My personal notes on debugging

notes-on-debugging.md

Debugging

On Windows

• WinDbg - Can be used as a user-mode or kernel-mode debugger, but not both at the same time.

• HyperDbg - Kernel/User Modes

Microsoft Symbols

This path causes the debugging tool to load required debugging symbols from the Internet symbol server.

srv*c:\symbols*http://msdl.microsoft.com/download/symbols

On Linux

• GDB

Quick most used commands list

(gdb) file <filename>
(gdb) break *_start
(gdb) run
(gdb) info registers
(gdb) disassemble
(gdb) stepi
(gdb) info break
(gdb) delete <breakpoint number>
(gdb) break *<memory address>
(gdb) break *_start+<offset>
(gdb) disassemble <function label>
(gdb) print $rax
(gdb) print /d $rax
(gdb) print /x $rax
(gdb) print /t $rax
(gdb) print /c $rax
(gdb) print /f $rax
(gdb) print /d (long long) <quadword label>
(gdb) print /d *(int*) $rax
(gdb) print /d *0x0000000000402000
(gdb) print /s *0x0000000000402000
(gdb) print /i *0x0000000000402000
(gdb) x/d 0x0000000000402000
(gdb) x/s 0x0000000000402000
(gdb) x/i 0x0000000000402000

GDB Command Input From File / Automation

For example: Starting gdb with a break at the program entry point.

Create a file

input.gdb

set confirm off
starti

Run GDB / Execute the input from file

gdb -x input.gdb <program>

See also: https://sourceware.org/gdb/current/onlinedocs/gdb.html

GDB TUI (Text User Interface)

gdb -tui <program>

(gdb) layout regs

GDB Dashboard

• https://github.com/cyrus-and/gdb-dashboard

Install to the home directory

wget -P ~ https://github.com/cyrus-and/gdb-dashboard/raw/master/.gdbinit

Python

• PUDB - Console based