Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
87 views

Assembly Code

The document contains disassembly code for the main function and several phase functions from a bomb lab program. The main function calls each phase function in sequence, passing user input to each phase. Each phase function checks the input against a hardcoded value and calls the explode_bomb function if they do not match, otherwise allowing the program to continue.

Uploaded by

Syed Muhammad Ali Mustafa
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
87 views

Assembly Code

The document contains disassembly code for the main function and several phase functions from a bomb lab program. The main function calls each phase function in sequence, passing user input to each phase. Each phase function checks the input against a hardcoded value and calls the explode_bomb function if they do not match, otherwise allowing the program to continue.

Uploaded by

Syed Muhammad Ali Mustafa
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

(gdb) disassemble main

Dump of assembler code for function main:


=> 0x0000000000400c67 <+0>: push %rbx
0x0000000000400c68 <+1>: cmp $0x1,%edi
0x0000000000400c6b <+4>: je 0x400d59 <main+242>
0x0000000000400c71 <+10>: mov %rsi,%rbx
0x0000000000400c74 <+13>: cmp $0x2,%edi
0x0000000000400c77 <+16>: jne 0x400d87 <main+288>
0x0000000000400c7d <+22>: mov 0x8(%rsi),%rdi
0x0000000000400c81 <+26>: mov $0x402070,%esi
0x0000000000400c86 <+31>: callq 0x400b20 <fopen@plt>
0x0000000000400c8b <+36>: mov %rax,0x202ade(%rip) # 0x603770 <infile>
0x0000000000400c92 <+43>: test %rax,%rax
0x0000000000400c95 <+46>: je 0x400d6c <main+261>
0x0000000000400c9b <+52>: callq 0x40120a <initialize_bomb>
0x0000000000400ca0 <+57>: mov $0x4020f8,%edi
0x0000000000400ca5 <+62>: callq 0x400a40 <puts@plt>
0x0000000000400caa <+67>: mov $0x402138,%edi
0x0000000000400caf <+72>: callq 0x400a40 <puts@plt>
0x0000000000400cb4 <+77>: callq 0x401301 <read_line>
0x0000000000400cb9 <+82>: mov %rax,%rdi
0x0000000000400cbc <+85>: callq 0x400da3 <phase_1>
0x0000000000400cc1 <+90>: callq 0x40142f <phase_defused>
---Type <return> to continue, or q <return> to quit---
0x0000000000400cc6 <+95>: mov $0x402168,%edi
0x0000000000400ccb <+100>: callq 0x400a40 <puts@plt>
0x0000000000400cd0 <+105>: callq 0x401301 <read_line>
0x0000000000400cd5 <+110>: mov %rax,%rdi
0x0000000000400cd8 <+113>: callq 0x400dc1 <phase_2>
0x0000000000400cdd <+118>: callq 0x40142f <phase_defused>
0x0000000000400ce2 <+123>: mov $0x4020a9,%edi
0x0000000000400ce7 <+128>: callq 0x400a40 <puts@plt>
0x0000000000400cec <+133>: callq 0x401301 <read_line>
0x0000000000400cf1 <+138>: mov %rax,%rdi
0x0000000000400cf4 <+141>: callq 0x400e04 <phase_3>
0x0000000000400cf9 <+146>: callq 0x40142f <phase_defused>
0x0000000000400cfe <+151>: mov $0x4020c7,%edi
0x0000000000400d03 <+156>: callq 0x400a40 <puts@plt>
0x0000000000400d08 <+161>: callq 0x401301 <read_line>
0x0000000000400d0d <+166>: mov %rax,%rdi
0x0000000000400d10 <+169>: callq 0x400ec5 <phase_4>
0x0000000000400d15 <+174>: callq 0x40142f <phase_defused>
0x0000000000400d1a <+179>: mov $0x402198,%edi
0x0000000000400d1f <+184>: callq 0x400a40 <puts@plt>
0x0000000000400d24 <+189>: callq 0x401301 <read_line>
0x0000000000400d29 <+194>: mov %rax,%rdi
0x0000000000400d2c <+197>: callq 0x400f1c <phase_5>
---Type <return> to continue, or q <return> to quit---
0x0000000000400d31 <+202>: callq 0x40142f <phase_defused>
0x0000000000400d36 <+207>: mov $0x4020d6,%edi
0x0000000000400d3b <+212>: callq 0x400a40 <puts@plt>
0x0000000000400d40 <+217>: callq 0x401301 <read_line>
0x0000000000400d45 <+222>: mov %rax,%rdi
0x0000000000400d48 <+225>: callq 0x400f5f <phase_6>
0x0000000000400d4d <+230>: callq 0x40142f <phase_defused>
0x0000000000400d52 <+235>: mov $0x0,%eax
0x0000000000400d57 <+240>: pop %rbx
