All Questions
33
questions
1
vote
2
answers
590
views
Adding debug symbols with GDB
In CTFs when I'm given some ELF file, it usually wasn't compiled with the -g flag. Is there a way to to somehow edit the file to make it be as if the ELF file was originally compiled with the -g flag?
...
- 141
3
votes
1
answer
390
views
How can I verify section -> segment mapping for ELFs on linux?
I'm looking at at ELF on linux and I have readelf --segments ./myELF which shows:
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR ...
- 1,870
5
votes
0
answers
337
views
What utilities allow you to debug a process without pausing execution?
I was just reading this answer on StackOverflow, "How can you debug a process using gdb without pausing it?"
The Linux kernel provides some support for this via PTRACE_SEIZE, but gdb doesn'...
- 1,789
0
votes
1
answer
679
views
Debugging Windows applications on Linux: Hardware watchpoints and backtracing in IDA not working and winedbg hardware watchpoints borderline unusable?
As in the title. Maybe someone has any experience with this. It's a significant impediment when trying to debug Windows applications on Linux. I find hardware watchpoints, in particular, to be ...
- 115
1
vote
2
answers
999
views
Run a python in command (kali) with "run" on gdb-peda$
While debugging a program under gdb with gdb-peda installed, I need to pass args to the binary using output from something like python.
Why I am not getting AAAAA?
gdb-peda$ b doSomthing
gdb-peda$ run ...
- 21
1
vote
0
answers
31
views
Using rbreak without import functions
While debugging with GDB I want to break for each function and print the PC register.
rbreak .
define hook-stop
i r $PC
c
end
The problem is that is stop on functions that imported like printf ...
1
vote
1
answer
3k
views
How can I find out the size of heap allocations?
While I debug with GDB I see the address of a buffer that's located on the heap.
How can I know what is the size of this buffer? Or where (in the code) this buffer was originally allocated?
When I ...
2
votes
0
answers
638
views
Passing a String into a Function With GDB
So, I have a function with the prototype according to GDB:
{std::string (std::string)} 0x56027729e545
<function(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator&...
- 21
1
vote
0
answers
84
views
Handle Ioctl call while running with qemu
I am using qemu to emulate a binary like this
qemu -strace XXXXX .
I saw that the first 2 system calls of this process were TCGETS to stdin and stdout. From man pages
Get and set terminal attributes
...
- 21
3
votes
1
answer
2k
views
ELF binary injection
I am currently working on an ELF-injector and my approach is standard: find code cave (long enough sequence of 0's), rewrite it with the instructions I want to execute and then jump back to the start ...
1
vote
1
answer
580
views
Edit IDA signal handler
In Ida Pro while debugging linux process with gdbserver I got window that show than SIGTRAP has been arrived, I choose to pass it to application.
How can I edit that choose now? I want to ignore this ...
- 11
0
votes
1
answer
227
views
Debug process that use /dev/watchdog
I want to debug a process with gdb into Linux system, but the problem is that process pings /dev/watchdog so when I tried to debug it, it stop the process for longer than the watchdog interval so the ...
1
vote
2
answers
313
views
Is address in program can change
I talking about linux arch.
When I open program in Ida (statically ) I can see all instructions address like 0x20da mov r8 r2
When I want use that address to breakpoint (for example with ptrace or ...
1
vote
1
answer
186
views
How can I debug open source C code for Linux?
I want to debug & reverse engineer open source code such as this project. I usually use CLion to write and debug C code on Linux. I've also used GDB. What steps do I need to take to download a ...
- 1,870
2
votes
1
answer
943
views
Reverse getline(cin, text)
I'm trying to solve a crackme that was made in C++, and I was able to
"recreate" a function call, through the library calls the program made. Here's the piece of code that I'm trying to reverse:
...
- 89