We covered GDB's TUI mode but didn't really explain the layout. Let's do that now. When running the commands in step 5, we organized our Terminal user interface in a way that gives us the pertinent information we will always need, such as the values in each of our general-purpose registers and the disassembly information. The top window is used for the general-purpose register's information as seen in the following screenshot on the 32-bit Ubuntu virtual machine:

The highlighted registers in the preceding screenshot show registers that were recently altered when executing an instruction. In the preceding example, we see that ESP, EIP, and the EFLAGS registers all had their values altered by whatever instruction was just executed. The second window in our layout, positioned in the middle of the screen, contains the disassembled instructions of the program we're analyzing, as shown in the following screenshot:

From left to right, we can see the address of the instruction, how many bytes into the current function the instruction resides, the instruction itself, and the operands of the instruction. It's time for a quick review. Do you remember which operand is the source, and which operand is the destination? Is the preceding screenshot showing Intel syntax or AT&T syntax? If you can't recall the answers to these questions from memory, re-read Chapter 2, 32-Bit Assembly on Linux and the ELF Specification.

Finally, the bottom window in our Terminal user interface gives us the gdb command interface. This is where we entered our commands to GDB:

The Terminal user interface in GDB is completely optional and really comes down to personal preference. To run through the various layout styles available in GDB, you can use the following command until you find a layout that suits your needs or better suits your workflow:

(gdb) layout next

Alternatively, if you start GDB without the --tui argument on the command line, you will only have the GDB prompt, and all the output will use the entire area above the prompt. Sometimes, this comes in handy, depending on what you're analyzing. GDB also offers ways of programming macros to always show the same displayed information after executing each instruction. We can also set variables using GDB, bypass instructions in the program we're analyzing, and so on. There is just so much GDB can do, it could encompass an entire book itself. Have no fear, though—we will cover more GDB instructions as we work through our analysis.