CyberShell/UAHCode
1
0
Fork 0
Code
37a216e614
UAHCode/CPE455/Quiz-Bravo/protected.txt
Andrew W 7dabaef6f6 added more code
2022-08-28 16:12:16 -05:00

93 lines
3.7 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Script started on Thu 24 Feb 2022 10:16:22 AM CST
[?1034hbash-4.2$ ./protected_bapp
Enter the password now: aaaa
Login failure
suppliedPassword: aaaa
correctPassword: aaaaabbbbbccccc
bash-4.2$ ./protected_bapp
Enter the password now: aaaaabbbbbccccc
Login successful
suppliedPassword: aaaaabbbbbccccc
correctPassword: aaaaabbbbbccccc
bash-4.2$ perl -e 'print "a"x90' | ./protected_bapp
Enter the password now:
Login failure
suppliedPassword: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
correctPassword: aaaaabbbbbccccc
*** stack smashing detected ***: ./protected_bapp terminated
Segmentation fault
bash-4.2$ gdb ./protected_bapp
[?1034hGNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-120.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/student/anw0044/CPE455/Quiz-Bravo/protected_bapp...done.
(gdb) break main
Breakpoint 1 at 0x400716: file bapp.c, line 13.
(gdb) run
Starting program: /home/student/anw0044/CPE455/Quiz-Bravo/./protected_bapp
Breakpoint 1, main () at bapp.c:13
13 {
Missing separate debuginfos, use: debuginfo-install glibc-2.17-325.el7_9.x86_64
(gdb) info locals
correctPassword = "\000\000\000\000\000\000\000\000\377\265\360\000\000\000\000\000\001\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) rstep
17 printf("\nEnter the password now: ");
(gdb) instepinfo locals
correctPassword = "\000\000\000\000\000\000\000\000\377\265\360\000\000\000\000\000\001\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) info locals
step
18 strncpy(correctPassword, "aaaaabbbbbccccc", BUFFER_SIZE);
(gdb) stepinfo locals
correctPassword = "\000\000\000\000\000\000\000\000\377\265\360\000\000\000\000\000\001\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) info locals
step
19 gets(suppliedPassword);
(gdb) stepinfo locals
correctPassword = "aaaaabbbbbccccc\000\000\000\000"
suppliedPassword = "\320\340\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\a@"
(gdb) info locals
step
Enter the password now: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
20 printf("\n");
(gdb) stepinfo locals
correctPassword = "aaaaabbbbbccccc\000\000\000\000"
suppliedPassword = 'a' <repeats 20 times>
(gdb) info locals
stepinfo locals
stepinfo locals
continue
Continuing.
Login failure
suppliedPassword: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
correctPassword: aaaaabbbbbccccc
*** stack smashing detected ***: /home/student/anw0044/CPE455/Quiz-Bravo/./protected_bapp terminated
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff78060f8 in ?? () from /lib64/libgcc_s.so.1
Missing separate debuginfos, use: debuginfo-install libgcc-4.8.5-39.el7.x86_64 libgcc-4.8.5-44.el7.x86_64
(gdb) quit
A debugging session is active.
Inferior 1 [process 6749] will be killed.
Quit anyway? (y or n) y
bash-4.2$ exit
exit
Script done on Thu 24 Feb 2022 10:19:55 AM CST
View Git Blame Copy Permalink