GDB tutorials - debug/disassemble C programs using gdb In Linux - Part 1

Namaste hackers,




Today, In this tutorial I am going to show you how we can debug programs using gdb in linux. if you want to learn exploitation, reverse programming, debugging of programs then friends, this tutorial is definitely very important for you. so, let's quickly start our today's topic.

Introduction


What is GDB?


Ans. Basically,  GDB is a Debuger program come pre-install in many *nix like systems. GDB provides the facilities to perform different types of function during execution of the targeted program that actually helps the user to analyze the program operations and also help the programmer to find problems in programs. With sharp knowledge of GDB and CPU hardware, any user can easily understand Compiled program execution function and various functions performed by the program.


Before starting our tutorial, I will suggest you to quickly install gdb-peda. This is one type of gdb extension that add extra facilities in gdb user interface.


To Quickly install it in Linux Just Open Your Terminal And Type Below Commands.
git clone https://github.com/longld/peda.git ~/peda
echo "source ~/peda/peda.py" >> ~/.gdbinit
echo "DONE! debug your program with gdb and enjoy"


Now, let's quickly take a look how exactly gdb works.

here, its a piece of code in C language. What we are going to do? we will try to analyze this code in gdb.

So, let's quickly move ahead with our sample code.

gdb_tutorial_script.c

// including header files
#include <stdio.h> 


#define SIZE 3



// ask user name function
void second_function()
{
 char buffer[SIZE];

 printf("Enter Your Name Here : \n");
 scanf("%s", buffer);
 printf("Hello %s, Nice To Meet You! Friend\n", buffer); 

}

// creating main function
int main()
{
 second_function();
 return 0;
}


Compile it with gdb argument.

Please Note During Compilation, we have to pass -g argument in GCC compiler. This argument basically embeds source file information into the binary file that helps gdb debugger to understand binary file for clearly.

gcc -ggdb -o GDB_SCRIPT gdb_tutorial_script.c 

Now, its Time to Run GDB.

In Terminal Type :

            gdb executable_file_path

For Example, In My Case, I Typed In Terminal:

:~# gdb GDB_SCRIPT



This command will simply open gdb interactive shell. As you can see in above image. gdb shell going to look like this if you also using Ubuntu and gdb-peda. Basically, This interactive shell works similarly like IPython Shell Or Normal Python Shell. To perform any operation with the provided file, we just need to enter function name with required argument and this interactive shell will do it automatically. So, let's move ahead to basic command usages of gdb.




Usage: list [Line_Number]


This command basically Just provide the source codes in the output of compiled binary file only if you used -g argument during compilation in GCC compiler.

For Example:

 list 1







Usage: break [Line_Number]


One Of the Best Facilities of gdb debugger is the breakpoint function. basically, with the help of this function, a user can easily stop program execution in a particular instruction of code. For Example, If I want to stop program execution at line 24. I Just need to Type in Gdb interactive shell:

 break 24







Usage: gdb-peda run


As its name suggesting, run command basically executes the binary file in control environment of gdb debugger. as you can see in below images, I just type run in the shell, and my program executes until it hit the breakpoint. At the break, point program stops its execution and wait for user input for future operations.

 run


I hope you all are noticing colorful output printed on the screen, basically, These output representing the current status of CPU components and memory like register table representing the status of various CPU registers, disassemble table representing function disassembly information and at the end, stack table representing information about stack memory layout.



Usage : step [N] (Default N = 1)


Basically, Step command means to run the program until it reaches a different source line. and Argument N means step N times (or till program stops for another reason). In Simple Words, With the help of step command, after performing the run function we can execute every single or multi-instruction of the binary program in a controlled way. For Example, after performing the run command, the program hit its breakpoint and stop its execution so I type s to perform only one next instruction.

s







Usage : info [argument]


 Information command provides us different types of informative data information required to understand the operation execution correctly. In the simple word with Information, command user can check and get different types of gdb program execution environment information. For Example, after performing various information of binary file but now, in the middle of execution, I want to see the status of registers. so, I have to do, is just type info register in gdb shell.

 info registers





let's take another example. Now, I want to see the memory status of stack memory. so, what I have to do, is to just type info stack command in gdb shell.

 info stack





As you can see in above image here, it is stack memory status.



Usage : disassemble [ Function_Name ]


Another Useful function of gdb debugger is the disasseble command. as its name suggesting, this command helps in disassembling of provide function assembler codes. like if we want to disassemble main function. we just need to type :

 disassemble main



So, As you can see in above post, with disassemble command we can easily see assemble code of functions.


Usage: help


Help Command provides us the List of the class of commands.

 help



As you can see in above images, gdb shell prints a list of classes. now, another question arises how we can explore these help classes. well for this you just need to type help and the name of the class.

For Example

Usage : help [Sub_Class]


 help status



Well, With the help of help and info command you can easily find various function of gdb easily. The Command also going to help in usages of various function.

Usage: Continue


After Hitting breakpoint if we want to run instruction, we call continue command. Continue program being debugged, after signal or breakpoint. If proceeding from breakpoint, a number N may be used as an argument, which means to set the ignore count of that breakpoint to N - 1 (so that
the breakpoint won't break until the Nth time it is reached).


 c






Usage: quit


At The End, Quit command hehehe, I think it is not necessary to explain quit command because you all know it well.

 quit




This tutorial ends here.
I Hope you all enjoyed this Tutorial,
If you all like this tutorial and want more gdb tutorial.
comment below


Have a nice day.

Written By:
                 SSB



Share this

Related Posts

Previous
Next Post »