Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: GDB - how to find interesting information?
Top Forums Programming GDB - how to find interesting information? Post 302464961 by type8code0 on Thursday 21st of October 2010 10:49:43 AM
Old 10-21-2010
GDB - how to find interesting information?
Hi all,

I was wondering how to find interesting information inside the assembly code. As example, I've been trying something at smashthestack wargame. After viewing the assembly code via disassemble main command, I'm not sure what else to do. Hopefully someone can guide me here.

Quote:
(gdb) disassemble main
Dump of assembler code for function main:
0x0804827a <main+0>: lea 0x4(%esp),%ecx
0x0804827e <main+4>: and $0xfffffff0,%esp
0x08048281 <main+7>: pushl 0xfffffffc(%ecx)
0x08048284 <main+10>: push %ebp
0x08048285 <main+11>: mov %esp,%ebp
0x08048287 <main+13>: push %ebx
0x08048288 <main+14>: push %ecx
0x08048289 <main+15>: sub $0x30,%esp
0x0804828c <main+18>: lea 0xfffffff4(%ebp),%eax
0x0804828f <main+21>: mov %eax,(%esp)
0x08048292 <main+24>: call 0x8072ec0 <_ZNSsC1Ev>
0x08048297 <main+29>: lea 0xfffffff0(%ebp),%eax
0x0804829a <main+32>: mov %eax,(%esp)
0x0804829d <main+35>: call 0x8072ec0 <_ZNSsC1Ev>
0x080482a2 <main+40>: movl $0x80ffe48,0x4(%esp)
0x080482aa <main+48>: movl $0x8130f60,(%esp)
0x080482b1 <main+55>: call 0x806d8f0 <_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_E S5_PKc>
0x080482b6 <main+60>: lea 0xfffffff4(%ebp),%eax
0x080482b9 <main+63>: mov %eax,0x4(%esp)
0x080482bd <main+67>: movl $0x8130ec0,(%esp)
0x080482c4 <main+74>: call 0x806b2e0 <_ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_ istreamIT_T0_ES7_RSbIS4_S5_T1_E>
0x080482c9 <main+79>: movl $0x80ffe53,0x4(%esp)
0x080482d1 <main+87>: movl $0x8130f60,(%esp)
0x080482d8 <main+94>: call 0x806d8f0 <_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_E S5_PKc>
0x080482dd <main+99>: lea 0xfffffff0(%ebp),%eax
0x080482e0 <main+102>: mov %eax,0x4(%esp)
0x080482e4 <main+106>: movl $0x8130ec0,(%esp)
0x080482eb <main+113>: call 0x806b2e0 <_ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_ istreamIT_T0_ES7_RSbIS4_S5_T1_E>
0x080482f0 <main+118>: movl $0x80ffe5e,0x4(%esp)
0x080482f8 <main+126>: lea 0xfffffff4(%ebp),%eax
0x080482fb <main+129>: mov %eax,(%esp)
0x080482fe <main+132>: call 0x80483ee <_ZSteqIcSt11char_traitsIcESaIcEEbRKSbIT_T0_T1_EPK S3_>
0x08048303 <main+137>: xor $0x1,%al
0x08048305 <main+139>: test %al,%al
0x08048307 <main+141>: jne 0x8048328 <main+174>
0x08048309 <main+143>: movl $0x80ffe65,0x4(%esp)
0x08048311 <main+151>: lea 0xfffffff0(%ebp),%eax
0x08048314 <main+154>: mov %eax,(%esp)
0x08048317 <main+157>: call 0x80483ee <_ZSteqIcSt11char_traitsIcESaIcEEbRKSbIT_T0_T1_EPK S3_>
0x0804831c <main+162>: xor $0x1,%al
0x0804831e <main+164>: test %al,%al
0x08048320 <main+166>: jne 0x8048328 <main+174>
0x08048322 <main+168>: movb $0x1,0xffffffe7(%ebp)
0x08048326 <main+172>: jmp 0x804832c <main+178>
---Type <return> to continue, or q <return> to quit---
0x08048328 <main+174>: movb $0x0,0xffffffe7(%ebp)
0x0804832c <main+178>: movzbl 0xffffffe7(%ebp),%eax
0x08048330 <main+182>: test %al,%al
0x08048332 <main+184>: je 0x8048366 <main+236>
0x08048334 <main+186>: movl $0x80ffe6e,0x4(%esp)
0x0804833c <main+194>: movl $0x8130f60,(%esp)
0x08048343 <main+201>: call 0x806d8f0 <_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_E S5_PKc>
0x08048348 <main+206>: movl $0x806e0c0,0x4(%esp)
0x08048350 <main+214>: mov %eax,(%esp)
0x08048353 <main+217>: call 0x806bf10 <_ZNSolsEPFRSoS_E>
0x08048358 <main+222>: movl $0x80ffe80,(%esp)
0x0804835f <main+229>: call 0x80b5ab0 <system>
0x08048364 <main+234>: jmp 0x804838a <main+272>
0x08048366 <main+236>: movl $0x80ffe88,0x4(%esp)
0x0804836e <main+244>: movl $0x8130f60,(%esp)
0x08048375 <main+251>: call 0x806d8f0 <_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_E S5_PKc>
0x0804837a <main+256>: movl $0x806e0c0,0x4(%esp)
0x08048382 <main+264>: mov %eax,(%esp)
0x08048385 <main+267>: call 0x806bf10 <_ZNSolsEPFRSoS_E>
0x0804838a <main+272>: lea 0xfffffff0(%ebp),%eax
0x0804838d <main+275>: mov %eax,(%esp)
0x08048390 <main+278>: call 0x8074e40 <_ZNSsD1Ev>
0x08048395 <main+283>: jmp 0x80483ad <main+307>
0x08048397 <main+285>: mov %eax,0xffffffdc(%ebp)
0x0804839a <main+288>: mov 0xffffffdc(%ebp),%ebx
0x0804839d <main+291>: lea 0xfffffff0(%ebp),%eax
0x080483a0 <main+294>: mov %eax,(%esp)
0x080483a3 <main+297>: call 0x8074e40 <_ZNSsD1Ev>
0x080483a8 <main+302>: mov %ebx,0xffffffdc(%ebp)
0x080483ab <main+305>: jmp 0x80483c5 <main+331>
0x080483ad <main+307>: lea 0xfffffff4(%ebp),%eax
0x080483b0 <main+310>: mov %eax,(%esp)
0x080483b3 <main+313>: call 0x8074e40 <_ZNSsD1Ev>
0x080483b8 <main+318>: mov $0x0,%eax
0x080483bd <main+323>: mov %eax,0xffffffe0(%ebp)
0x080483c0 <main+326>: jmp 0x80483e1 <main+359>
0x080483c2 <main+328>: mov %eax,0xffffffdc(%ebp)
0x080483c5 <main+331>: mov 0xffffffdc(%ebp),%ebx
0x080483c8 <main+334>: lea 0xfffffff4(%ebp),%eax
0x080483cb <main+337>: mov %eax,(%esp)
0x080483ce <main+340>: call 0x8074e40 <_ZNSsD1Ev>
0x080483d3 <main+345>: mov %ebx,0xffffffdc(%ebp)
0x080483d6 <main+348>: mov 0xffffffdc(%ebp),%eax
0x080483d9 <main+351>: mov %eax,(%esp)
0x080483dc <main+354>: call 0x80a5180 <_Unwind_Resume>
---Type <return> to continue, or q <return> to quit---
0x080483e1 <main+359>: mov 0xffffffe0(%ebp),%eax
0x080483e4 <main+362>: add $0x30,%esp
0x080483e7 <main+365>: pop %ecx
0x080483e8 <main+366>: pop %ebx
0x080483e9 <main+367>: pop %ebp
0x080483ea <main+368>: lea 0xfffffffc(%ecx),%esp
0x080483ed <main+371>: ret
End of assembler dump.
(gdb)
This is the link to the wargame:
blackbox.smashthestack.org:85

