Debugging is an important part of determining why an operating system (OS), application or program is misbehaving....
A debugger is a tool that can help with this process by identifying coding errors at various stages of the OS, application or program development. Debuggers are useful for a large number of IT professionals who can use them to make their jobs easier and streamline the task of identifying and resolving problems quickly and more efficiently. Remote debugging techniques are especially important for enterprises that rely on cloud services, platforms and infrastructure.
Who benefits from debuggers?
The first group of IT professionals who can benefit from debuggers are programmers. Debuggers provide programmers with a way to quickly identify why the program they are developing has errors. Programmers usually use different print statements, which requires program recompilation every time a new one is added to the code. After the debugging is done, every print statement needs to be removed from the program. At least one print statement could be missed or forgotten during the removal process, causing different nuisances later on. Knowing the necessary debugging techniques can help programmers find errors in the code quickly by setting breakpoints and stopping the program at any point without any print statements altogether. Additionally, when a debugger is used, the program doesn't need to be recompiled every time. This also works for closed source programs that don't allow access to the program source code.
The second group of beneficiaries is system administrators, who often deploy various programs written by developers onto the production system, and find that the program doesn't behave how it is supposed to. Since the program works without errors on the testing system but causes problems on production systems, system administrators are responsible for identifying why the problem occurs and reporting it back to the programmers in a bug report. In such cases, debuggers can be valuable in finding where -- and why -- the program malfunctions.
The next group of IT professionals who benefit from debuggers are security researchers, who need these tools all the time. There are different kinds of domains where a security researcher uses debuggers on a daily basis, like reverse engineering or malware analysis jobs. For them, having the necessary knowledge and skills with various debuggers is a must, because otherwise they would be out of a job.
There are other groups of IT professionals that would benefit from debugging knowledge, which often proves an invaluable skill to have in order to complete jobs more efficiently. People with good debugging techniques are not only more competent in the job market, but are also desired by many companies worldwide.
On the highest level of sophistication, debuggers are separated into two groups: user-mode and kernel-mode, which directly correlate to the protection rings in computer systems. Protection rings are used to prevent sensitive kernel-mode operating system code from being directly accessed from user-mode applications, providing an additional layer of defense to the system. Kernel-mode debuggers, like SoftICE, Syser, HyperDbg, WinDbg, GDB, VirtDbg and others can be used to debug the kernel-mode OS internals -- which are the heart of every OS -- while user-mode debuggers like OllyDbg, Hopper, Hiew, IDA Pro, DBG, x64dbg, VDB, Radare and others are used for debugging user-mode applications.
Despite the debuggers being able to operate in kernel-mode or user-mode, some also support remote debugging capabilities, which enable debugging from a different system. Some debuggers that have the means to debug an application or a program remotely running on a cloud-based system include WinDbg, GDB, VirtDbg, Ida Pro, Radare and Hopper.
One of the debuggers is GDB, which contains the gdbserver command that opens a specific port on the remote system used for a remote debugging session. The install instructions can be found in the accompanying article at InfoSec. The command presented below can be used to bind to the 0.0.0.0:8080, where the remote debugging session will be accessible for debugging the ./main program.
# gdbserver --remote-debug 0.0.0.0:8080 ./main
In order to connect to the remote session, enter the following commands on the current system:
(gdb) target extended-remote 188.8.131.52:8080
(gdb) set remote exec-file /srv/main
(gdb) file /tmp/main
(gdb) set architecture i386:x86-64:intel
(gdb) run secretarg
At this point, the user can run any command supported by the GDB debugger right on the remote session in the cloud, providing the same capabilities as if debugging locally.
The benefits of remote debugging
Debugging techniques are of utmost importance with many professions. They enable us to quickly locate and identify problems in programs and determine the reason for them. There are many debuggers to choose from, but often users need a debugger to run on a remote system in the cloud. Therefore, having a debugger that supports remote debugging sessions will allow users to start a remote debugger on a system and connect to it from the local computer.
Spend some extra time studying various debugger specifics to obtain the skills necessary to debug applications remotely. This will save a lot of time identifying the cause of the error. Having the debugging skills necessary to locate and identify the point of error in the program will enable users to find the problem in a misbehaving program quickly and with ease. People with these skills should no longer use other methods of identifying the problem, but should instead rely extensively on the debugging skills.
Debugging different programs remotely can also save a lot of time and money, especially with a system directly connected to a complex hardware that is inaccessible. Some clients that have SCADA systems in place are normally not available online or are very expensive, which eliminates the option of buying the hardware to debug the associated program and identify the problem. The usual method involves flying to the client's headquarters and debugging the problem locally, but that isn't the most viable option, since it costs a lot of time and money. Rather than doing that, invest the time to learn remote debugging in order to debug the program from your own office in your own country without unnecessary complications.
About the author:
Dejan Lukan has an extensive knowledge of Linux/BSD system maintenance, as well as security-related concepts including system administration, network administration, security auditing, penetration testing, reverse engineering, malware analysis, fuzzing, debugging and antivirus evasion. He is also fluent in more than a dozen programming languages, and regularly writes security-related articles for his own website.
Learn how to set traps with mainframe debugging tools