Tool: pwndbg/gdb #
Description #
gdb is a debugger that allows you to inspect a program during runtime. pwndbg is an extension on top of gdb for easy exploit development.
pwndbg/gdb have a number of amazing features and commands, but some core commands include:
- starti: start the program and stop at the first instruction
- run: run the program
- break main: stop at the main function
- break *0x400412: stop at address 0x400412
- break *main+84: stop in the main function at offset 84
- delete 1: delete the first breakpoint
- c: (continue) after stopping
- si: execute a single line of assembly
- n: (next) execute a statement
- x/s 0x404000: print the string at address 0x404000
- x/8x 0x7ffcbe6a9000: print 8 bytes of hex at address
- p 0x404040-0x303030: print the result
- stack 20: print the first 20 stack entries
- help x: print the help for examine
Lastly you can open pwndbg at any point from a python script simply by calling:
pwn.gdb.attach(p)
Example #
#include <stdio.h>
#include <string.h>
// gcc -no-pie -fno-stack-protector -g -o chal chal.c
void func1() {
char buffer1[8];
puts("Tell me something interesting:");
gets(buffer1);
puts(buffer1);
}
int main() {
long first = 13;
char second[16] = "hello world!";
long third = 0xdeadbeef;
puts("hi, what is your name:");
gets(second);
func1();
}