gef command documentation

hugsy · Jun 14, 2021 · 2ed2373 · 2ed2373
1 parent 0f7a5e5
commit 2ed2373
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/docs/commands.md b/docs/commands.md
@@ -22,6 +22,7 @@ improve it.
 |entry-break               | Tries to find best entry point and sets a temporary breakpoint on it. (alias: start-break)|
 |format-string-helper      | Exploitable format-string helper: this command will set up specific breakpoints at well-known dangerous functions (printf, snprintf, etc.), and check if the pointer holding the format string is writable, and  susceptible to format string attacks if an attacker can control its content. (alias: fmtstr-helper)|
 |functions                 | List the convenience functions provided by GEF.|
+|gef                       | Lists GEF commands and their descriptions
 |gef-remote                | gef wrapper for the `target remote` command. This command will automatically download the target binary in the local temporary directory (defaut /tmp) and then source it. Additionally, it will fetch all the /proc/PID/maps and loads all its information.|
 |heap                      | Base command to get information about the Glibc heap structure.|
 |heap-analysis-helper      | Tracks dynamic heap allocation through malloc/free to try to detect heap vulnerabilities.|

diff --git a/docs/commands/gef.md b/docs/commands/gef.md
@@ -0,0 +1,15 @@
+## Command gef ##
+
+Displays a list of GEF commands and their descriptions.
+
+```
+gef➤  gef                                                                             
+─────────────────────────────────── GEF - GDB Enhanced Features ───────────────────────────────────
+$                         -- SmartEval: Smart eval (vague approach to mimic WinDBG `?`).
+aslr                      -- View/modify the ASLR setting of GDB. By default, GDB will disable ASLR when it starts the process. (i.e. not
+                             attached). This command allows to change that setting.   
+assemble                  -- Inline code assemble. Architecture can be set in GEF runtime config (default x86-32).  (alias: asm)
+bincompare                -- BincompareCommand: compare an binary file with the memory position looking for badchars.
+bytearray                 -- BytearrayCommand: Generate a bytearray to be compared with possible badchars.
+[snip]
+```