As the first class of system security, We studied on usage of GDB. After finishing the description about GDB, We had the time of experimentation.
For the practice, you can join and download the file including two flags at http://cafe.naver.com/artofthings/2063.
1. Introduction Running GDB Experimentation
Usage of GDB
th!nkh@ck-hackartist
cafe.thinkhack.org
December 19, 2014
2. Introduction Running GDB Experimentation
1 Introduction
Introduction to GDB
2 Running GDB
Starting GDB
Listing Codes
Debugging
Listing Functions and Variables
Breaking Points
Monitoring Registers
Watching Values
Dumping Stack
3 Experimentation
Analysing a Program
Solving the Program
3. Introduction Running GDB Experimentation
Introduction to GDB
Introduction to GDB
What is GDB?
GNU Project debugger
Supports for Ada, C, C++, Objective-C, Pascal and many
other languages
The latest version is 7.8.1 of GDB
Mac OS X uses modification version of GDB
Features of GDB
Supports for various architectures (Such as ARM, MIPS, i386,
etc.)
Supports for instructions; SSE, AVX, AVX2 MPX, etc.
Various instructions is supported on various architectures
Including all the functionalities of GUI debuggers
4. Introduction Running GDB Experimentation
Starting GDB
Starting GDB
Debugging a program without any parameters
gdb [options] filename
gdb learn-gdb
Debugging a program with parameters
gdb [options] –args filename arg1 arg2 ...
gdb –args learn-gdb -r
5. Introduction Running GDB Experimentation
Listing Codes
Listing Codes
Listing All the codes
(gdb) list {line number}
(gdb) list 1
Listing a specific function
(gdb) list {function name}
(gdb) list main
6. Introduction Running GDB Experimentation
Debugging
Debugging
Starting a program
(gdb) run
(gdb) r
Debugging a program
(gdb) continue
(gdb) next
(gdb) nexti
(gdb) step
(gdb) stepi
7. Introduction Running GDB Experimentation
Listing Functions and Variables
Listing Functions and Variables
Listing all functions
(gdb) info functions
(gdb) i func
Disassembling a function
(gdb) disass {function name}
(gdb) disass main
Listing global/static variables
(gdb) info variables
(gdb) i var
8. Introduction Running GDB Experimentation
Breaking Points
Breaking Points
Breaking a function
(gdb) break {function name}
(gbd) b main
Breaking a specific address
(gdb) break *{address}
(gdb) b *0x100000af0
Listing breakpoints
(gdb) info breakpoints
(gdb) i b
9. Introduction Running GDB Experimentation
Monitoring Registers
Monitoring Registers
Seeing all registers
(gdb) info registers
(gdb) i r
Seeing a specific register
(gdb) info register ${a specific register}
(gdb) i r $rax
11. Introduction Running GDB Experimentation
Dumping Stack
Dumping Stack
Dumping stack
We can use “x” command with some parameter. In parameters,
count of memeory we want to see, printed radix and unit will be
required.
Usage of “x”
(gdb) x/{count}{radix}{unit} {address}
(gdb) x/4xw
12. Introduction Running GDB Experimentation
Analysing a Program
Analysing a Program
Problem
Find flag string in the binary files
http://wctf.thinkhack.org
Hints
The binary file performs part of AES encryption
The total of rounds consists of 10 rounds
There are three key functions.