GDB 调用不在 main 中的 function

Question

My professor gave us an assignment to step through x86 instructions produced by a c program using GDB to find passwords. Our job is to go through 6 phases and find the passwords hidden somewhere in the x86 instructions. I was able to go through all of them but at the end I noticed that in the x86 file, there was a function called secret_phase. It is my understanding that if we finish the secret_phase we get extra credit. The problem is, secret_phase is never called from the main function so I don't know how to even access it. Is there any way to call the secret_phase function from GDB?

Answer 1

If you're an optimist and hope that secret_phrase, say, just prints secret phrase on the screen, then do:

break main
run
call ((void(*)()) secret_phrase)()

Here you specify function prototype to call, the guess being it takes no arguments and returns nothing. If you expect it, eg to return secret phrase as char* you may try:

print ((char*(*)()) secret_phrase)()

or any other return type, but that's guesswork.

A more rigorous approach is to jump to that function, can be done at any point of execution:

break main
run
break secret_phrase
jump secret_phrase

(Note the second break, without it execution will proceed immediately and most likely program will crash since you jumped to function, not called it). After confirmation debugger will stop at the start of secret_phrase. Proceed with stepi with care, as soon as you execute retn instruction the program will likely crash. But you'll have a chance to examine the function closely.

All that aside you probably should start with disassemble secret_phrase just to look for clues.