Reference:
A GDB Tutorial
cs.clarku.edu/~jbreecher/docs/GDB_Tutorial.html
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Please help me find out system information

I'm just getting started with unix and would like to know 1) how to tell how big the harddrive is 2) how to tell if there are multiple harddrive installed on the machine 3) a relitavely easy way to tell what programs are installed on the machine. I'm using Sun OS 5.6 Thanks (3 Replies)
Discussion started by: ViperD
3 Replies

2. UNIX for Dummies Questions & Answers

How do I find information about the hardware?

Hello I used to Red Hat and the common Linux commands, but now I have to deal with a SCO-Unix (Unix Ware 7). I have to find information about the hardware. What networkcard is installed? What graphiccard is installed? Which SCSI-Adapter and what kind of harddisks? What software is... (3 Replies)
Discussion started by: Fwurm
3 Replies

3. UNIX for Dummies Questions & Answers

How do I find route table information

I am trying to install a new AIX server and I am migrating off of an older AIX server. Does anyone have a quick and easy method for getting the static route information from the old server so I can just maybe copy a file over to the new server ? (1 Reply)
Discussion started by: Docboyeee
1 Replies

4. Programming

strange information about GDB!

(gdb) step 137 param.eps = 1e-3; (gdb) 138 param.p = 0.1; (gdb) 137 param.eps = 1e-3; (gdb) 138 param.p = 0.1; (gdb) 129 param.type = CC; (gdb) 130 param.kernel_type = BF; (gdb) 129 param.type =... (3 Replies)
Discussion started by: new_hand
3 Replies

5. Shell Programming and Scripting

find information about logins

Hi, all I want to make a bash script that print all users from a system using last command. I want to print the number of user's login in the format (descending order): 5 user1 address1 4 user2 address2 I am trying the command last | awk '{print $1 " " $3}' | sort | uniq ... (9 Replies)
Discussion started by: peter20
9 Replies

6. UNIX for Dummies Questions & Answers

Where to find Kernel development Information

Hi, I would like to do some research on the Linux kernel. Where can I find information about the current kernel development, who is working on the kernel. I looked up the change log on the kernels main page, but that doesn't help either. My goal is to find out where the focus of the current... (3 Replies)
Discussion started by: Learn4Life
3 Replies

7. Red Hat

Command to find the harddisk information

I tried to find the harddisk information using the command hdparm -i /dev/sda. But I couldn't get the info. Is there any similar command to find the harddisk serial number. (5 Replies)
Discussion started by: gsiva
5 Replies

8. What is on Your Mind?

Disable More Discussions You Might Find Interesting in Mobile View

Hi, for quite a while this feature "xxx More Discussions You Might Find Interesting" is added below a topic here. For desktop view this is ok. I didn't make use of it so far, but it isn't disturbing me either. In mobile view however it's annoying me, because when I scroll down to the end... (3 Replies)
Discussion started by: stomp
3 Replies
All times are GMT -4. The time now is 11:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy