policebox: ELF 32-bit LSB executables, Intel 80386
core: ELF 32-bit LSB core file Intel 80386
and the core file contains a record.
with gdb, a simple solution can be derived as follows:
zemisolsol@ubuntu:~$ gdb ./policebox -q
Reading symbols from /home/zemisolsol/policebox...(no debugging symbols found)...done.
(gdb) record restore core
[New LWP 17170]
warning: .dynamic section for "/lib/i386-linux-gnu/libc.so.6" is not at the expected address (wrong library or version mismatch?)
warning: .dynamic section for "/lib/ld-linux.so.2" is not at the expected address (wrong library or version mismatch?)
Core was generated by `policebox'.
#0 0x08048621 in main ()
Restored records from core file /home/zemisolsol/core.
#0 0x08048621 in main ()
(gdb) b *main+123
Breakpoint 1 at 0x8048699
(gdb) disp/x $eax
1: /x $eax = 0x1
(gdb) c
Continuing.
Breakpoint 1, 0x08048699 in main ()
1: /x $eax = 0x77
(gdb) c
Continuing.
Breakpoint 1, 0x08048699 in main ()
1: /x $eax = 0x30
(gdb) c
Continuing.
Breakpoint 1, 0x08048699 in main ()
1: /x $eax = 0x72
(gdb)
Breakpoint 1, 0x08048699 in main ()
1: /x $eax = 0x6c
(gdb)
Continuing.
Breakpoint 1, 0x08048699 in main ()
1: /x $eax = 0x64
(gdb)
Continuing.
Breakpoint 1, 0x08048699 in main ()
1: /x $eax = 0x73
(gdb)
Continuing.
.
.
.
So, the key is "w0rlds.w0rst.k3yl0gger!"
Very exclusive blog about def con. Quite interesting and nice topic chosen for the post Nice Post keep it up.
답글삭제DEF CON 24 - Chris Rock