Useful tips for gcc/gdb and assembly

If you are familiar with debugging under Windows, you may notice that gdb under linux has AT&T instead of intel asm syntax.

This can be changed using the command in gdb:

set disassembly-flavor intel

If you want to compile a c program to intel asm code, you can use the following syntax:

gcc test.c -S -o test.s -masm=intel

The -S switch generates assembly code instead of an executable.
To compile the code to an executable later on, run

gcc -gstabs test.s -o test

The gstabs switch is used to include debug symbols.

To turn off address space layout randomization use

sysctl -w kernel.randomize_va_space=0

as root.

Useful gdb commands:

start - Continues until the beginning of the main procedure

layout command for changing views! - Very useful
lay asm, lay src, lay reg
If you have no debug output compiled and you want to step through asm code use the stepi nexti commands!

Display the current instruction: x/i $pc
step - next instruction
break *address - break at an address where no source is available
x/50bx address - displays 50 bytes starting from address in x (hexadecimal), d is decimal, x/s displays a string

Also strace is a very useful command for monitoring system calls a program executes...
f.e.: strace -o strace_ls_output.txt ls

Tips for assembler in linux

nasm -o shellcd shellcd.s
to compile an assembler code snippet to binary code.
Example snippet:

pop esi
xor eax, eax
mov al,36
int 0x80
mov al,36
int 0x80
mov al, 88
mov ebx, 0xfee1dead
mov ecx, 672274793
mov edx, 0x1234567
int 0x80

To disassemble that snippet, use:
ndisasm -u ./shellcd

The -u switch uses 32bit mode...

The ldd command is helpful for checking which dependencies a library or an executable has.
Use it like: ldd name