All Questions
29 questions
1
vote
1
answer
670
views
What to do next when you get core backtrace pointing to libc?
So, I messed up and want to know why... and turns out, I have a coredump to tell me why. But the coredump tells me,
Program terminated with signal SIGABRT, Aborted
(gdb) bt
#0 0x00007f4e36c08c0c in ...
0
votes
1
answer
380
views
The libc function "system" does not get linked in the executable produced by GCC even after using the static flag
I am new to systems programming. I was just trying to implement the ret2libc attack on my own. To implement that, I need the address of the start of the libc function "system" in the ...
- 665
0
votes
0
answers
589
views
"printf.c: no such file or directory" when gdb an assembly code from Professional Assembly Language Chapter04
I've compiled cpuid2.s to cpuid2.o by as cpuid2.s -o cpuid2.o -gstabs
Firstly I linked it by ld -o cpuid2 cpuid2.o -lc but
a message says ./cpuid2:no such file or directory when I executed it
(which ...
- 23
2
votes
1
answer
2k
views
Unable to open 'libc-start.c'
I'm trying to debug my C code in vscode, and I'm having some problems.
I'm using ubuntu and have gcc and gdb debugger installed. when I start debugging my code and reach to a line with `printf` or `...
- 66
3
votes
0
answers
4k
views
how to install debug info for libc?
ADD : This link (https://stackoverflow.com/a/48287761/2554472) had the answer for my question (Mark Plotnick's answer). Different title, duplicate answer.
I'm using ddd(with gdb) to analyze a program(...
- 5,859
0
votes
0
answers
572
views
gdb hangs when starting debug of 32-bit ARM assembly with dynamic linked libc
I am running Ubuntu 20.04 32-bit server on a Raspberry Pi4 (armv7l architecture with Cortex-A72). I have a simple program, return.s as follows:
.section .text
.global _start
_start: ...
- 2,210
1
vote
1
answer
958
views
loading libc's symbols into gdb
I'm debugging a binary with an older libc version than my system's one (I have libc-2.31, I'm running 2.24). I execute gdb with the LD_LIBRARY_PATH and it works like a charm, but I cannot load any ...
- 139
2
votes
0
answers
2k
views
Ret2LibC: system() argument "/bin/sh" throws error
I'm trying to perform a Ret2LibC attack. My buffer to return address offset is 24 bytes. Therefore the first 24 bytes of my "bad file" are AA, and I overwrite the return address in th next 4 ...
2
votes
1
answer
1k
views
ret2libc attack doesn't spawn shell
I performed ret2libc.Everything worked fine but the shell is not spawned.The source code is
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
void get()
{
char buf[10];
...
- 53
1
vote
1
answer
2k
views
GDB: Debug program that is started with LD_LIBRARY_PATH/LD_PRELOAD
I have the following setup that I try to debug. I could not find anything using the search, so I hope that someone here is able to guide me how I can do the following:
I have a binary that is ...
- 873
13
votes
1
answer
5k
views
Why do program-level constructors get called by `__libc_csu_init` but destructors don't get called by `__libc_csu_fini`?
Here's a simple program:
void __attribute__ ((constructor)) dumb_constructor(){}
void __attribute__ ((destructor)) dumb_destructor(){}
int main() {}
I compile it with the following flags:
g++ -O0 ...
- 3,938
17
votes
1
answer
2k
views
Why is the address of __libc_start_main always the same inside GDB even though ASLR is on?
Breakpoint 1, 0x00007ffff7de8060 in __libc_start_main () from /usr/lib/libc.so.6
(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /...
- 5,212
2
votes
1
answer
2k
views
../sysdeps/i386/i686/multiarch/strcpy.c: No such file or directory
I'm trying to debug a program with gdb and when I set a breakpoint and continue on the strcpy() function. I get the following response:
frinto@kali:~/Documents/theclang/programs/helloworld$ gcc -fno-...
user10199821
3
votes
1
answer
6k
views
gdb/ddd can't find raise.c when debugging assert(), it is looking in my home directory
I use gdb (ddd) to debug my C/C++ projects.
Whenever an assert fails, I can debug the program as normal and backtrace to the assert which failed, but first I get an annoying popup
I assume raise.c ...
- 33.2k
12
votes
1
answer
12k
views
Why gdb cannot find ../sysdeps/unix/sysv/linux/ifaddrs.c
I have libc6 & libc6-dbg installed.
