Renaming
# rename a function
s <function_flag>
afvn [new_name]
# List local function variables
afv
# Rename variable
afvn [old_name] [new_name]
Telescoping stack view
pxr @ esp
Find symbols in libc
dmi libc system
Search for strings
/ /bin/sh @ <address>
Some GDB Debugging tricks as well
Inspect the stack
x/100b $esp
x/100s $esp
x/100x $esp
Disassemble some code:
disassemble main
Set a breakpoint:
break *0xcafebabe
Go to debug mode:
ctrl^x ctrl^a
layout asm
layout regs
An out of place Strace Command
To trace only file access:
strace -e trace=file ./utumno1.out testtest
Similarly for network, process, ipc or memory:
strace -e trace=network ./utumno1.out testtest
strace -e trace=process ./utumno1.out testtest
strace -e trace=ipc ./utumno1.out testtest
strace -e trace=memory ./utumno1.out testtest
This is very useful for reversing what a binary is doing when there’s no symbols and the debugger is failing us.
No comments :
Post a Comment