Linux 二元炸弹实验室第5阶段的最后一部分(共9个)
我在x86汇编中的二进制炸弹实验室工作,at&t版本。我正在进行这一阶段的工作,我可以进入代码的最后一部分,但我不了解这最后几行中发生了什么。我现在正在放春假,所以我不能上学,我想知道我是否能在这里得到任何帮助。多谢各位 好的,我首先运行程序并输入3个输入。Linux 二元炸弹实验室第5阶段的最后一部分(共9个),linux,debugging,assembly,binary,x86,Linux,Debugging,Assembly,Binary,X86,我在x86汇编中的二进制炸弹实验室工作,at&t版本。我正在进行这一阶段的工作,我可以进入代码的最后一部分,但我不了解这最后几行中发生了什么。我现在正在放春假,所以我不能上学,我想知道我是否能在这里得到任何帮助。多谢各位 好的,我首先运行程序并输入3个输入。 [bomb46]$ gdb bomb GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7 Copyright (C) 2013 Free
[bomb46]$ gdb bomb
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
(gdb) b phase_5
Breakpoint 1 at 0x8048da4
(gdb) r answers.txt
Welcome to my fiendish little bomb. You have 9 phases with
which to blow yourself up. Have a nice day!
Phase 1 defused. How about the next one?
That's number 2. Keep going!
One step closer.
So you got that one. Try this one.
7 0 696
(gdb) ni
0x08048ddd in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
=> 0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) ni
0x08048de2 in phase_5 ()
(gdb) ni
0x08048de8 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
=> 0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) ni
0x08048dec in phase_5 ()
(gdb) ni
0x08048ec6 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
=> 0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) ni
0x08048ecb in phase_5 ()
(gdb) ni
0x08048ed3 in phase_5 ()
(gdb) ni
0x08048eeb in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
=> 0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) x/d $esp+0x27
0xffffce97: 1840
(gdb) x/b $esp+0x27
0xffffce97: 48
(gdb) x/d $esp+0x27
0xffffce97: 48
(gdb) p $al
$1 = 98
(gdb) ni
0x08048eef in phase_5 ()
(gdb) ni
0x08048ef1 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
=> 0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) q
A debugging session is active.
Inferior 1 [process 18264] will be killed.
Quit anyway? (y or n) y
[bomb46]$ gdb bomb
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
(gdb) b phase_5
Breakpoint 1 at 0x8048da4
(gdb) r answers.txt
Welcome to my fiendish little bomb. You have 9 phases with
which to blow yourself up. Have a nice day!
Phase 1 defused. How about the next one?
That's number 2. Keep going!
One step closer.
So you got that one. Try this one.
7 0 696
(gdb) ni
0x08048ddd in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
=> 0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) ni
0x08048de2 in phase_5 ()
(gdb) ni
0x08048de8 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
=> 0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) ni
0x08048dec in phase_5 ()
(gdb) ni
0x08048ec6 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
=> 0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) ni
0x08048ecb in phase_5 ()
(gdb) ni
0x08048ed3 in phase_5 ()
(gdb) ni
0x08048eeb in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
=> 0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) x/d $esp+0x27
0xffffce97: 1840
(gdb) x/b $esp+0x27
0xffffce97: 48
(gdb) x/d $esp+0x27
0xffffce97: 48
(gdb) p $al
$1 = 98
(gdb) ni
0x08048eef in phase_5 ()
(gdb) ni
0x08048ef1 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
=> 0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) q
A debugging session is active.
Inferior 1 [process 18264] will be killed.
