## Assembly 1. Invoke syscall `int    0x80` . Check from `man syscall` 2. To strip a binary **gcc -s <binary_name>** ## gdb ## pwndgb ### Commands 1. `aslr` -> Inspect or modify ASLR status 2. `checksec` -> Prints out the binary security settings using `checksec` 3. `elfheader` -> Prints the section mappings contained in the ELF header. 4. `hexdump` -> Hexdumps data at the specified address (or at `$sp`). 5. `main` -> GDBINIT compatibility alias for `main` command. 6. `nearpc` -> Disassemble near a specified address. 7. `nextcall` -> Breaks at the next call instruction. 8. `nextjmp` or ``nextjump``-> Breaks at the next jump instruction. 9. `nextret` -> Breaks at next return-like instruction. 10. `nextsc` or `nextsyscall`-> Breaks at the next syscall not taking branches. 11. `pdisass` -> Compatibility layer for PEDA's pdisass command. 12. `procinfo` -> Display information about the running process. 13. `regs` -> Print out all registers and enhance the information. 14. `stack` -> Print dereferences on stack data. 15. `search` -> Search memory for bytes, strings, pointers, and integers. 16. `telescope` -> Recursively dereferences pointers. 17. `vmmap` -> Print virtual memory map pages 18. The output of the context may be redirected to a file (including other tty) by using `set context-output /path/to/file` while leaving other output in place. 19. An expression can be added via the `contextwatch` command (aliased `ctx-watch` and `cwatch`). 20. Alternatively one can provide an arbitrary gdb command to be executed and the result printed in the context by using the optional `cmd` parameter with the value `execute` 21. Examine 15 instructions from an address -> `x/15i 0x<address>` 22. `gdb-pwndbg ./crackme0x00 core` will display the core 23. `vmmap` -> See the map of virtual memory