martes, julio 15, 2008

gdb seek macros

I have coded some basic but useful gdb macros for searching strings and addresses.

get it here:my .gdbinit

Here is a bzip2 compressed mpeg video: demo

with this macros, $base in your gdb by default is 0x08048000

(gdb) gob --> execute step by step until get in a 0x0804**** addr (or other $base)

(gdb) seek $base "hello" --> seek hello from $base to $base+0xffff
$1 = "found:"
$2 = 0x8048480
$3 = "found:"
$4 = 0x8049480
$5 = "found:"
$6 = 0x804a008

(gdb) seekRef $base 0x8048480 --> Seek addreses who point to 0x8048386 address
--> in this case ptrs that point to "hello" address
$7 = "found"
$8 = 0x80485a0
$9 = "found"
$10 = 0x80495a0

(gdb) seekRef $base 0x80485a0 --> let's
(gdb) seekRef $base 0x80495a0
$11 = "found"
$12 = 0x8048386
$13 = "found"
$14 = 0x8049386

NOTE: the macros can be stoped with ^C, they don't stop at first occurrence.
TODO: Identify sections (by now can be done manually with (gdb)main info sect)