Command line GDB
Contents
Start gdb
Open a program in gdb:
$ gdb ./my_proggie
Open a program in gdb with a core dump:
$ gdb ./my_proggie core
Open a program in gdb and attach to PID:
$ gdb ./my_proggie 15835
Open a program in gdb and execute all gdb commands in commands.gdb:
$ gdb -X commands.gdb ./my_proggie
gdb commands in ./.gdbinit is usually always executed
gdb commands i ~/.gdbinit is usually always executed
gdb set up
Use intel style disassembly:
$ set disassembly-flavor intel
If a program fork wrong follow the child process:
$ set follow-fork-mode child
Allow auto load of .gdbinit from all paths:
$ set auto-load safe-path /
Execute program
Execute the program:
$ r
Execute the program with arguments:
$ r hello world
Execute the program with more complex arguments:
$ r $(python -c "print 'A' * 200 + '\xef\xbe\xad\xde'")
Execute the program with stdin from a file:
$ r < some_file
Kille the running program:
$ k
Execute a shell command:
$ shell cyclic 50
Read memory
Disassemble 10 instructions from a specific address:
$ x/10i 0x08048956
Disassemble 10 instructions from current line:
$ x/10i $eip
Dump a string from a specific address:
$ x/s 0x080492d4
Dump 10 hex words (4 byte integers) from a specific address:
$ x/10xw 0x080492d4
Dump 10 hex words from the stack:
$ x/10xw $esp
Dump 100 hex bytes from a specific address:
$ x/100xb 0x080492d4
Dump 2 hex words relative to register:
$ x/2xw $ebp - 0x8
Read or change register
Read register:
$ i r eax ebx eip esp
Change content of register:
$ set $eax = 0
Breakpoints
Set breakpoint on a specific address:
$ b *0x080485ec
Set conditional breakpoint on a specific address:
$ b *0x080485ec if $eax == 0
List breakpoints:
$ i b
Delete breakpoint number 3:
$ d 3
Execute gdb commandos when a breakpoint is hit:
$ b *0x080487cf commands
set $eax = 0 continue
end
Step one instruction:
$ si
Step one instruction without following subroutine call (Step over):
$ ni
Continue execution:
$ c
Thanks to
Robert Larsen www.the-playground.dk