Description
GDB (GNU Debugger) enhanced with pwndbg or GEF (GDB Enhanced Features) plugins. Essential for binary exploitation, CTF challenges, and exploit development with enhanced visualization and helper commands.
Installation
BASH
# GDB
sudo apt install gdb
# pwndbg (recommended)
git clone https://github.com/pwndbg/pwndbg && cd pwndbg && ./setup.sh
# GEF (alternative)
bash -c "$(curl -fsSL https://gef.blah.cat/sh)"Basic Usage
BASH
# Debug binary
gdb ./binary
# pwndbg commands
pwndbg> run
pwndbg> break main
pwndbg> continue
pwndbg> ni # Next instruction
pwndbg> si # Step into
pwndbg> info registers # Show registers
pwndbg> x/20x $rsp # Examine stack
pwndbg> vmmap # Memory mapAdvanced Usage
BASH
# Find gadgets (ROP)
pwndbg> rop # Search ROP gadgets
pwndbg> rop --grep "pop rdi"
# Pattern for BOF offset
pwndbg> cyclic 200 # Generate pattern
pwndbg> cyclic -l 0x41416141 # Find offset
# Heap analysis
pwndbg> heap # Show heap chunks
pwndbg> bins # Show free bins
pwndbg> vis_heap_chunks # Visualize heap
# Attach to process
gdb -p <PID>
# Core dump analysis
gdb binary core
# Set follow-fork-mode
pwndbg> set follow-fork-mode childCommon Workflows
BASH
# Buffer overflow exploit dev
gdb ./vulnerable
break main
run $(python3 -c "print('A'*200)")
# Check crash: info registers, x/20x $rsp
# Find offset: cyclic / cyclic -l
# Build exploit with pwntools