gdb
This is an old revision of the document!
Table of Contents
General
attach to running process without break:
gdb attach -ex cont -iex "set pagination off" $(pidof process_name)
set disassembly-flavor intel define hook-stop x/li $eip x/8wx $esp end
Print Command
show bytes pointed by register with offset:
x/16bx $rsi+0x42
print array with size as bytes in registers:
p/x *(char *)$rcx@$dx p/x (char[size]) *$rcx
Breakpoint
break on address:
b *0xdeadbeef
break at offset to function name:
b *(&func_name+0xbeef)
b *(funcname+0xbeef)
b *('class::method'+0xbeef)
set conditional breakpoint:
break dlopen if strcmp(file, "libc.so") == 0
set logpoint:
break func_name commands silent printf "msg: %d\n", *($rdi+0xbeef) cont end
gdb.1715073961.txt.gz · Last modified: by A User Not Logged in