Quit anyway? (y or n) y
(gdb)ni
0x08048eef在相位_5()
(gdb)ni
0x08048ef1处于相位_5()
(gdb)disas
功能阶段_5的汇编程序代码转储:
0x08048da4:子$0x3c,%esp
0x08048da7:lea 0x2c(%esp),%eax
0x08048dab:mov%eax,0x10(%esp)
0x08048daf:lea 0x27(%esp),%eax
0x08048db3:mov%eax,0xc(%esp)
0x08048db7:lea 0x28(%esp),%eax
0x08048dbb:mov%eax,0x8(%esp)
0x08048dbf:movl$0x804a54c,0x4(%esp)
0x08048dc7:mov 0x40(%esp),%eax
0x08048dcb:mov%eax,(%esp)
0x08048dce:调用0x8048900
0x08048dd3:cmp$0x2,%eax
0x08048dd6:jg 0x8048ddd
0x08048dd8:调用0x8049515
0x08048ddd:cmpl$0x7,0x28(%esp)
0x08048de2:ja 0x8048ee1
0x08048de8:mov 0x28(%esp),%eax
0x08048dec:jmp*0x804a5a0(,%eax,4)
0x08048df3:mov$0x67,%eax
0x08048df8:cmpl$0x2c5,0x2c(%esp)
0x08048e00:je 0x8048eeb
0x08048e06:调用0x8049515
0x08048e0b:mov$0x67,%eax
0x08048e10:jmp 0x8048eeb
0x08048e15:mov$0x73,%eax
0x08048e1a:cmpl$0x78,0x2c(%esp)
---键入以继续,或键入q以退出---
0x08048e1f:je 0x8048eeb
0x08048e25:调用0x8049515
0x08048e2a:mov$0x73,%eax
0x08048e2f:jmp 0x8048eeb
0x08048e34:mov$0x64,%eax
0x08048e39:cmpl$0x1fd,0x2c(%esp)
0x08048e41:je 0x8048eeb
0x08048e47:调用0x8049515
0x08048e4c:mov$0x64,%eax
0x08048e51:jmp 0x8048eeb
0x08048e56:mov$0x66,%eax
0x08048e5b:cmpl$0x363,0x2c(%esp)
0x08048e63:je 0x8048eeb
0x08048e69:调用0x8049515
0x08048e6e:mov$0x66,%eax
0x08048e73:jmp 0x8048eeb
0x08048e75:mov$0x70,%eax
0x08048e7a:cmpl$0x161,0x2c(%esp)
0x08048e82:je 0x8048eeb
0x08048e84:调用0x8049515
0x08048e89:mov$0x70,%eax
0x08048e8e:jmp 0x8048eeb
0x08048e90:mov$0x6f,%eax
0x08048e95:cmpl$0x329,0x2c(%esp)
0x08048e9d:je 0x8048eeb
0x08048e9f:调用0x8049515
0x08048ea4:mov$0x6f,%eax
---键入以继续,或键入q以退出---
0x08048ea9:jmp 0x8048eeb
0x08048eab:mov$0x64,%eax
0x08048eb0:cmpl$0x273,0x2c(%esp)
0x08048eb8:je 0x8048eeb
0x08048eba:调用0x8049515
0x08048ebf:mov$0x64,%eax
0x08048ec4:jmp 0x8048eeb
0x08048ec6:mov$0x62,%eax
0x08048ecb:cmpl$0x2b8,0x2c(%esp)
0x08048ed3:je 0x8048eeb
0x08048ed5:调用0x8049515
0x08048eda:mov$0x62,%eax
0x08048edf:jmp 0x8048eeb
0x08048ee1:调用0x8049515
0x08048ee6:mov$0x67,%eax
0x08048eeb:cmp 0x27(%esp),%al
0x08048eef:je 0x8048ef6
=>0x08048ef1:调用0x8049515
0x08048ef6:添加$0x3c,%esp
0x08048ef9:ret
汇编程序转储结束。
(gdb)q
调试会话处于活动状态。
低级1[进程18264]将被杀死。
还是退出?(y或n)y
我想知道我是否能得到任何帮助,也许我遗漏了什么,没有意识到,或者没有完全理解,我不知道此时该怎么办。显然,第一个数字微不足道地决定了另外两个,不知道你的问题是什么。第二个数字为什么不能输入
9898[bomb46]$ gdb bomb
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
(gdb) b phase_5
Breakpoint 1 at 0x8048da4
(gdb) r answers.txt
Welcome to my fiendish little bomb. You have 9 phases with
which to blow yourself up. Have a nice day!
Phase 1 defused. How about the next one?
That's number 2. Keep going!
One step closer.
So you got that one. Try this one.
