Simple-check-100-GDB dynamic debugging bypass judgment function
IDA static debugging
You can easily determine that the interesting _function function is a function with a flag hidden. Click to view the pseudo code and
you can see that this function has an output part. If it can be reversed, it will be the flag, but after viewing it, I gave up. This memory refers to the past. Annoying, so I went to see the check function:
Can this be judged to be true? ? ? ? ? ?
Direct gdb dynamic debugging, bypass this function
gdb dynamic debugging
Linux opens the command line, enters the command, and
gdb task9_x86_64_46d01fe312d35ecf69c4ff8ab8ace75d080891dcr
r
sets a breakpoint.
b check_key
Keep entering the n
command until you compare v3 and -559038737
to determine this place. Try to modify the value of ptr [rbp-0x10] to -559038737, but it keeps prompting that you cannot modify void to this value, so I continue n
until the test command.
Because the previous comparison fails, eax will be assigned a value of 0, so we only need to change the value of eax to 1.
Use the command here set $eax=1
and continue c
until the end of the program.
You can see the output flag: flag_is_you_know_cracking!!!
favorite Partners can make three connections with one click! thank! !