| set args | set arguments |
| show args | show arguments |
| Run (or gdb –args <program> <args...>) |
run with argument(if previous was set by "set args") |
| load | load the program |
| attach process-id (or gdb –pid <pid>) |
debug an already running process |
| detach | release the previous attached process |
| symbol-file filename | Read symbol table information from file filename |
| i threads | Display thread |
| i share | Print the names of the shared libraries which are currently loaded |
| c | continue |
| b | add breakpoint |
| w | add watchpoint |
| s | step |
| n | next |
| si | step instruction |
| info all-registers | show all registers |
| i r | same as info registers |
| i r rax | display register rax value (HEX) |
| p/x $rax | display register rax value (HEX) |
| p/d $rax | display register rax value (signed DEC) |
| p/u $rax | display register rax value (unsigned DEC) |
| p/t $rax | display register rax value (BIN) |
| p/f $rax | display register rax value (Floating point number) |
| p/c $rax | display register rax value (CHAR) |
| p/a $rip | display register rip value (ADDRESS) |
| x /i $pc | print next instruction to be executed |
| p *array@len | display array content |
| p/x (short[2])0x12345678 | display array content |
| x /256xb mem | examine memory, 256=repeat count, x=hex, {b=byte, h=2bytes,w=4bytes,g=8bytes} |
| set *((int *) mem) = value | set memory content (char, short, int, long, long long) |
| set *((char *) reg) = *((char *) reg) | 0x80 | set peripheral register bit |
| set *((char *) reg) = *((char *) reg) & (~0x80) | clear peripheral register bit |
| l filename:function | list the source in the filename:function |
| l function | list the source in function |
| l + | list more |
| l - | list less |
| bt | backtrace |
| f n | select frame number n |
| set $f00=*object_ptr | set convenience variable |
| show convenience | show convenience variable |
| source gdbscriptFile | load GDB script file |
| define print_vars p var1 p var2 end |
create GDB function |
| disas | view disassemble |
2017年3月10日星期五
Frequency Used GDB commands
BASH reference
#!/bin/bash #tells *nix BASH should be used to run it
Special Parameters
$# #Store the number of arguments passed from the command line
$1 #first parameter
$? #Store the exit status of the last executed command
$_ #Print the last argument of the previous command
$$ #Return the process ID of the shell
$! #Return the process ID of the last executed background process
${#var} #Number of characters in $var
${#array} #The length of the first element in the array.
${para} #same as $para. May be used for concatenating variables with strings.
${para-default},${para:-default} #if para not set, use default
${para=default},${para:=default} #if para not set, set it to default
${parameter+alt_value}, ${parameter:+alt_value} #If parameter set, use alt_value, else use null string.
${parameter?err_msg}, ${parameter:?err_msg}If parameter set, use it, else print err_msg and abort the script with an exit status of 1.
The : makes a difference only when parameter has been declared and is null
$* #* Expands to the positional parameters, starting from one. When the expansion occurs within double quotes, it expands to a single word with the value of each parameter separated by the first character of the IFS special variable. That is,
$@ #
For more details, please check:
http://tldp.org/LDP/abs/html/special-chars.html
[ is a synonym for test command. Even if it is built in to the shell it creates a new process.
[[ is a new improved version of it, which is a keyword, not a program.
Conditional Expression
[expr1 -ne expr2] #Return true if expr1 is not equal to expr2
[expr1 -eq expr2] #Return true if expr1 is equal to expr2
[expr1 -gt expr2] #Return true if expr1 is greater than expr2
[expr1 -ge expr2] #Return true if expr1 is greater than or equal to expr2
[expr1 -lt expr2] #Return true if expr1 is less than expr 2
[expr1 -le expr2] #Return true if expr1 is less than or equal to expr2
[-z expr] #Return true if the expression is null or empty
[expr =~ regular_expr] #Return true if the regular expression is matched.
[expr1 -a expr2],[expr1]&&[expr2] #Return true if both the expression is and
[expr1 -o expr2],[expr1]||[expr2] #Return true if either of the expr1 or expr2 is true
[-a filepath],[-e filePath] #Return true if file exists
[-f filepath] #Return true if it is file
[-d directory] #Return true if it is directory
[-L filepath],[-h filePath] #Return true if file is a symbolic link
[-S socket] #Return true if file exists and socket file
[-b filepath] #Return true if file is a block device
[-c filepath] #Return true if file is a char device
[-r filepath] #Return true if file is readable
[-w filepath] #Return true if file is writable
[-x filepath] #Return true if file is executable
[-u filepath] #Return true if SUID is set
[-g filepath] #Return true if SGID is set
[-k filepath] #Return true if sticky bit is set
[-s filepath] #Return true if file exists and has a size greater than 0
Number Notation
echo $((0xFFFF)) #Hex, Display 65535
echo $((032)) #Octal, Output 26
echo $((2#11111111)) #Binary, Output 255
Frequency Used Command
source filepath #executes the contents of a script in the current shell
Special Parameters
$# #Store the number of arguments passed from the command line
$1 #first parameter
$? #Store the exit status of the last executed command
$_ #Print the last argument of the previous command
$$ #Return the process ID of the shell
$! #Return the process ID of the last executed background process
${#var} #Number of characters in $var
${#array} #The length of the first element in the array.
${para} #same as $para. May be used for concatenating variables with strings.
${para-default},${para:-default} #if para not set, use default
${para=default},${para:=default} #if para not set, set it to default
${parameter+alt_value}, ${parameter:+alt_value} #If parameter set, use alt_value, else use null string.
${parameter?err_msg}, ${parameter:?err_msg}If parameter set, use it, else print err_msg and abort the script with an exit status of 1.
