Pablo Guides

# Advanced gdb Techniques for Penetration Testing

## Introduction

The GNU Debugger (gdb) is a powerful tool that allows developers and security professionals to gain insights into the execution of programs. It can be particularly useful for penetration testers when analyzing binaries, discovering vulnerabilities, and understanding program behavior. In this section, we will go through the installation and configuration of gdb on Kali Linux, step-by-step usage, real-world use cases, and provide detailed technical explanations to help you leverage gdb effectively in your pentesting endeavors.

## Installation and Configuration on Kali Linux

Kali Linux comes pre-installed with gdb, but it’s always good to ensure you have the latest version. Here’s how to check and, if necessary, install or upgrade gdb.

### Step 1: Check if gdb is Installed

Open a terminal in Kali Linux and run the following command:

"`bash
gdb –version
"`

This command will display the installed version of gdb. If it’s not installed, you’ll see an error message.

### Step 2: Install or Upgrade gdb

To install gdb or upgrade to the latest version, use the following commands:

"`bash
sudo apt update
sudo apt install gdb
"`

### Step 3: Basic Configuration

After installing gdb, you may want to configure it for your specific needs. To do this, create a `.gdbinit` file in your home directory:

"`bash
touch ~/.gdbinit
"`

You can add custom commands that will be run every time gdb starts. For example, you might want to automatically set certain breakpoints, load specific scripts, or configure output formatting.

Here’s a small example to get you started. Open `.gdbinit` in an editor:

"`bash
nano ~/.gdbinit
"`

Add the following lines:

"`gdb
set pagination off
set print frame-args on
set print pretty on
"`

These configurations will disable pagination, print frame arguments, and enable pretty printing for structures.

## Step-by-Step Usage of gdb

Let’s dive into some practical usage of gdb. We will cover basic commands and progressively move to more complex operations, as well as real-world use cases.

### Basic gdb Command Structure

1. **Starting gdb**: You can start debugging a program by typing:

   gdb 

 

2. **Running the Program**: Once inside gdb, you can run the program using the `run` or `r` command.

[/dm_code_snippet]gdb
(gdb) run
[/dm_code_snippet]

3. **Setting Breakpoints**: To pause execution at a specific line or function, set a breakpoint.

[/dm_code_snippet]gdb
(gdb) break
[/dm_code_snippet]

or

[/dm_code_snippet]gdb
(gdb) break [/dm_code_snippet]

4. **Stepping Through Code**: Use `next` to execute the next line or `step` to step into functions.

[/dm_code_snippet]gdb
(gdb) next # Execute next line
(gdb) step # Step into function
[/dm_code_snippet]

5. **Examining Memory and Variables**: You can inspect variables using the `print` command.

[/dm_code_snippet]gdb
(gdb) print
[/dm_code_snippet]

6. **Continuing Execution**: Use the `continue` command to resume execution until the next breakpoint.

[/dm_code_snippet]gdb
(gdb) continue
[/dm_code_snippet]

7. **Exiting gdb**: To exit gdb, use the `quit` command.

[/dm_code_snippet]gdb
(gdb) quit
[/dm_code_snippet]

### Real-World Use Cases of gdb

#### Use Case 1: Examining Segmentation Faults

Segmentation faults are common vulnerabilities. You can use gdb to analyze why a program crashes.

1. Compile your C program with debugging symbols:

   gcc -g -o segfault_example segfault_example.c

 

2. Run gdb:

   gdb ./segfault_example

 

3. Run the program until it crashes:

[/dm_code_snippet]gdb
(gdb) run
[/dm_code_snippet]

4. When it crashes, gdb will display the location of the fault. Use:

[/dm_code_snippet]gdb
(gdb) backtrace
[/dm_code_snippet]

This command shows the function call stack at the time of the crash, which can aid in identifying vulnerabilities.

#### Use Case 2: Analyzing Buffer Overflows

Buffer overflow vulnerabilities can be analyzed using gdb. Here’s how:

1. Create a C program that deliberately has a buffer overflow vulnerability. For example:

[/dm_code_snippet]c
#include
#include

void vulnerable_function(char *input) {
char buffer[50];
strcpy(buffer, input); // Vulnerable line
}

int main(int argc, char **argv) {
if (argc > 1) {
vulnerable_function(argv[1]);
}
return 0;
}
[/dm_code_snippet]

2. Compile the program with debugging symbols:

   gcc -g -o overflow_example overflow_example.c

 

3. Start gdb:

   gdb ./overflow_example

 

4. Run the program with an oversized input to trigger the overflow:

[/dm_code_snippet]gdb
(gdb) run `python -c "print 'A' * 100"`
[/dm_code_snippet]

5. Use `backtrace` to analyze the state when the overflow occurred.

### Advanced gdb Techniques

#### Conditional Breakpoints

You can set breakpoints that only trigger under certain conditions. For example:

"`gdb
(gdb) break vulnerable_function if strcmp(input, "trigger") == 0
"`

This breakpoint will only activate if the input is "trigger."

#### Watching Variables

To watch changes in a variable, use the `watch` command:

"`gdb
(gdb) watch
"`

#### Using gdb with Python

gdb can also be extended using Python scripts for more complex analysis. Here is a simple example of how to use Python within gdb.

1. Enable Python support in gdb:

"`gdb
(gdb) set python print-stack full
"`

2. Create a Python script to automate analysis tasks.

Here is an example of a Python script that prints all function names:

"`python
import gdb

class FunctionPrinter(gdb.Command):
"""Print all functions in the current program."""
def __init__(self):
super(FunctionPrinter, self).__init__("print_funcs", gdb.COMMAND_USER)

def invoke(self, arg):
print("Functions in the current program:")
gdb.execute("info functions")

FunctionPrinter()
"`

Save this script as `print_funcs.py` and load it in gdb:

"`gdb
(gdb) source print_funcs.py
(gdb) print_funcs
"`

## Conclusion

gdb is an indispensable tool for penetration testers. It allows for in-depth analysis of binaries, revealing insights that can assist in identifying vulnerabilities. By mastering gdb, you enhance your ability to conduct effective pentesting and fortify your skills in the field of cybersecurity.

As you continue to explore the capabilities of gdb, remember to refer to the official documentation and community resources for advanced techniques.

For further reading and resources, check out:

– [GNU Debugger Documentation](https://sourceware.org/gdb/)
– [Kali Linux Tools: gdb](https://www.kali.org/tools/gdb)
– [Buffer Overflow Tutorial](https://www.imperva.com/learn/application-security/buffer-overflow/)

Keep practicing, and happy debugging!

Made by pablo rotem / פבלו רותם