How-To: GDB

gdb is the most commonly used debugger. The base installation is super user-friendly and offers a rich feature set. It is also very easy to extend with plugins.

Nearly every challenge dissected in this guide used gdb, with a few exceptions.

gdb has a LOT of features. This guide covers the ones that are most commonly used in everyday settings. If you want to read more, check out this summary guide.

Installation

Installation of gdb is extremely simple:

pip install gdb

To extend its feature set, we will also install the gdb-gef extension. More information can be found here. GEF allows live previews of the instruction set, the registers, and the stack. This allows us to easily do a dynamic analysis of the binary.

To install GEF, use the following command:

$ bash -c "$(wget https://gef.blah.cat/sh -O -)"

Other plugins out there are equally effective. Notable plugins are pwndbg and peda.

They all offer very similar feature sets. I personally like GEF the best, but feel free to use whichever one you like. Read this article if you want to install more than one and build a local version manager.

Usage

We run gdb on the binary that we want to analyze. The plugin will automatically run when we run the binary.

gdb <binary>

NextStatic Analysis

Last updated 1 year ago