The : makes a difference only when parameter has been declared and is null
$* #* Expands to the positional parameters, starting from one. When the expansion occurs within double quotes, it expands to a single word with the value of each parameter separated by the first character of the IFS special variable. That is,
"$*" is equivalent to "$1c$2c...", where c
is the first character of the value of the IFS variable. If IFS is
unset, the parameters are separated by spaces. If IFS is null, the
parameters are joined without intervening separators.$@ #
@ Expands to the positional parameters, starting from
one. When the expansion occurs within double quotes, each parameter
expands to a separate word. That is, "$@" is equivalent to "$1" "$2"
... If the double-quoted expansion occurs within a word, the
expansion of the first parameter is joined with the beginning part
of the original word, and the expansion of the last parameter is joined
with the last part of the original word. When there are no positional
parameters, "$@" and $@ expand to nothing (i.e., they are removed).For more details, please check:
http://tldp.org/LDP/abs/html/special-chars.html
[ is a synonym for test command. Even if it is built in to the shell it creates a new process.
[[ is a new improved version of it, which is a keyword, not a program.
Conditional Expression
[expr1 -ne expr2] #Return true if expr1 is not equal to expr2
[expr1 -eq expr2] #Return true if expr1 is equal to expr2
[expr1 -gt expr2] #Return true if expr1 is greater than expr2
[expr1 -ge expr2] #Return true if expr1 is greater than or equal to expr2
[expr1 -lt expr2] #Return true if expr1 is less than expr 2
[expr1 -le expr2] #Return true if expr1 is less than or equal to expr2
[-z expr] #Return true if the expression is null or empty
[expr =~ regular_expr] #Return true if the regular expression is matched.
[expr1 -a expr2],[expr1]&&[expr2] #Return true if both the expression is and
[expr1 -o expr2],[expr1]||[expr2] #Return true if either of the expr1 or expr2 is true
[-a filepath],[-e filePath] #Return true if file exists
[-f filepath] #Return true if it is file
[-d directory] #Return true if it is directory
[-L filepath],[-h filePath] #Return true if file is a symbolic link
[-S socket] #Return true if file exists and socket file
[-b filepath] #Return true if file is a block device
[-c filepath] #Return true if file is a char device
[-r filepath] #Return true if file is readable
[-w filepath] #Return true if file is writable
[-x filepath] #Return true if file is executable
[-u filepath] #Return true if SUID is set
[-g filepath] #Return true if SGID is set
[-k filepath] #Return true if sticky bit is set
[-s filepath] #Return true if file exists and has a size greater than 0
Number Notation
echo $((0xFFFF)) #Hex, Display 65535
echo $((032)) #Octal, Output 26
echo $((2#11111111)) #Binary, Output 255
Frequency Used Command
source filepath #executes the contents of a script in the current shell
2017年3月7日星期二
What's inside initrd (x86_64)
1 File Only - GenuineIntel.bin
Suspect extraction failed.
Get the answer from stackexchange with few modification.
http://unix.stackexchange.com/questions/163346/why-is-it-that-my-initrd-only-has-one-directory-namely-kernel
Instead, do this:
Suspect extraction failed.
Get the answer from stackexchange with few modification.
http://unix.stackexchange.com/questions/163346/why-is-it-that-my-initrd-only-has-one-directory-namely-kernel
$file initrd.img
initrd.img: ASCII cpio archive (SVR4 with no CRC)
$mkdir initTree && cd initTree
$cpio -idv < ../initrd.img`-- kernel
`-- x86
`-- microcode
`-- GenuineIntel.binInstead, do this:
apt-get install binwalk
DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- 0 0x0 ASCII cpio archive (SVR4 with no CRC), file name: "kernel", file name length: "0x00000007", file size: "0x00000000" 120 0x78 ASCII cpio archive (SVR4 with no CRC), file name: "kernel/x86", file name length: "0x0000000B", file size: "0x00000000" 244 0xF4 ASCII cpio archive (SVR4 with no CRC), file name: "kernel/x86/microcode", file name length: "0x00000015", file size: "0x00000000" 376 0x178 ASCII cpio archive (SVR4 with no CRC), file name: "kernel/x86/microcode/GenuineIntel.bin", file name length: "0x0000002A", file size: "0x00005400" 22032 0x5610 ASCII cpio archive (SVR4 with no CRC), file name: "TRAILER!!!", file name length: "0x0000000B", file size: "0x00000000" 22528 0x5800 gzip compressed data, from Unix, last modified: 2017-03-06 14:00:21 10181078 0x9B59D6 MySQL ISAM index file Version 3
dd if=initrd.img bs=22528 skip=1 | gunzip | cpio -id 1778+1 records in 1778+1 records out 40073444 bytes (40 MB, 38 MiB) copied, 3.15216 s, 12.7 MB/s 209980 blocks
ls -l total 39208 drwxr-xr-x 2 yip yip 4096 Mar 7 21:36 bin drwxr-xr-x 3 yip yip 4096 Mar 7 21:36 conf drwxr-xr-x 10 yip yip 4096 Mar 7 21:36 etc -rwxr-xr-x 1 yip yip 6907 Mar 7 21:36 init -rw-r--r-- 1 yip yip 40095972 Mar 7 21:30 initrd.img drwxr-xr-x 9 yip yip 4096 Mar 7 21:36 lib drwxr-xr-x 2 yip yip 4096 Mar 7 21:36 lib64 drwxr-xr-x 2 yip yip 4096 Mar 7 21:36 run drwxr-xr-x 2 yip yip 4096 Mar 7 21:36 sbin drwxr-xr-x 7 yip yip 4096 Mar 7 21:36 scripts drwxr-xr-x 4 yip yip 4096 Mar 7 21:36 usr drwxr-xr-x 4 yip yip 4096 Mar 7 21:36 var
訂閱:
文章 (Atom)