gdb cheatsheet

101

Getting addresses - use p

(gdb) p &buf1
$6 = (char (*)[64]) 0x404080 <buf1>

Examining memory - use x/[size][format][unit_size] start_addr. https://sourceware.org/gdb/current/onlinedocs/gdb/Memory.html#Memory

(gdb) x/64 0x404040

source: https://stackoverflow.com/questions/32345320/get-return-address-gdb Finding return address, break on function you want to return to e.g. br main. Then, run get the frame info with info frame.


Stack level 0, frame at 0x7fffffff95e0:
 rip = 0x4010a0 in main (loophole.c:51); saved rip = 0x7ffff7e26780
 source language c.
 Arglist at 0x7fffffff95d0, args: 
 Locals at 0x7fffffff95d0, Previous frame's sp is 0x7fffffff95e0
 Saved registers:
  rip at 0x7fffffff95d8

Compilation

-g for debug symbols.

Exploits

gcc -g -O0 -Wno-stack-protector -no-pie -z execstack loophole.c -o loophole

2022-04-13