参考《0day安全 软件漏洞分析》做的,个人学习记录
工具:
- x64dbg;
- 010Editor
- IDA Pro
- LordPE
密码验证小程序源码:
#include<stdio.h>
#include<string.h>
#define PASSWORD "1234567"
int verify_password (char *password)
{
int authenticated;
authenticated = strcmp(password,PASSWORD);
return authenticated;
}
int main()
{
int valid_flag=0;
char password[1024];
while(1){
printf("please input password: ");
scanf("%s",password);
valid_flag = verify_password(password);
if(valid_flag) {
printf("incorrect password!\n\n");
}
else{
printf("Congratulation! You have passed the verification!\n");
break;
}
}
}
运行exe,如图
第一步:用IDA生成反汇编代码