register:

$ set $eax = 0

Breakpoints

Set breakpoint on a specific address:

$ b *0x080485ec

Set conditional breakpoint on a specific address:

$ b *0x080485ec if $eax == 0

List breakpoints:

$ i b

Delete breakpoint number 3:

$ d 3

Execute gdb commandos when a breakpoint is hit:

$ b *0x080487cf
commands
    set $eax = 0
    continue
end

Step one instruction:

$ si

Step one instruction without following subroutine call (Step over):

$ ni

Continue execution:

$ c


Thanks to

Robert Larsen www.the-playground.dk