91 lines
4.7 KiB
Plaintext
91 lines
4.7 KiB
Plaintext
= PROGRAMS
|
|
|
|
+-------------------------------------------------------------------------------+
|
|
| program | flags | args | description |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| rabin2 | -Ss | ./bof.elf | get symbol information |
|
|
| | | | like function addresses |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| r2 | -wAAf | ./bof.elf | analyze a binary (static) |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| cat | | ./bof.s | read the contents of the |
|
|
| | | | source file |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| objdump | -d | ./bof.elf | disassemble a binary |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| grep | -e | string | grab text where a string |
|
|
| | | | occurs, non case sensitive |
|
|
+---------------|---------------|---------------|-------------------------------|
|
|
| curl | | url | get an http response from |
|
|
| | | | from the provided url and |
|
|
| | | | output to stdout or a file |
|
|
| | | | via the --output=file flag |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| printf | | string | print the provided string |
|
|
+---------------|---------------|---------------|-------------------------------+
|
|
| chmod | +x | ./bof.elf | add execute permission |
|
|
+---------------|---------------|---------------|-------------------------------|
|
|
| lldb | | ./bof.elf | execute the program to debug |
|
|
+-------------------------------------------------------------------------------+
|
|
|
|
= UTILITIES
|
|
|
|
+-------------------------------------------------------------------------------+
|
|
| characters (s) | format | use case |
|
|
+-----------------------|-----------------------|-------------------------------+
|
|
| | (pipe) | cmd1 | cmd2 | "pipe" the output from cmd1 |
|
|
| | | into input for cmd2 |
|
|
+-----------------------|-----------------------|-------------------------------+
|
|
| ./ | ./<file> | execute a LOCAL (accessable |
|
|
| | | from the current working |
|
|
| | | directory) file. |
|
|
+-------------------------------------------------------------------------------+
|
|
|
|
= DEBUGGER COMMANDS (LLDB)
|
|
|
|
+-------------------------------------------------------------------------------+
|
|
| command | subcommand | modifier | argument | description |
|
|
+---------------|---------------|---------------|---------------|---------------+
|
|
| break | set | -a | <address> | set a break- |
|
|
| | | | | point at an |
|
|
| | | | | address |
|
|
+---------------|---------------|---------------|---------------|---------------|
|
|
| run | | | | run the |
|
|
| | | | | program |
|
|
+---------------|---------------|---------------|---------------|---------------+
|
|
| step | | | | step forward |
|
|
+---------------|---------------|---------------|---------------|---------------|
|
|
| disas | | | | disassemble |
|
|
+---------------|---------------|---------------|---------------|---------------|
|
|
| x/40xw | | | $<register> | display memory|
|
|
| | | | | of 40 "words" |
|
|
| | | | | in hex of a |
|
|
| | | | | register |
|
|
+-------------------------------------------------------------------------------+
|
|
|
|
= X64 REGISTERS
|
|
|
|
+-------------------------------------------------------------------------------+
|
|
| name | description | subs |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rax | general purpose, typically return values here | eax,ax,al,ah |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rbx | base register | ebx,bx,bl,bh |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rcx | counter register, used in loops to count, etc | ecx,cx,cl,ch |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rdx | general purpose / data register | edx,dx,dl,dh |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rsi | source for data copies | esi,si,sl |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rdi | destination register | edi,di,dl |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rbp | base pointer, typically resets at frame | ebp,bp,bpl |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| rsp | stack pointer (think: the stack) | esp,sp,spl |
|
|
+---------------|-----------------------------------------------|---------------+
|
|
| r8-r15 | general purpose | r8d-r15d, |
|
|
| | | r8w-r15w, |
|
|
| | | r8b, r15b |
|
|
+-------------------------------------------------------------------------------+
|