7 0 696
(gdb) ni
0x08048ddd in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
=> 0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) ni
0x08048de2 in phase_5 ()
(gdb) ni
0x08048de8 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
=> 0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---q
Quit
(gdb) ni
0x08048dec in phase_5 ()
(gdb) ni
0x08048ec6 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
=> 0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) ni
0x08048ecb in phase_5 ()
(gdb) ni
0x08048ed3 in phase_5 ()
(gdb) ni
0x08048eeb in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
=> 0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) x/d $esp+0x27
0xffffce97: 1840
(gdb) x/b $esp+0x27
0xffffce97: 48
(gdb) x/d $esp+0x27
0xffffce97: 48
(gdb) p $al
$1 = 98
(gdb) ni
0x08048eef in phase_5 ()
(gdb) ni
0x08048ef1 in phase_5 ()
(gdb) disas
Dump of assembler code for function phase_5:
0x08048da4 <+0>: sub $0x3c,%esp
0x08048da7 <+3>: lea 0x2c(%esp),%eax
0x08048dab <+7>: mov %eax,0x10(%esp)
0x08048daf <+11>: lea 0x27(%esp),%eax
0x08048db3 <+15>: mov %eax,0xc(%esp)
0x08048db7 <+19>: lea 0x28(%esp),%eax
0x08048dbb <+23>: mov %eax,0x8(%esp)
0x08048dbf <+27>: movl $0x804a54c,0x4(%esp)
0x08048dc7 <+35>: mov 0x40(%esp),%eax
0x08048dcb <+39>: mov %eax,(%esp)
0x08048dce <+42>: call 0x8048900 <__isoc99_sscanf@plt>
0x08048dd3 <+47>: cmp $0x2,%eax
0x08048dd6 <+50>: jg 0x8048ddd <phase_5+57>
0x08048dd8 <+52>: call 0x8049515 <explode_bomb>
0x08048ddd <+57>: cmpl $0x7,0x28(%esp)
0x08048de2 <+62>: ja 0x8048ee1 <phase_5+317>
0x08048de8 <+68>: mov 0x28(%esp),%eax
0x08048dec <+72>: jmp *0x804a5a0(,%eax,4)
0x08048df3 <+79>: mov $0x67,%eax
0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp)
0x08048e00 <+92>: je 0x8048eeb <phase_5+327>
0x08048e06 <+98>: call 0x8049515 <explode_bomb>
0x08048e0b <+103>: mov $0x67,%eax
0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327>
0x08048e15 <+113>: mov $0x73,%eax
0x08048e1a <+118>: cmpl $0x78,0x2c(%esp)
---Type <return> to continue, or q <return> to quit---
0x08048e1f <+123>: je 0x8048eeb <phase_5+327>
0x08048e25 <+129>: call 0x8049515 <explode_bomb>
0x08048e2a <+134>: mov $0x73,%eax
0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327>
0x08048e34 <+144>: mov $0x64,%eax
0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp)
0x08048e41 <+157>: je 0x8048eeb <phase_5+327>
0x08048e47 <+163>: call 0x8049515 <explode_bomb>
0x08048e4c <+168>: mov $0x64,%eax
0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327>
0x08048e56 <+178>: mov $0x66,%eax
0x08048e5b <+183>: cmpl $0x363,0x2c(%esp)
0x08048e63 <+191>: je 0x8048eeb <phase_5+327>
0x08048e69 <+197>: call 0x8049515 <explode_bomb>
0x08048e6e <+202>: mov $0x66,%eax
0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327>
0x08048e75 <+209>: mov $0x70,%eax
0x08048e7a <+214>: cmpl $0x161,0x2c(%esp)
0x08048e82 <+222>: je 0x8048eeb <phase_5+327>
0x08048e84 <+224>: call 0x8049515 <explode_bomb>
0x08048e89 <+229>: mov $0x70,%eax
0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327>
0x08048e90 <+236>: mov $0x6f,%eax
0x08048e95 <+241>: cmpl $0x329,0x2c(%esp)
0x08048e9d <+249>: je 0x8048eeb <phase_5+327>
0x08048e9f <+251>: call 0x8049515 <explode_bomb>
0x08048ea4 <+256>: mov $0x6f,%eax
---Type <return> to continue, or q <return> to quit---
0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327>
0x08048eab <+263>: mov $0x64,%eax
0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp)
0x08048eb8 <+276>: je 0x8048eeb <phase_5+327>
0x08048eba <+278>: call 0x8049515 <explode_bomb>
0x08048ebf <+283>: mov $0x64,%eax
0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327>
0x08048ec6 <+290>: mov $0x62,%eax
0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp)
0x08048ed3 <+303>: je 0x8048eeb <phase_5+327>
0x08048ed5 <+305>: call 0x8049515 <explode_bomb>
0x08048eda <+310>: mov $0x62,%eax
0x08048edf <+315>: jmp 0x8048eeb <phase_5+327>
0x08048ee1 <+317>: call 0x8049515 <explode_bomb>
0x08048ee6 <+322>: mov $0x67,%eax
0x08048eeb <+327>: cmp 0x27(%esp),%al
0x08048eef <+331>: je 0x8048ef6 <phase_5+338>
=> 0x08048ef1 <+333>: call 0x8049515 <explode_bomb>
0x08048ef6 <+338>: add $0x3c,%esp
0x08048ef9 <+341>: ret
End of assembler dump.
(gdb) q
A debugging session is active.
Inferior 1 [process 18264] will be killed.
Quit anyway? (y or n) y