LLDB
LLDB¶
https://rderik.com/blog/using-lldb-for-reverse-engineering/
Read Registers:
(lldb) register read
General Purpose Registers:
rax = 0x0000000100000f50 a.out`main
rbx = 0x0000000000000000
rcx = 0x00007ffeefbfe000
rdx = 0x00007ffeefbfdc18
rdi = 0x0000000000000001
rsi = 0x00007ffeefbfdc08
rbp = 0x00007ffeefbfdbf8
rsp = 0x00007ffeefbfdbe8
r8 = 0x0000000000000000
r9 = 0x0000000000000000
r10 = 0x0000000000000000
r11 = 0x0000000000000000
r12 = 0x0000000000000000
r13 = 0x0000000000000000
r14 = 0x0000000000000000
r15 = 0x0000000000000000
rip = 0x0000000100000f50 a.out`main
rflags = 0x0000000000000246
cs = 0x000000000000002b
fs = 0x0000000000000000
gs = 0x0000000000000000
(lldb) register read rsp
rsp = 0x00007ffeefbfdbe8
Read Memory Addresses:
(lldb) x/10w -l 1 $rsp
0x7ffeefbfdbe8: 0x6e44f7fd
0x7ffeefbfdbec: 0x00007fff
0x7ffeefbfdbf0: 0x6e44f7fd
0x7ffeefbfdbf4: 0x00007fff
0x7ffeefbfdbf8: 0x00000000
0x7ffeefbfdbfc: 0x00000000
0x7ffeefbfdc00: 0x00000001
0x7ffeefbfdc04: 0x00000000
0x7ffeefbfdc08: 0xefbfe088
0x7ffeefbfdc0c: 0x00007ffe