I have a stripped binary to analyze. Some interesting code is located at address 0x1234, how do I find all jumps to that address ? (of course I don't expect to find computed jumps to that address, just the ones which are hardcoded). I cannot use a simple search since the jumps instruction are typically coded with relative offset and there are many kind of jumps (je, jne, jmp...). I am working with GDB-PEDA on x86_64 / linux for now if it has to be a platform specific approach.
0
votes
I think you need to execute program to collect this information. Maybe gdb's process record can be useful. Enabled recording (record btrace). Put a breakpoint at 0x1234. Then when breakpoint is hit, use record instruction-history to see how you (and from where) you jumped there.
– dbrank0
BTW: I misread the question. This is required only if you want to find computed jumps.
– dbrank0
