Difference between revisions of "Gdb"

From Linuxintro
imported>ThorstenStaerk
imported>ThorstenStaerk
 
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
gdb allows you to debug Linux programs.
+
gdb is a [[command]] that allows you to debug Linux [[programs]].
  
 
= Notable functions =
 
= Notable functions =
 
  info functions
 
  info functions
 +
disassemble
 
  finish
 
  finish
 
  break
 
  break
Line 11: Line 12:
  
 
== Allow starting vlc as root ==
 
== Allow starting vlc as root ==
 +
Main article: [[run vlc as root]].
 +
 
[[vlc]] always exits when I call it as root. Here is how I change this behavior:
 
[[vlc]] always exits when I call it as root. Here is how I change this behavior:
 
  [[gdb]] /usr/bin/vlc
 
  [[gdb]] /usr/bin/vlc
Line 49: Line 52:
 
  [...]
 
  [...]
 
Wow, it seems as if 4010fe calls geteuid, 401103 prepares a conditional jump and 401105 jumps if equal somewhere. So we call a [[hexeditor]]:
 
Wow, it seems as if 4010fe calls geteuid, 401103 prepares a conditional jump and 401105 jumps if equal somewhere. So we call a [[hexeditor]]:
  /opt/kde3/bin/khexedit /usr/bin/vlc
+
  okteta /usr/bin/vlc
 
and replace  
 
and replace  
 
  0f 84 04 06 00 00
 
  0f 84 04 06 00 00
Line 55: Line 58:
 
  90 90 90 90 90 90
 
  90 90 90 90 90 90
 
When calling vlc now as root, it does not abort :)
 
When calling vlc now as root, it does not abort :)
 +
 +
Also, once the following worked:
 +
sed -<abbr title="in-place edit in the file">i</abbr><abbr title="extended regular expressions">r</abbr> "s/\x0f\x84..../\x90\x90\x90\x90\x90\x90/g" vlc
 +
 +
== debugging hello world ==
 +
<pre>
 +
thorsten@ubuntu:~$ cat hello.c
 +
#include <stdio.h>
 +
int main()
 +
{
 +
  printf("hello world");
 +
}
 +
thorsten@ubuntu:~$ gcc hello.c
 +
thorsten@ubuntu:~$ # 0x1160 has the call to printf
 +
thorsten@ubuntu:~$ gdb a.out
 +
GNU gdb (Ubuntu 8.3-0ubuntu1) 8.3
 +
Copyright (C) 2019 Free Software Foundation, Inc.
 +
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
 +
This is free software: you are free to change and redistribute it.
 +
There is NO WARRANTY, to the extent permitted by law.
 +
Type "show copying" and "show warranty" for details.
 +
This GDB was configured as "x86_64-linux-gnu".
 +
Type "show configuration" for configuration details.
 +
For bug reporting instructions, please see:
 +
<http://www.gnu.org/software/gdb/bugs/>.
 +
Find the GDB manual and other documentation resources online at:
 +
    <http://www.gnu.org/software/gdb/documentation/>.
 +
 +
For help, type "help".
 +
Type "apropos word" to search for commands related to "word"...
 +
Reading symbols from a.out...
 +
(No debugging symbols found in a.out)
 +
(gdb) break main
 +
Breakpoint 1 at 0x1149
 +
(gdb) break 0x1160
 +
Function "0x1160" not defined.
 +
Make breakpoint pending on future shared library load? (y or [n])
 +
(gdb) run
 +
Starting program: /home/thorsten/a.out
 +
 +
Breakpoint 1, 0x0000555555555149 in main ()
 +
</pre>
 +
Now let's print register eax
 +
<pre>
 +
(gdb) display $eax
 +
1: $eax = 1431654729
 +
(gdb) continue
 +
Continuing.
 +
hello world[Inferior 1 (process 7954) exited normally]
 +
(gdb)
 +
</pre>
  
 
= See also =
 
= See also =
Line 60: Line 114:
 
* [[strace]] -- show syscalls from a running process
 
* [[strace]] -- show syscalls from a running process
 
* [[hexeditors]]
 
* [[hexeditors]]
 +
* http://try-linux.blogspot.de/2013/02/run-vlc-as-root.html
 +
 +
[[Category:Geeky]]
 +
[[Category:Command]]

Latest revision as of 12:33, 19 January 2020

gdb is a command that allows you to debug Linux programs.

Notable functions

info functions
disassemble
finish
break
run 
continue

Example

Allow starting vlc as root

Main article: run vlc as root.

vlc always exits when I call it as root. Here is how I change this behavior:

gdb /usr/bin/vlc
(gdb) info functions
All defined functions:

Non-debugging symbols:
[...]
0x0000000000400f40  geteuid
[...]

Let's break in the function to get the effective user identity:

(gdb) break geteuid
Breakpoint 1 at 0x400f40

Let's start the program to run till the first breakpoint:

(gdb) run
Starting program: /usr/bin/vlc 

Breakpoint 1, 0x00007ffff71cfc70 in geteuid () from /lib64/libc.so.6

ok, let's trace the program one command at a time:

(gdb) stepi
0x00007ffff71cfc75 in geteuid () from /lib64/libc.so.6
(gdb) stepi
0x00007ffff71cfc77 in geteuid () from /lib64/libc.so.6
(gdb) 
0x0000000000401103 in ?? ()
(gdb) 
0x0000000000401105 in ?? ()
(gdb) 

Ok, let's look at this program part with a disassembler:

objdump -d -M intel /usr/bin/vlc
[...]
 4010f9:       e8 32 0a 00 00          call   401b30 <unsetenv>
 4010fe:       e8 3d fe ff ff          call   400f40 <geteuid@plt>
 401103:       85 c0                   test   eax,eax
 401105:       0f 84 04 06 00 00       je     40170f <fflush@plt+0x66f>
 40110b:       be ca 1f 40 00          mov    esi,0x401fca
 401110:       bf 06 00 00 00          mov    edi,0x6
[...]

Wow, it seems as if 4010fe calls geteuid, 401103 prepares a conditional jump and 401105 jumps if equal somewhere. So we call a hexeditor:

okteta /usr/bin/vlc

and replace

0f 84 04 06 00 00

by some instructions to wait:

90 90 90 90 90 90

When calling vlc now as root, it does not abort :)

Also, once the following worked:

sed -ir "s/\x0f\x84..../\x90\x90\x90\x90\x90\x90/g" vlc

debugging hello world

thorsten@ubuntu:~$ cat hello.c
#include <stdio.h>
int main()
{
  printf("hello world");
}
thorsten@ubuntu:~$ gcc hello.c
thorsten@ubuntu:~$ # 0x1160 has the call to printf
thorsten@ubuntu:~$ gdb a.out 
GNU gdb (Ubuntu 8.3-0ubuntu1) 8.3
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from a.out...
(No debugging symbols found in a.out)
(gdb) break main
Breakpoint 1 at 0x1149
(gdb) break 0x1160
Function "0x1160" not defined.
Make breakpoint pending on future shared library load? (y or [n]) 
(gdb) run
Starting program: /home/thorsten/a.out 

Breakpoint 1, 0x0000555555555149 in main ()

Now let's print register eax

(gdb) display $eax
1: $eax = 1431654729
(gdb) continue
Continuing.
hello world[Inferior 1 (process 7954) exited normally]
(gdb) 

See also