This is the assembly code i got after "disas phase1" command of my binary bomb in C, what do i need to input in order to defuse this bomb?
This is the assembly code i got after "disas phase1" command of my binary bomb in C, what do i need to input in order to defuse this bomb?
0x00000000004014dc <+0>: sub $0x8,%rsp
0x00000000004014e0 <+4>: cmpb $0x41,(%rdi)
0x00000000004014e3 <+7>: jne 0x40151c <bombphase_1+64>
0x00000000004014e5 <+9>: cmpb $0x2e,0x1(%rdi)
0x00000000004014e9 <+13>: jne 0x40151c <bombphase_1+64>
0x00000000004014eb <+15>: cmpb $0x71,0x3(%rdi)
0x00000000004014ef <+19>: jne 0x40151c <bombphase_1+64>
0x00000000004014f1 <+21>: cmpb $0x4b,0x4(%rdi)
0x00000000004014f5 <+25>: jne 0x40151c <bombphase_1+64>
0x00000000004014f7 <+27>: cmpb $0x63,0x2(%rdi)
0x00000000004014fb <+31>: je 0x40152a <bombphase_1+78>
0x00000000004014fd <+33>: cmp %cl,0x1f(%rdi)
0x0000000000401500 <+36>: jne 0x40151c <bombphase_1+64>
0x0000000000401502 <+38>: movzbl 0x28(%rdi),%ecx
0x0000000000401506 <+42>: movzbl 0x16(%rdi),%eax
0x000000000040150a <+46>: cmp %al,%cl
0x000000000040150c <+48>: je 0x40151c <bombphase_1+64>
0x000000000040150e <+50>: or $0xe,%eax
0x0000000000401511 <+53>: mov %eax,%edx
0x0000000000401513 <+55>: mov $0x1,%eax
0x0000000000401518 <+60>: cmp %dl,%cl
0x000000000040151a <+62>: je 0x40152f <bombphase_1+83>
0x000000000040151c <+64>: callq 0x401e54 <explosion_begins>
0x0000000000401521 <+69>: mov $0xfffffffffe7ed1e5,%rax
0x0000000000401528 <+76>: jmp 0x40152f <bombphase_1+83>
0x000000000040152a <+78>: mov $0x0,%eax
0x000000000040152f <+83>: add $0x8,%rsp
0x0000000000401533 <+87>: retq
The nefarious Dr. Evil has established a large number of "binary bombs" on our machines. A binary bomb is a program
that consists of a sequence of stages. Each stage expects you to type a particular string on the norm
input (stdin). If you type the correct string, then the stage is defused and the bomb proceeds to the following
stage. Otherwise, the bomb detonates by printing "BOOM!!!" and afterward terminating. The explosive is defused
at the point when each stage has been defused. In any case, defusing the first two stages delays the explosion, so in this
assignment you are required to complete the first two stages just (the remaining stages are optional, and
can be completed for bonus recognition).
Each gathering (a couple of understudies) gets a bomb to defuse. Your mission, which you must choose the option to
accept, is to delay/defuse your bomb before the due date. Best of luck, and welcome to the bomb crew!
Step 1: Get Your Bomb
Each gathering of understudies will endeavor to defuse their own personalized bomb. Each bomb is a Linux binary
executable file that has been compiled from a C program. To obtain your gathering's bomb, one (and only one)
of the gathering individuals ought to point your Internet browser to the bomb demand daemon at
http://felix.csc.villanova.edu:12345
Fill out the HTML structure with the email locations and names of your colleagues, and afterward submit the
structure by clicking the "Submit" button. The solicitation daemon will build your bomb in a tar file called
bombk.tar, where k is the unique number of your bomb. The daemon will send you an email with
instructions on the most proficient method to get your bomb. The email instructions essentially request that you sign on to felix (you
may likewise choose helix or matrix) and type in the following commands:
cp/mnt/a/mdamian/x86/bombs/bombk.tar ~/frameworks
cd ~/frameworks
tar xvf bombk.tar
This will create a directory called bombk with the following files:
• README: Identifies the bomb and its proprietors.
• bomb: The executable binary bomb.
• bomb.c: Source file with the bomb's main routine.
If you commit any kind of error requesting a bomb (such as neglecting to save it or typing some unacceptable gathering
individuals), simply demand another bomb.
Step 2: Delay/Defuse Your Bomb
Your responsibility is to delay/defuse the bomb.
You can utilize many tools to assist you with this; if it's not too much trouble, take a gander at the Hints section for certain tips and ideas. The
most effective way is to utilize the gdb debugger to step through the disassembled binary.
Each time your bomb detonates it notifies the staff, and you lose 1/4 point (up to 10 points) in the
finalscore for the lab. So there are consequences to exploding the bomb. You should watch out! In a second
of shortcoming notwithstanding, Dr. Evil decided that the first 10 bomb explosions will be for nothing.
Each stage is worth 10 points, for a total of 60 points.
The stages get progressively more earnestly to defuse, yet the expertise you gain as you move from one stage to another
ought to offset this difficulty.
The bomb ignores clear input lines. If you run your bomb with a command line contention, for instance,
./bomb bsol.txt
then it will peruse the input lines from bsol.txt until it reaches EOF (end of file), and afterward switch over to
the standard input (stdin). This way, you don't need to continue retyping the solutions to stages you have
currently defused.
To avoid accidently detonating the bomb, you will need to single-step through the assembly code and to
set breakpoints. You will likewise need to inspect both the registers and the memory states. One of the nice
side-effects of doing the lab is that you will significantly improve at using a debugger. This is a crucial skill
that will deliver big dividends the remainder of your career.
Logistics
You might work in a gathering of up to 2 individuals. You ought to do the assignment on felix, helix or matrix.
In fact, there is gossip that Dr. Evil truly is evil, and the bomb will constantly explode if run somewhere else. There
are a few other sealing devices built into the bomb too, or so they say.
Hand-In
There is no explicit hand-in. The bomb will notify your instructor automatically after you have successfully
defused it. You can monitor how you (and the other gatherings) are doing by looking at
http://www.csc.villanova.edu/~mdamian/csc2400/bomblab.html
This page is refreshed continuously to show the advancement of each gathering.
Hints (If it's not too much trouble, read this!)
There are numerous approaches to defusing your bomb. You can examine it meticulously without truly running the
program, and figure out exactly what it does. This is a valuable technique, however it not generally simple to do. The
quickest approach to defusing the bomb is to run it under the gdb debugger, watch what it does step by step, and
utilize this information to defuse it. We propose that you utilize the following tools to assist you with analyzing your bomb.
• gdb
The GNU debugger is a command line debugger tool available on virtually every stage. You can
trace through a program line by line, examine memory and registers, take a gander at both the source code and
assembly code (we are not giving you the source code for the greater part of your bomb), and set
breakpoints.
- Utilize the convenient gdb quick reference available on the class page.
• strings
This utility will display the printable strings in your bomb.
• objdump - t
This will print out the bomb's image table. The image table includes the names of all functions and
worldwide variables in the bomb, the names of the multitude of functions the bomb calls, and their addresses. You
may learn something by looking at the function names!
Step by step
Solved in 2 steps