0x0000000000400d58 <+241>: retq
0x0000000000400d59 <+242>: mov 0x2029f0(%rip),%rax # 0x603750
<stdin@@GLIBC_2.2.5>
0x0000000000400d60 <+249>: mov %rax,0x202a09(%rip) # 0x603770 <infile>
0x0000000000400d67 <+256>: jmpq 0x400c9b <main+52>
0x0000000000400d6c <+261>: mov 0x8(%rbx),%rdx
0x0000000000400d70 <+265>: mov (%rbx),%rsi
0x0000000000400d73 <+268>: mov $0x402072,%edi
0x0000000000400d78 <+273>: callq 0x400a60 <printf@plt>
0x0000000000400d7d <+278>: mov $0x8,%edi
0x0000000000400d82 <+283>: callq 0x400b40 <exit@plt>
0x0000000000400d87 <+288>: mov (%rsi),%rsi
0x0000000000400d8a <+291>: mov $0x40208f,%edi
---Type <return> to continue, or q <return> to quit---
0x0000000000400d8f <+296>: mov $0x0,%eax
0x0000000000400d94 <+301>: callq 0x400a60 <printf@plt>
0x0000000000400d99 <+306>: mov $0x8,%edi
0x0000000000400d9e <+311>: callq 0x400b40 <exit@plt>
End of assembler dump.
(gdb) disassemble phase_1
Dump of assembler code for function phase_1:
0x0000000000400da3 <+0>: sub $0x8,%rsp
0x0000000000400da7 <+4>: mov $0x4021c0,%esi
0x0000000000400dac <+9>: callq 0x4011a3 <strings_not_equal>
0x0000000000400db1 <+14>: test %eax,%eax
0x0000000000400db3 <+16>: jne 0x400dba <phase_1+23>
0x0000000000400db5 <+18>: add $0x8,%rsp
0x0000000000400db9 <+22>: retq
0x0000000000400dba <+23>: callq 0x4012a0 <explode_bomb>
0x0000000000400dbf <+28>: jmp 0x400db5 <phase_1+18>
End of assembler dump.
(gdb) x 0x4021c0
0x4021c0: 0x20656854
(gdb) disassemble strings_not_equal
Dump of assembler code for function strings_not_equal:
0x00000000004011a3 <+0>: push %r12
0x00000000004011a5 <+2>: push %rbp
0x00000000004011a6 <+3>: push %rbx
0x00000000004011a7 <+4>: mov %rdi,%rbx
0x00000000004011aa <+7>: mov %rsi,%rbp
0x00000000004011ad <+10>: callq 0x401186 <string_length>
0x00000000004011b2 <+15>: mov %eax,%r12d
0x00000000004011b5 <+18>: mov %rbp,%rdi
0x00000000004011b8 <+21>: callq 0x401186 <string_length>
0x00000000004011bd <+26>: mov $0x1,%edx
0x00000000004011c2 <+31>: cmp %eax,%r12d
0x00000000004011c5 <+34>: je 0x4011ce <strings_not_equal+43>
0x00000000004011c7 <+36>: mov %edx,%eax
0x00000000004011c9 <+38>: pop %rbx
0x00000000004011ca <+39>: pop %rbp
0x00000000004011cb <+40>: pop %r12
0x00000000004011cd <+42>: retq
0x00000000004011ce <+43>: movzbl (%rbx),%eax
0x00000000004011d1 <+46>: test %al,%al
0x00000000004011d3 <+48>: je 0x4011fc <strings_not_equal+89>
0x00000000004011d5 <+50>: cmp 0x0(%rbp),%al
0x00000000004011d8 <+53>: jne 0x401203 <strings_not_equal+96>
0x00000000004011da <+55>: add $0x1,%rbx
0x00000000004011de <+59>: add $0x1,%rbp
0x00000000004011e2 <+63>: movzbl (%rbx),%eax
0x00000000004011e5 <+66>: test %al,%al
0x00000000004011e7 <+68>: je 0x4011f5 <strings_not_equal+82>
0x00000000004011e9 <+70>: cmp %al,0x0(%rbp)
0x00000000004011ec <+73>: je 0x4011da <strings_not_equal+55>
0x00000000004011ee <+75>: mov $0x1,%edx
0x00000000004011f3 <+80>: jmp 0x4011c7 <strings_not_equal+36>
0x00000000004011f5 <+82>: mov $0x0,%edx
0x00000000004011fa <+87>: jmp 0x4011c7 <strings_not_equal+36>
0x00000000004011fc <+89>: mov $0x0,%edx
0x0000000000401201 <+94>: jmp 0x4011c7 <strings_not_equal+36>
0x0000000000401203 <+96>: mov $0x1,%edx
---Type <return> to continue, or q <return> to quit---
0x0000000000401208 <+101>: jmp 0x4011c7 <strings_not_equal+36>
End of assembler dump.
(gdb) disassemble string_length
Dump of assembler code for function string_length:
0x0000000000401186 <+0>: cmpb $0x0,(%rdi)
0x0000000000401189 <+3>: je 0x40119d <string_length+23>
0x000000000040118b <+5>: mov %rdi,%rdx
0x000000000040118e <+8>: add $0x1,%rdx
0x0000000000401192 <+12>: mov %edx,%eax
0x0000000000401194 <+14>: sub %edi,%eax
0x0000000000401196 <+16>: cmpb $0x0,(%rdx)
0x0000000000401199 <+19>: jne 0x40118e <string_length+8>
0x000000000040119b <+21>: repz retq
0x000000000040119d <+23>: mov $0x0,%eax
0x00000000004011a2 <+28>: retq

