linux下使用gdb对php源码调试
linux下使用gdb进行php调试
调试了一些php的漏洞,记录一下大概的过程
安装编译php
sudo apt-get install -y autoconf libtool re2c libxml2-dev openssl libcurl4-openssl-dev libbz2-dev libjpeg-dev libpng12-dev libfreetype6-dev libldap2-dev libmcrypt-dev libmysqlclient-dev libxslt1-dev libxt-dev libpcre3-dev libxpm-dev libt1-dev libgmp-dev libpspell-dev librecode-dev libreadline6-dev bison libtidy-dev
sudo ln -s /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/
sudo ln -s /usr/lib/x86_64-linux-gnu/liblber.so /usr/lib/
sudo ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/include/gmp.h
./buildconf
./configure --enable-opcache --enable-fpm --enable-pdo --enable-sockets --enable-exif --enable-soap --enable-ftp --enable-wddx --enable-pcntl --enable-soap --enable-bcmath --enable-mbstring --enable-dba --enable-gd-native-ttf --enable-gd-jis-conv --enable-zip --enable-calendar --enable-shmop --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-mysqli --with-pdo-mysql --with-pdo-sqlite --with-iconv --with-gmp --with-pspell --with-gettext --with-xmlrpc --with-openssl --with-mhash --with-mcrypt --with-xsl --with-curl --with-pcre-regex --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-zlib-dir=/usr --with-xpm-dir=/usr --with-freetype-dir=/usr --with-gettext=/usr --with-zlib=/usr --with-bz2=/usr --with-recode=/usr --with-ldap --with-pear --with-readline --with-fpm-user=bigric3 --with-fpm-group=bigric3
make
sudo make install
验证安装:
leej@ubuntu:~$ php -v
PHP 7.0.0 (cli) (built: Jan 29 2018 19:58:16) ( NTS )
Copyright (c) 1997-2015 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2015 Zend Technologies
gdb的调试方法
1.设置命令行参数:
2.显示代码:list 简写l 可以指定行数(list 5,10)
3.layout:框框圈起来看代码
4.打印变量:print 简写p 加变量(print i)/info reg打印寄存器/
5.设置断点:b 行数或函数名
6.查看断点:info b
7.删除断点:d 断点号(info中的num)
8.运行:run 简写r
9.单步调试step over:n(ext)
10.单步调试step in:s(tep)
11.运行到断点处:c(ontinue)
确定上层php函数名在底层调用函数
leej@ubuntu:~/php/php-7.0.0$ nm sapi/cli/php|grep imagecreatefromgif
0000000001106fc0 d arginfo_imagecreatefromgif
00000000005b50b0 t zif_imagecreatefromgif
开始调试
略...
主要记录环境搭建,具体调试不同的cve,这部分自由发挥吧