csapp bomb lab

bomb~bomb~bomb!!!

做一些笔记。

objdump -d bomb

file bomb

disassemble phase_2

x/s 地址
x/s 地址

answer:
Border relations with Canada have never been better.//字符串比较
1 2 4 8 16 32//循环1到6
0 207//swith语句0到7
7 0 
ionefg
4 3 2 1 6 5


phase_3
0 207
1 311
2 707
3 256
4 389
5 206
6 682
7 327

phase_4
func4(num0,0,14):
//a=0x8(%rsp);b=%esi;c=%edx
int func4(int a,int b,int c){
    int len = c - b;
    int tmp = len >> 31;
    len += tmp;
    len >>= 1;
    
    tmp = len + b;
    
    if(tmp > a){
        return func4(a,b,tmp-1)*2;
    }
    else if(tmp < a){
        return func4(a,tmp+1,c)*2+1; 
    }
    return 0;
}
返回值为0,求num0


phase_5
%eax保存串长度
void phase_5(char* in){
    const char* key = "maduiersnfotvbylSo you think you can stop the bomb with ctrl-c, do you?";
    int len = strlen(in);
    char ans[7];
    if(len != 6){
        bomb!
    }
    else{
        for(int i=0;i<len;i++){
            char x = in[i] & 0xf;
            ans[i] = in[x];
        }
        ans[6]'\0';
        if(ans != "flyers")
        {
            bomb!
        }
    }

}



阅读更多
想对作者说点什么?

博主推荐

换一批

没有更多推荐了,返回首页