gdb
This is an old revision of the document!
Table of Contents
General
attach to running process without break:
gdb attach -ex cont -iex "set pagination off" $(pidof process_name)
set disassembly-flavor intel define hook-stop x/li $eip x/8wx $esp end
Print Command
show bytes pointed by register with offset:
x/16bx $rsi+0x42
print array with size as bytes in registers:
p/x *(char *)$rcx@$dx p/x (char[size]) *$rcx
Breakpoint
break on address:
b *<addr>
break at offset to function name:
b *(&func_name+<offset>)
b *(funcname+<offset>)
b *('class::method'+<offset>)
set conditional breakpoint:
break dlopen if strcmp(file, "libc.so") == 0
set logpoint:
break func_name commands silent printf "msg: %d\n", *($rdi+0x34) cont end
View Memory
gdb.1715072430.txt.gz · Last modified: by A User Not Logged in