PwnDBG

debugging a process

how to get started

att 1234          # attach to running process 1234
b 0x1337          # break at address 1337
break *(main)     # break at the first instruction in main()
break *(main+12)  # break at the address 12 bytes after main
c                 # continue until next breakpoint/end program
si                # step by a single instruction
fin               # go until end of current function

 

examining & modifying data

changing the flow of the application

x 0x1337        # examine at 0x1337
x/20wx 0x1337   # examine 20 words from 0x1337
x/s 0x1337      # examine string at 0x1337
set $reg=value  # set register = value ie: set $ebx=1
set *(int *)($ebp + 0xX)=value # set a local variable
jump *(0x1234)  # jump to 0x1234 (e.g. start executing there)
jump *(main)    # jump to main