High-risk tools in Gdb Multiarch
17 of the 33 tools in Gdb Multiarch are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
gdb_call_functionExecuteCall a function in the target process. WARNING: executes code in the
-
gdb_continueExecuteContinue execution until next breakpoint or completion. Only use when program is PAUSED.
-
gdb_disable_breakpointExecuteDisable a breakpoint by number.
-
gdb_enable_breakpointExecuteEnable a breakpoint by number.
-
gdb_evaluate_expressionExecuteEvaluate a C/C++ expression.
-
gdb_execute_commandExecuteExecute a raw GDB command (CLI or MI).
-
gdb_interruptExecuteInterrupt (pause) a running program.
-
gdb_nextExecuteStep over to the next line.
-
gdb_select_frameExecuteSelect a specific stack frame.
-
gdb_select_threadExecuteSelect a specific thread.
-
gdb_set_breakpointExecuteSet a breakpoint at a function, file:line, or *address.
-
gdb_stepExecuteStep into the next instruction.
-
switch_break_atExecuteSet a breakpoint at an offset relative to the base of main ($main).
-
switch_print_traceExecuteCombined trace: runs get_pc, localize $lr, and my_bt2 in one command.
-
switch_replaceExecuteReplace the instruction at an offset from main with a new instruction.
-
switch_start_sessionExecuteStart gdb-multiarch and connect to the Switch/Yuzu GDB stub.
-
switch_stubExecuteStub the function at the given offset from main.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.