Hexcellents CTF Wiki

Peda setup and usage


You can download peda using:

git clone https://github.com/longld/peda

To set it up add the following to your ~/.gdbinit file and then run gdb as usual:

# Source all settings from the peda dir
source ~/peda/peda.py
# These are other settings I have found useful
# Intel syntax is more readable
set disassembly-flavor intel
# When inspecting large portions of code the scrollbar works better than 'less'
set pagination off
# Keep a history of all the commands typed. Search is possible using ctrl-r
set history save on
set history filename ~/.gdb_history
set history size 32768
set history expansion on

Making the following modification to ~/peda/lib/config.py is also recommended:

-    "debug"     : ("off", "show detail error of peda commands, e.g: on|off"),
+    "debug"     : ("on", "show detail error of peda commands, e.g: on|off"),

General usage and features

  • The list of commands can be read by typing peda
  • Peda has wrappers over many gdb commands
  • Here is disas versus pdisas:
  • There are three commands to show context:
    • context reg for the registers and flags
    • context code for disassembling around the current instruction pointer
    • context stack for examining the stack
  • There is also a command for all at once: context all that is run by default whenever a breakpoint is hit:
  • As you can see, there is a lot of information available. Note that the addresses are color coded according to their origin: code/data/rodata
  • Peda also features smart dereferencing (telescoping)
  • Getting information about an address or register can be done with xinfo. The origin of the mapping is searched from another command: vmmaps
  • Displaying all strings in the address space is done using strings
  • Searching for specific strings can be done with find
  • Sometimes you need to find a pointer to a specific string. You can use refsearch
  • Searching for specific instructions or chains of instructions is done using asmsearch (although it's not always accurate)

Exploit/ Reverse Engineering specifics

  • Process info and security
  • ROP gadgets
  • Tracing calls
  • Tracing individual instructions: Peda can also infer the arguments to functions or the operands for comparisons and display them
  • Creating exploit patterns and searching for them in memory and registers

More info

  • There are many more features in peda apart from the ones described above (shellcode downloading, exploit generation, python script generation from the payload). For everything else check out the source code.
  • You can also view the following resources from its authors:
kb/toolset/peda.txt ยท Last modified: 2013/10/08 09:03 by rcaragea
[unknown link type]Back to top