HOWTO+-+gdb+disassembly

Some useful commands before we dive to gdb
Get a list of symbols by using the command nm code format="smallexample" nm -D my_prog code

Disassemble the whole file by using objdump: code format="smallexample" objdump -M intel -s -h -D my_prog > ~/my_prog.asm code

Use VI as a hex editor code format="smallexample" vi prog_exec
 * %!xxd # Switches from binary to Hex mode. You can do modifications in the hex mode if you want.
 * %!xxd -r # Switches from Hex to binary mode. You can save the file if you did any modification in the hex mode.

code

GDB
First copy the file in ~/.gdbinit. Find the most recent version of the file here: https://gist.github.com/CocoaBeans/1879270

Then run your program with: code format="smallexample" gdb --args my_prog -prog_args code

To add a breakpoint, use the following gdb command code format="smallexample" (gdb) > break # The is a symbol from the list you got from the nm command code

If "nm" (look at the useful commands in the beginning) did not return any symbols run the "info file" command to get the memory address of the starting point ( http://felix.abecassis.me/2012/08/gdb-debugging-stripped-binaries/): code format="smallexample" (gdb) info file Symbols from "my_prog". Local exec file: `my_prog', file type elf32-i386. Entry point: 0x8048350 code

And later, with GDB we can add a breakpoint on a memory address like this: code format="smallexample" (gdb) b *0x8048350 Breakpoint 1 at 0x8048350 (gdb) run Starting program: my_prog

Breakpoint 1, 0x08048350 in ?? code

Some useful gdb dissambly commands
info registers info all-registers info registers regname …

print the program counter in hex with code format="smallexample" p/x $pc

code print the instruction to be executed next with code format="smallexample" x/i $pc code

or add four to the stack pointer[|9] with code format="smallexample" set $sp += 4 code

or just set the value of eax to 5 code format="smallexample" set $eax = 5 code

Move to the next command code format="smallexample" stepi (si) nexti (ni) code

Write binary to memory: code format="smallexample" set *(unsigned char*)0x80FFDDEE = 0x90 # To change the mnemonic at that address to a NOP for example. code