(gdb) b
reak freeifaddrs
(gdb) run
Breakpoint 1, __freeifaddrs (ifa=0xa822e0) at ../sysdeps/unix/sysv/linux/ifaddrs.c:840
840 ../sysdeps/unix/sysv/linux/...
- 21.7k
2
votes
3
answers
3k
views
How to debug standard c library functions like printf?
I wanted to debug printf function, so when I step inside the printf function (gdb debugger) it showed me this:
__printf (format=0x80484d0 " my name is Adam") at printf.c:28
28 printf.c: No such file ...
- 33
0
votes
1
answer
1k
views
Debug when thread is stuck in syscall 32bit program on 64 bit host
I have a problem where one or more threads lock each other. I dont know what going on there. The debugger cannot break (thread 1), breaks but cannot get a backtrace (thread 2+5) or shows the backtrace ...
- 1,725
3
votes
0
answers
3k
views
x64 Ubuntu buffer overflow hacking with return to libc method
I tried buffer overflow with return to libc along https://blog.techorganic.com/2015/04/21/64-bit-linux-stack-smashing-tutorial-part-2/ this site.
But I get error
__libc_system (line=0x7ffff7b9a58b "...
- 596
2
votes
2
answers
10k
views
Where would I find specific function addresses in libc object files?
I am trying to find the address of a function in libc.
I know I can do something like this in C:
printf("%x", (int) system);
But I don't know if that gives me the base address of the system ...
- 2,225
4
votes
2
answers
710
views
gdb core dump can not see any symbols after "sudo apt-get install libc6-dbg"
I am trying to debug a program in Ubuntu 12.04(x86_64) LTS with core dump file. At the beginning, the "bt" command is ok, just like below
(gdb) bt
#0 0x00007f3b38e3f425 in raise () from /lib/x86_64-...
- 43
15
votes
1
answer
31k
views
Need to load debugging symbols for shared library in GDB
I am using GDB to debug a program that uses libpthread. There is an error
happening in pthread_create and need to step into that function. Unfortunately when I am debugging my program, it does not ...
- 366
6
votes
1
answer
4k
views
Set a breakpoint into LibC with gdb
Why I cannot set a breakpoint (using gdb) in an exported function within LibC? As being Libc dynamically linked, it must contains the symbols of the functions it exports. Shouldn't I be able to set a ...
- 767
5
votes
1
answer
1k
views
memcpy backtrace no symbols available
I don't know why I can't see this backtrace. The symbols from my own binary are loaded, and the package libc6-dbg is installed. Do I need to tell gdb where to find the libc symbols?
Program received ...
- 9,363
3
votes
1
answer
11k
views
GDB debugging warnings
When I try to debug my core-dump via gdb either in Qt or directly from terminal, it gives me bunches of warnings like below. Therefore my backtrace is not working properly.
warning: Unable to find ...
- 125
2
votes
1
answer
5k
views
Can't print errno in gdb, complains about missing shared library, but it exists
When debugging my application, if I break in GDB and try to print errno, even from inside a function that checks errno, I get the following error from GDB:
(gdb) print errno
Cannot find shared ...
- 21.5k
1
vote
1
answer
2k
views
Statically linking system libraries, libc, pthreads, to aid in debugging
I am trying to avoid the situation described in this Stackoverflow entry: Debugging core files generated on a Customer's box. If I compile all the libraries statically will I avoid having to ...
- 1,321
8
votes
1
answer
3k
views
Setting a watchpoint on errno in gdb
I'm trying to find out when errno changes.
At first, I tried "watch errno" in gdb, which led to the error
Cannot find thread-local variables on this target
I was able to fix this by compiling with ...
- 924
75
votes
2
answers
74k
views
How to use debug version of libc
Short version of question:
How can I get gdb to use the debugging symbols for libc?
Longer version:
I am debugging a program with gdb and I want to see information about a futex used by libc. However, ...
- 10k
1
vote
3
answers
2k
views
return to libc works in gdb but not when running alone
I am trying return to libc trick with the following simple code:
#define SYSTEM_CALL_ADDR 0xb7ec5e50 /*my system call addr*/
#define EXIT_CALL_ADDR 0xb7ebbb80 /*my exit call addr*/
char shell[] = ...
- 1,537