CyberShell/UAHCode
1
0
Fork 0
Code
37a216e614
UAHCode/CPE455/Quiz-Bravo/protected.txt

93 lines
3.7 KiB
Plaintext
Raw Normal View History

added more code
2022-08-28 21:12:16 +00:00
Script started on Thu 24 Feb 2022 10:16:22 AM CST
[?1034hbash-4.2$ ./protected_bapp
Enter the password now: aaaa
Login failure
suppliedPassword: aaaa
correctPassword: aaaaabbbbbccccc
bash-4.2$ ./protected_bapp
Enter the password now: aaaaabbbbbccccc
Login successful
suppliedPassword: aaaaabbbbbccccc
correctPassword: aaaaabbbbbccccc
bash-4.2$ perl -e 'print "a"x90' | ./protected_bapp
Enter the password now:
Login failure
suppliedPassword: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
correctPassword: aaaaabbbbbccccc
*** stack smashing detected ***: ./protected_bapp terminated
Segmentation fault
bash-4.2$ gdb ./protected_bapp
[?1034hGNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-120.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/student/anw0044/CPE455/Quiz-Bravo/protected_bapp...done.
(gdb) break main
Breakpoint 1 at 0x400716: file bapp.c, line 13.
(gdb) run
Starting program: /home/student/anw0044/CPE455/Quiz-Bravo/./protected_bapp
Breakpoint 1, main () at bapp.c:13
13 {
Missing separate debuginfos, use: debuginfo-install glibc-2.17-325.el7_9.x86_64
(gdb) info locals
correctPassword = "\000\000\000\000\000\000\000\000\377\265\360\000\000\000\000\000\001\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) rstep
17 printf("\nEnter the password now: ");
(gdb) instepinfo locals
correctPassword = "\000\000\000\000\000\000\000\000\377\265\360\000\000\000\000\000\001\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) info locals step
18 strncpy(correctPassword, "aaaaabbbbbccccc", BUFFER_SIZE);
(gdb) stepinfo locals
correctPassword = "\000\000\000\000\000\000\000\000\377\265\360\000\000\000\000\000\001\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) info locals step
19 gets(suppliedPassword);
(gdb) stepinfo locals
correctPassword = "aaaaabbbbbccccc\000\000\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) info locals step
Enter the password now: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
20 printf("\n");
(gdb) stepinfo locals
correctPassword = "aaaaabbbbbccccc\000\000\000\000"
suppliedPassword = 'a' <repeats 20 times>
(gdb) info locals stepinfo locals stepinfo locals continue
Continuing.
Login failure
suppliedPassword: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
correctPassword: aaaaabbbbbccccc
*** stack smashing detected ***: /home/student/anw0044/CPE455/Quiz-Bravo/./protected_bapp terminated
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff78060f8 in ?? () from /lib64/libgcc_s.so.1
Missing separate debuginfos, use: debuginfo-install libgcc-4.8.5-39.el7.x86_64 libgcc-4.8.5-44.el7.x86_64
(gdb) quit
A debugging session is active.
Inferior 1 [process 6749] will be killed.
Quit anyway? (y or n) y
bash-4.2$ exit
exit
Script done on Thu 24 Feb 2022 10:19:55 AM CST
Copy Permalink