GDB / pwndbg Quick Reference
============================

STARTING
  gdb ./binary                   Start debugging
  gdb -q ./binary                Quiet mode
  gdb -p PID                     Attach to process
  gdb -args ./binary arg1 arg2   With arguments

RUNNING
  r / run                        Start program
  r < input.txt                  With stdin from file
  c / continue                   Continue execution
  n / next                       Step over
  s / step                       Step into
  ni / si                        Next/step instruction
  finish                         Run until return
  kill                           Kill program

BREAKPOINTS
  b main                         Break at function
  b *0x401000                    Break at address
  b file.c:42                    Break at line
  b *main+50                     Break at offset
  info b                         List breakpoints
  delete N                       Delete breakpoint N
  disable N                      Disable breakpoint
  enable N                       Enable breakpoint
  watch *0x601000                Watchpoint (break on write)

EXAMINING
  x/10x $rsp                    10 hex words from RSP
  x/20i $rip                    20 instructions from RIP
  x/s addr                      String at address
  x/10gx addr                   10 giant (64-bit) hex values
  x/10wx addr                   10 word (32-bit) hex values
  x/10bx addr                   10 bytes hex

  p $rax                        Print register
  p/x $rax                      Print in hex
  p (int)$rax                   Print as int
  info reg                      All registers

MEMORY
  vmmap                          Memory map (pwndbg)
  search -s "flag"               Search memory for string
  search -x 4141                 Search for hex pattern

STACK
  bt / backtrace                 Call stack
  frame N                        Switch frame
  info frame                     Frame details

PWNDBG SPECIFIC
  checksec                       Security mitigations
  got                            GOT entries
  plt                            PLT entries
  heap                           Heap overview
  bins                           Heap bins
  telescope 20                   Smart stack view
  cyclic 200                     Generate pattern
  cyclic -l 0x41414141           Find pattern offset
  rop                            ROP gadgets
  canary                         Show stack canary
  libc                           Libc base address

SET VALUES
  set $rax = 0                   Set register
  set *(int*)0x601000 = 42       Set memory
  set args "AAAA"                Set arguments

COMMON CTF PATTERNS
  # Find buffer overflow offset
  cyclic 200 > pattern.txt
  r < pattern.txt
  # After crash:
  cyclic -l $rsp

  # Bypass check
  b *check_password
  r
  set $rax = 1
  c
