Thread: gdb questions

    #1
  1. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95

    gdb questions


    here is code:
    Code:
    char pass[10] = "AAAAA", user[10] = "BBBBB";
    
            if(!strcmp(pass,user))
                    printf("match\n");
            else
                    printf("no match\n");
    -disassembled:
    0x804835c <main>: push %ebp
    0x804835d <main+1>: mov %esp,%ebp
    0x804835f <main+3>: sub $0x28,%esp
    0x8048362 <main+6>: and $0xfffffff0,%esp
    0x8048365 <main+9>: mov $0x0,%eax
    0x804836a <main+14>: sub %eax,%esp
    0x804836c <main+16>: mov 0x8048424,%eax
    0x8048371 <main+21>: mov %eax,0xffffffe8(%ebp)
    0x8048374 <main+24>: mov 0x8048428,%ax
    0x804837a <main+30>: mov eax,0xffffffec(%ebp)
    0x804837e <main+34>: movl $0x0,0xffffffee(%ebp)
    0x8048385 <main+41>: mov 0x804842e,%eax
    0x804838a <main+46>: mov %eax,0xffffffd8(%ebp)
    0x804838d <main+49>: mov 0x8048432,%ax
    0x8048393 <main+55>: mov %ax,0xffffffdc(%ebp)
    0x8048397 <main+59>: movl $0x0,0xffffffde(%ebp)
    0x804839e <main+66>: sub $0x8,%esp
    0x80483a1 <main+69>: lea 0xffffffd8(%ebp),%eax
    0x80483a4 <main+72>: push %eax
    0x80483a5 <main+73>: lea 0xffffffe8(%ebp),%eax
    0x80483a8 <main+76>: push %eax
    0x80483a9 <main+77>: call 0x804827c <strcmp>

    - i am trying to view the contents of variables pass and user right b4 teh call to strcmp(). now usually the arguments are pushed, and then the return address is pushed, but i only see 2 pushes instead of 3? why? and how can i view those variables in gdb? the man pages are flimsy.
    edit: i just realized this all seems pointless, so explanation: i am trying to extract a password from a binary. not this one, but a different binary that i dont hae the source for.
  2. #2
  3. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    nevermind, cracked the rotten thing myself after a couple hours :)

IMN logo majestic logo threadwatch logo seochat tools logo