Fancy and Practical GDB Configs

Created On 09. May 2021

Updated: 2021-05-09 01:25:27.804776000 +0000

Created By: acidghost

Gdb is a great tool for reverse engineering as it comes for free on almost every Linux distro and has debugging and disassembly functionality. The default view is more suited for veteran reversers. Though those who are just starting or like something more fancy, might want to have something else additionally to the vanilla perspective. It's not just about the looks though. Sometimes we might need to launch multiple terminal instances or hook up another tool to gdb. The few methods I describe below might come in handy to achieve this.

1. Pwndbg, GEF, Peda, gdbgui

These all are gdb plugins that enhance its visual appearence. They all work similar with few exceptions. Which one to use is up to you as they all display by default the next instructions and modified registers which makes reversing easier. Pwndbg, GEF and Peda work quite similarly and the biggest difference is how they represent the information to user. However, because they are all built differently, some native gdb instructions are different for each one of them. Similarly, each of them has individual integrations with other 3rd party tools. Gdbgui is a browser UI version of gdb. For me personally it's not super appealing since I appreciate more the flexibility of the terminal version, but the idea is great and it also can be nicely added into the flow.

2. Tmux

Tmux is a terminal multiplexer that can be used to work with multiple virtual terminals. It can be very useful especially on headless servers or when sshing into an instance. There are also other tools such as screen, however tmux is quite versatile in itself and is often integrated for better workflow with other tools. How to use it see more here https://tmuxcheatsheet.com/

3. Tmux + Pwndbg

Some combinations work great together and this goes as well for tmux and pwndbg. Below is the view of a custom splitmind script which can be used to customize the pwndbg appearance when launched with tmux.

Configuration for the above can be found here.
I made a script that installs the whole config from scratch including tmux, pwndbg and includes the splitmind script in ~/.gdbinit (gdb config file). Feel free to execute or edit this bash script (tmux installation is for debian systems though) with chmod +x splitmind_config.sh then execute with ./splitmind_config.sh. To get to the view above first launch tmux and from there go into gdb. Enjoy! (special thanks to professor Zardus and Kanak on this one )

Section: Reverse Engineering