Reykjavik
Last updated
Was this helpful?
Last updated
Was this helpful?
If we look at the main function, we can see that it is much shorter now.
It makes the following calls:
enc: Encodes the passwords.
0x2400: It is a address in memory.
That is interesting, why would it call to a memory address? Could it be instructions? Before we look into that, let's set a breakpoint there using break 444a.
If we step through the function and then check the memory address, we can see that the bytes in memory.
Let's get a better look using the following command:
I think it is time to use the disassembler that we have been provided.
If we clean the bytes, and enter those into the disassembler, we can see the respective assembly instructions.
There's more instructions but for now let's go through these first.
It seems like the last instruction is comparing the the data at r4 - 0x24 with 0x82e1.
Looking at the register state table, we can see the value of r4.
So the the data that is being compared is from 0x43fe - 0x24 which is 0x43da.
Let's input our password.
If we check the locations at which our input is stored we can see that it is also stored at 0x43da.
Note that for this comparison, the program will interpret the bytes as little endian, so we have to store 0xe182 into memory.
Let's reset the program and provide our input.
If we continue the program execution:
Looks like some more engineers are going to be sacked...
