Ceng Recitation 1 - Defusing a Binary Bomb

Size: px

Start display at page:

Download "Ceng Recitation 1 - Defusing a Binary Bomb"

Mary Curtis
6 years ago
Views:

1 Ceng Recitation 1 - Defusing a Binary Bomb Middle East Technical University Department of Computer Engineering Nov 2, :45

2 INTRODUCTION OVERVIEW OF BOMBLAB SOME USEFUL GDB COMMANDS RESOURCES DEMO

3 INTRODUCTION Oh Noo!!! Dr. Evil placed an evil program in INEK machines, we have to stop him!!!

4 MOTIVATION To make you familiar with assembly by hacking into some real programs. Understanding machine level operations. Improving your debugging skills by using debuggers.

5 BOMB LAB We give you: Partial source code, in which Dr. Evil mocks you The executable file itself. You can t read C source code. So, how can you figure out what it does? From the binary executable!!!

6 GET YOUR OWN BOMB

7 SCOREBOARD

8 WHAT DOES IT DO Each student will get an special executable bomb and a bomb.c file. Executable expects strings from you, if you enter a wrong string it will explode (prints a BOOM message and sends signal to server). And your points will decrease. Strings that you enter are like passwords. Each time you enter a correct password you will proceed to a new phase. YOU CAN ONLY WORK FROM INEK MACHINES (You can connect them with ssh from outside.)

9 HOW TO START With objdump -d command you can get assembly code of executable. Example usage objdump -d bomb >> bomb.s write assembly code in bomb.s Search function names you found in bomb.c in assembly file and trace what it does. With strings command. It prints all strings in the executable into a text file. Maybe some of these strings are used as answers!

10 EXAMPLE

11 SOME HINTS Make sure you run it with GDB, this way you can put breakpoints before exploding happens. If you run it without GDB and breakpoints, it will explode unless you enter all the correct answers in a one shot fashion. You don t have to enter all the strings you find, you can feed them in. In GDB run <- solutions.txt. solutions.txt is the place where you put your answers. Example usage will be provided in GDB part.

12 GDB - CRASH COURSE GDB: The GNU Project Debugger Helps debugging the executable by running it line by line and putting break points to needed areas. Use it with an executable. For example: gdb bomb. b puts a break-point. (stops program from going further).

13 BOMB.C FILE

14 EXAMPLE 2

15 GDB - CRASH COURSE CONT D r runs the executable until a break point occurs. disas command prints the assembly code of a specific phase to terminal (or you can just use your bomb.s file you created with objdump). Use it with an executable. For example: gdb bomb. b puts a break-point. (stops program from going further).

16 EXAMPLE 3

17 ONE LAST HINT The bomb frequently calls sscanf to read in formatted arguments. Example: %s %x %s represents an input of a string, hex number, and string. This could be handy in figuring out what kinds of arguments a phase is expecting. Man sscanf!!!

18 RESOURCES A cheat sheet about GDB: Chapter 3 - from your book. Read hw text carefully!! All of the details are written there. You can use piazza for discussions. Or you can visit TA Fatih Semiz at A-206 or send fsemiz@ceng.metu.edu.tr

19 I NTRODUCTION O VERVIEW OF B OMBLAB L ET S TRY OUT!! S OME U SEFUL GDB C OMMANDS R ESOURCES D EMO

CSE 361 Fall 2017 Lab Assignment L2: Defusing a Binary Bomb Assigned: Wednesday Sept. 20 Due: Wednesday Oct. 04 at 11:59 pm

CSE 361 Fall 2017 Lab Assignment L2: Defusing a Binary Bomb Assigned: Wednesday Sept. 20 Due: Wednesday Oct. 04 at 11:59 pm 1 Introduction NOTE: You will want to read this entire document carefully before