Skip to content

Latest commit

 

History

History
54 lines (35 loc) · 1.44 KB

debugging-exploits.md

File metadata and controls

54 lines (35 loc) · 1.44 KB
description cover coverY
11/02/2023
-77.72575250836121

❌ Debugging Exploits

Introduction

Segfaults or other unexpected failed exploits?

Note: Your exploits are going to fail more than 90% of the time the first time you run them.

Debugging Exploits w/ Core Dumps via gdb

There are a few ways we can do this:

  1. ulimit -c unlimited
  2. Upon a segfault, a message will appear, (core dumped)
  3. Throw your core dump into gdb: gdb -c /var/lib/coredumps/dump_here

On Ubuntu, you will have to do things a little differently:

  1. ulimit -c unlimited
  2. sudo service apport start
  3. cd /var/lib/apport/coredump
  4. gdb -c core...

Debugging an exploit in gdb

Debugging Exploits Directly Within pwntools

Be sure when you are dealing with issues within your exploit script, that you are placing the following before the sending of your payload and before your interactive session:

gdb.attach(p)
pause()

For example:

gdb.attach(p)
pause()

p.sendline(payload)

p.interactive()

This will start up GDB server in a different window and allow you to interact with your binary within pwndbg.

Be sure to utilize c to continue through execution and si to step into functions as well as n to jump to the next instruction.