next [count]
// Continue to the next source line in the current (innermost) stack frame. This is similar to step, but function calls that appear within the line of code are executed without stopping. Execution stops when control reaches a different line of code at the original stack level that was executing when you gave the next command. This command is abbreviated n.
// An argument count is a repeat count, as for step.
004005ef <+50>: mov rax,QWORD PTR [rbp-0x10]
004005f3 <+54>: add rax,0x8
004005f7 <+58>: mov rax,QWORD PTR [rax]
004005fa <+61>: mov esi,0x4006da
004005ff <+66>: mov rdi,rax
00400602 <+69>: call 0x4004b0 <strcmp@plt>
(gdb) b main
(gdb) run BBBB
(gdb) b *0x0000000000400602
(gdb) n
(gdb) x/10s $rsi
0x4006da: "AAAA-Z10N-42-OK"
0x4006ea: "Access Granted!"
la strcmp viene fatta tra i due registri rsi e rdi, e ritorna zero se contengono stringhe uguali;
ltrace ./license_1 AAAA
__libc_start_main(0x4005bd, 2, 0x7ffccebfc2d8, 0x400640 <unfinished ...>
printf("Checking License: %s\n", "AAAA"Checking License: AAAA
) = 23
strcmp("AAAA", "AAAA-Z10N-42-OK") = -45
puts("WRONG!"WRONG!
) = 7
+++ exited (status 0) +++
C Code
#include <string.h>
#include <stdio.h>
int main(int argc, char *argv[]) {
if(argc==2) {
printf("Checking License: %s\n", argv[1]);
if(strcmp(argv[1], "AAAA-Z10N-42-OK")==0) {
printf("Access Granted!\n");
} else {
printf("WRONG!\n");
}
} else {
printf("Usage: <key>\n");
}
return 0;
}
Reverse-engineering is the act of dismantling an object to see how it works. It is done primarily to analyze and gain knowledge about the way something works but often is used to duplicate or enhance the object. Many things can be reverse-engineered, including software, physical machines, military technology and even biological functions related to how genes work.
