超精讲-逐例分析CS:LAB2-Bomb!(上)

关于环境已经在lab1里配置过了这里要记得安装gdb

安装命令 sudo yum install gdb

实验的下载地址

gbd的命令地址

知乎同款连接 https://zhuanlan.zhihu.com/p/339461318

这里我们需要使用objdump -d ./bomb >> bomb.s反汇编工具来得到汇编代码。

下面就开始举世盛名的bomb 实验吧

1. 第一关

粗读 main 函数

initialize_bomb(); printf("Welcome to my fiendish little bomb. You have 6 phases with\n"); printf("which to blow yourself up. Have a nice day!\n"); /* Hmm... Six phases must be more secure than one phase! */ input = read_line(); /* Get input */ phase_1(input); /* Run the phase */ phase_defused(); /* Drat! They figured it out!

通过简单的阅读理解应该知道这里面的phase_1 就是我们的第一关了,然后根据函数名称 input = read_line() 应该是要验证我们的输入是否合理,我们先乱输入一个看看先运行起来

(gdb) r Starting program: /csapp/bomb/bomb warning: Error disabling address space randomization: Operation not permitted Welcome to my fiendish little bomb. You have 6 phases with which to blow yourself up. Have a nice day!

输入hello wordl

hello world BOOM!!! The bomb has blown up. [Inferior 1 (process 67) exited with code 010]

果然

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wpspzg.html