Page cover
githubEdit

knife-kitchenGDB

GNU Debugger

chevron-rightConfigurationhashtag
GDB Enhanced Features (GEF)
bash -c "$(curl -fsSL https://gef.blah.cat/sh)"
circle-info

Pwntools

p = process('./garbage')
gdb.attach(p)
chevron-rightBasic Commandshashtag
chevron-rightInitial Analysishashtag
circle-info

Check Binary Protections

  • NX ENABLED β†’ Need ret2libc or ROP (no shellcode on stack)

  • CANARY β†’ Can't overflow return address directly

  • PIE ENABLED β†’ Addresses change every run (harder exploitation)

  • ASLR β†’ Library addresses randomize

circle-info

View Memory Layout

What to look for:

  • Stack permissions

  • libc base address

  • Executable regions

circle-info

Disassemble Main Functions

What to look for:

  • Calls to dangerous functions

  • Buffer allocations

  • Function calls and their arguments

chevron-rightFinding String Constants in Binary Comparisonshashtag
circle-info

The Pattern to Look For

circle-info

Dynamic Analysis

  • If you want to see the comparison in action:

  • When breakpoint hits, examine the arguments:

chevron-rightSkip Illegal instructions by patching UD2 with NOPhashtag
  • Keep going: patch β†’ continue β†’ patch β†’ continue

  • Once all ud2s are patched, program runs without crashes

Last updated