(gdb) disassemble phase_2


Dump of assembler code for function phase_2:
0x0000000000400dc1 <+0>: push %rbx
0x0000000000400dc2 <+1>: sub $0x20,%rsp
0x0000000000400dc6 <+5>: mov %rsp,%rsi
0x0000000000400dc9 <+8>: callq 0x4012c2 <read_six_numbers>
0x0000000000400dce <+13>: cmpl $0x0,(%rsp)
0x0000000000400dd2 <+17>: js 0x400ddb <phase_2+26>
0x0000000000400dd4 <+19>: mov $0x1,%ebx
0x0000000000400dd9 <+24>: jmp 0x400dec <phase_2+43>
0x0000000000400ddb <+26>: callq 0x4012a0 <explode_bomb>
0x0000000000400de0 <+31>: jmp 0x400dd4 <phase_2+19>
0x0000000000400de2 <+33>: add $0x1,%rbx
0x0000000000400de6 <+37>: cmp $0x6,%rbx
0x0000000000400dea <+41>: je 0x400dfe <phase_2+61>
0x0000000000400dec <+43>: mov %ebx,%eax
0x0000000000400dee <+45>: add -0x4(%rsp,%rbx,4),%eax
0x0000000000400df2 <+49>: cmp %eax,(%rsp,%rbx,4)
0x0000000000400df5 <+52>: je 0x400de2 <phase_2+33>
0x0000000000400df7 <+54>: callq 0x4012a0 <explode_bomb>
0x0000000000400dfc <+59>: jmp 0x400de2 <phase_2+33>
0x0000000000400dfe <+61>: add $0x20,%rsp
0x0000000000400e02 <+65>: pop %rbx
0x0000000000400e03 <+66>: retq
End of assembler dump.

(gdb) disassemble read_six_numbers


Dump of assembler code for function read_six_numbers:
0x00000000004012c2 <+0>: sub $0x8,%rsp
0x00000000004012c6 <+4>: mov %rsi,%rdx
0x00000000004012c9 <+7>: lea 0x4(%rsi),%rcx
0x00000000004012cd <+11>: lea 0x14(%rsi),%rax
0x00000000004012d1 <+15>: push %rax
0x00000000004012d2 <+16>: lea 0x10(%rsi),%rax
0x00000000004012d6 <+20>: push %rax
0x00000000004012d7 <+21>: lea 0xc(%rsi),%r9
0x00000000004012db <+25>: lea 0x8(%rsi),%r8
0x00000000004012df <+29>: mov $0x4023a3,%esi
0x00000000004012e4 <+34>: mov $0x0,%eax
0x00000000004012e9 <+39>: callq 0x400b00 <__isoc99_sscanf@plt>
0x00000000004012ee <+44>: add $0x10,%rsp
0x00000000004012f2 <+48>: cmp $0x5,%eax
0x00000000004012f5 <+51>: jle 0x4012fc <read_six_numbers+58>
0x00000000004012f7 <+53>: add $0x8,%rsp
0x00000000004012fb <+57>: retq
0x00000000004012fc <+58>: callq 0x4012a0 <explode_bomb>
End of assembler dump.

You might also like