I\'m working on the famous binary bomb solution. I\'ve worked the solution to ph
ID: 656133 • Letter: I
Question
I'm working on the famous binary bomb solution. I've worked the solution to phase_3 down to two integers, but haven't had any luck past that. Any ideas?
08048e15 :
8048e15: 55 push %ebp
8048e16: 89 e5 mov %esp,%ebp
8048e18: 83 ec 28 sub $0x28,%esp
8048e1b: 8d 45 f0 lea -0x10(%ebp),%eax
8048e1e: 89 44 24 0c mov %eax,0xc(%esp)
8048e22: 8d 45 f4 lea -0xc(%ebp),%eax
8048e25: 89 44 24 08 mov %eax,0x8(%esp)
8048e29: c7 44 24 04 ca 9a 04 movl $0x8049aca,0x4(%esp)
8048e30: 08
8048e31: 8b 45 08 mov 0x8(%ebp),%eax
8048e34: 89 04 24 mov %eax,(%esp)
8048e37: e8 4c f9 ff ff call 8048788 <__isoc99_sscanf@plt>
8048e3c: 83 f8 01 cmp $0x1,%eax
8048e3f: 7f 05 jg 8048e46
8048e41: e8 20 04 00 00 call 8049266
8048e46: 83 7d f4 07 cmpl $0x7,-0xc(%ebp)
8048e4a: 77 65 ja 8048eb1
8048e4c: 8b 45 f4 mov -0xc(%ebp),%eax
8048e4f: ff 24 85 00 99 04 08 jmp *0x8049900(,%eax,4)
8048e56: b8 00 00 00 00 mov $0x0,%eax
8048e5b: eb 4d jmp 8048eaa
8048e5d: b8 00 00 00 00 mov $0x0,%eax
8048e62: eb 41 jmp 8048ea5
8048e64: b8 00 00 00 00 mov $0x0,%eax
8048e69: eb 35 jmp 8048ea0
8048e6b: b8 00 00 00 00 mov $0x0,%eax
8048e70: eb 29 jmp 8048e9b
8048e72: b8 00 00 00 00 mov $0x0,%eax
8048e77: eb 1d jmp 8048e96
8048e79: b8 00 00 00 00 mov $0x0,%eax
8048e7e: eb 11 jmp 8048e91
8048e80: b8 59 03 00 00 mov $0x359,%eax
8048e85: eb 05 jmp 8048e8c
8048e87: b8 00 00 00 00 mov $0x0,%eax
8048e8c: 2d 8b 02 00 00 sub $0x28b,%eax
8048e91: 05 af 03 00 00 add $0x3af,%eax
8048e96: 2d e3 03 00 00 sub $0x3e3,%eax
8048e9b: 05 f9 00 00 00 add $0xf9,%eax
8048ea0: 2d d2 03 00 00 sub $0x3d2,%eax
8048ea5: 05 d2 03 00 00 add $0x3d2,%eax
8048eaa: 2d f7 02 00 00 sub $0x2f7,%eax
8048eaf: eb 0a jmp 8048ebb
8048eb1: e8 b0 03 00 00 call 8049266
8048eb6: b8 00 00 00 00 mov $0x0,%eax
8048ebb: 83 7d f4 05 cmpl $0x5,-0xc(%ebp)
8048ebf: 7f 05 jg 8048ec6
8048ec1: 3b 45 f0 cmp -0x10(%ebp),%eax
8048ec4: 74 05 je 8048ecb
8048ec6: e8 9b 03 00 00 call 8049266
8048ecb: c9 leave
8048ecc: 8d 74 26 00 lea 0x0(%esi,%eiz,1),%esi
8048ed0: c3 ret
Explanation / Answer
That's number 2. Keep going! 0 1 Breakpoint 1, 0x08048f9a in phase_3 () (gdb) disas Dump of assembler code for function phase_3: 0x08048f94 : push %ebp 0x08048f95 : mov %esp,%ebp 0x08048f97 : sub $0x28,%esp => 0x08048f9a : lea -0x10(%ebp),%eax 0x08048f9d : mov %eax,0xc(%esp) 0x08048fa1 : lea -0xc(%ebp),%eax 0x08048fa4 : mov %eax,0x8(%esp) 0x08048fa8 : movl $0x804a58c,0x4(%esp) 0x08048fb0 : mov 0x8(%ebp),%eax 0x08048fb3 : mov %eax,(%esp) 0x08048fb6 : call 0x8048894 0x08048fbb : cmp $0x1,%eax 0x08048fbe : jg 0x8048fc5 0x08048fc0 : call 0x8049321 0x08048fc5 : cmpl $0x7,-0xc(%ebp) 0x08048fc9 : ja 0x8049032 0x08048fcb : mov -0xc(%ebp),%eax 0x08048fce : xchg %ax,%ax 0x08048fd0 : jmp *0x804a4c0(,%eax,4) 0x08048fd7 : mov $0x0,%eax 0x08048fdc : lea 0x0(%esi,%eiz,1),%esi 0x08048fe0 : jmp 0x804902d 0x08048fe2 : mov $0x0,%eax 0x08048fe7 : jmp 0x804902a 0x08048fe9 : mov $0x0,%eax 0x08048fee : xchg %ax,%ax 0x08048ff0 : jmp 0x8049027 0x08048ff2 : mov $0x0,%eax 0x08048ff7 : jmp 0x8049024 0x08048ff9 : mov $0x0,%eax 0x08048ffe : xchg %ax,%ax 0x08049000 : jmp 0x8049021 0x08049002 : mov $0x0,%eax 0x08049007 : jmp 0x804901c 0x08049009 : mov $0x30d,%eax 0x0804900e : xchg %ax,%ax 0x08049010 : jmp 0x8049017 0x08049012 : mov $0x0,%eax 0x08049017 : sub $0x264,%eax 0x0804901c : add $0x3b8,%eax 0x08049021 : sub $0x49,%eax 0x08049024 : add $0x49,%eax 0x08049027 : sub $0x49,%eax 0x0804902a : add $0x49,%eax 0x0804902d : sub $0x49,%eax 0x08049030 : jmp 0x804903c 0x08049032 : call 0x8049321 0x08049037 : mov $0x0,%eax 0x0804903c : cmpl $0x5,-0xc(%ebp) 0x08049040 : jg 0x8049047 0x08049042 : cmp -0x10(%ebp),%eax 0x08049045 : je 0x804904c 0x08049047 : call 0x8049321 0x0804904c : leave 0x0804904d : lea 0x0(%esi),%esi 0x08049050 : ret End of assembler dump. (gdb)Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.