0

When dealing with linux binaries, I like IDA as my static analysis tool and gdb as my debugger. However I have not found an effective way to integrate the two with each other.

To give an example, let's say I want to place a breakpoint. I will find the place in IDA. Then I will switch from graph to text mode, copy the instruction's address, switch to another window where gdb is running, enter in "b *0x", paste, and then I have my breakpoint. If PIE is enabled the process is worse. This is cumbersome. Furthermore, when stepping in gdb I don't have all the names or comments I've declared in IDA.

Is there a better way to deal with this synchronization?

TorbenB
  • 39
  • 1
  • 4
  • To be clear, I don't want to switch to IDA's own debugger instead – TorbenB Feb 11 '16 at 20:36
  • You can use the GDB debugger in IDA and use the GDB prompt from inside IDA if you feel more comfortable. This is the best option. Any other option, will be a hack or a workaround. – joxeankoret Feb 12 '16 at 10:03
  • I don't mind a hack if it works. – TorbenB Feb 12 '16 at 20:02
  • Have you tried https://www.hex-rays.com/products/ida/support/idadoc/1335.shtml and https://www.hex-rays.com/products/ida/support/idadoc/1343.shtml ? – Vitaly Osipov Feb 12 '16 at 20:50
  • @VitalyOsipov yes, see my comment below on the problem with this (or am I missing something?) – TorbenB Feb 12 '16 at 22:20
  • 1
    In that case, you will need to develop your own hack because of your own, uhm, reasons, by yourself. I don't think anybody was so "decided" not to use a thing just because. – joxeankoret Feb 12 '16 at 23:33
  • @joxeankoret My preference for a specific debugger is well founded and not "just because". The reasons are beyond the scope of this question. – TorbenB Feb 13 '16 at 00:33
  • @joxeankoret he stated he prefers to use the gdb interface in his question, no need to be rude about it. – ekse Feb 13 '16 at 23:50
  • @TorbenB good luck. – Vitaly Osipov Feb 16 '16 at 20:45

1 Answers1

0

As suggested by joxeankoret, try using the "Remote GDB Debugger" backend in IDA. It's quite simple to setup, debug your program with gdbserver and connect to it with IDA.

ekse
  • 2,208
  • 13
  • 19
  • @joxeankoret As I said, I want to use gdb, not IDA's own debugger. This link should show why they are different: http://reverseengineering.stackexchange.com/questions/6127/can-i-send-gdb-command-from-ida-debugger-to-gdbserver attaching to a gdbserver means I can't use the usual gdb commands, which is what I want. – TorbenB Feb 12 '16 at 19:55
  • That's unfortunate, I thought the gdb commandline in IDA worked in the same fashion as the WinDbg one. Unfortunately I don't have a solution in that case. – ekse Feb 13 '16 at 23:49