gdb無法訪問$ ebp地址處的內存
[英]gdb Cannot access memory at address of $ebp
問題描述
整個代碼是:
#include <stdio.h>
#include <string.h>
#include <unistd.h>
char *secret = "1234";
void go_shell()
{
char *shell = "/bin/sh";
char *cmd[] = { "/bin/sh", 0};
printf("WOuld you like to play a game?\n");
setreuid(0, 0);
execve(shell, cmd, 0);
}
int authorize()
{
char password[64];
printf("Enter password: ");
gets(password);
if (!strcmp(password, secret))
return 1;
else
return 0;
}
int main()
{
if (authorize()) {
printf("Login successfully\n");
go_shell();
} else {
printf("Incorrect password\n");
}
return 0;
}
我想看到當調用authorize()時的$ ebp。
編譯與
gcc -Wall -ggdb <source_code> -o <exe>
然后我開始了gdb
gdb <exe>
(gdb) disass authorize
Dump of assembler code for function authorize:
0x000000000040076d <+0>: push %rbp
0x000000000040076e <+1>: mov %rsp,%rbp
0x0000000000400771 <+4>: sub $0x50,%rsp
0x0000000000400775 <+8>: mov %fs:0x28,%rax
0x000000000040077e <+17>: mov %rax,-0x8(%rbp)
0x0000000000400782 <+21>: xor %eax,%eax
0x0000000000400784 <+23>: mov $0x4008d8,%edi
0x0000000000400789 <+28>: mov $0x0,%eax
0x000000000040078e <+33>: callq 0x400590 <printf@plt>
0x0000000000400793 <+38>: lea -0x50(%rbp),%rax
0x0000000000400797 <+42>: mov %rax,%rdi
0x000000000040079a <+45>: mov $0x0,%eax
0x000000000040079f <+50>: callq 0x4005d0 <gets@plt>
0x00000000004007a4 <+55>: mov 0x2008bd(%rip),%rdx # 0x601068 <secret>
0x00000000004007ab <+62>: lea -0x50(%rbp),%rax
0x00000000004007af <+66>: mov %rdx,%rsi
0x00000000004007b2 <+69>: mov %rax,%rdi
0x00000000004007b5 <+72>: callq 0x4005c0 <strcmp@plt>
0x00000000004007ba <+77>: test %eax,%eax
0x00000000004007bc <+79>: jne 0x4007c5 <authorize+88>
0x00000000004007be <+81>: mov $0x1,%eax
0x00000000004007c3 <+86>: jmp 0x4007ca <authorize+93>
0x00000000004007c5 <+88>: mov $0x0,%eax
0x00000000004007ca <+93>: mov -0x8(%rbp),%rcx
0x00000000004007ce <+97>: xor %fs:0x28,%rcx
0x00000000004007d7 <+106>: je 0x4007de <authorize+113>
0x00000000004007d9 <+108>: callq 0x400580 <__stack_chk_fail@plt>
0x00000000004007de <+113>: leaveq
0x00000000004007df <+114>: retq
End of assembler dump.
(gdb) br *authorize+33
Breakpoint 1 at 0x40078e: file simple_login.c, line 19.
(gdb) run
Starting program: ./a.out
Breakpoint 1, 0x000000000040078e in authorize () at simple_login.c:19
19 printf("Enter password: ");
(gdb) where
#0 0x000000000040078e in authorize () at simple_login.c:19
#1 0x00000000004007ee in main () at simple_login.c:29
(gdb) x/2x $ebp
0xffffffffffffe4a0: Cannot access memory at address 0xffffffffffffe4a0
在ubuntu64位上,Linux版本4.8.0-44-generic(buildd @ xxxx)(gcc版本5.4.0 20160609(Ubuntu 5.4.0-6ubuntu1〜16.04.4))#47〜16.04.1-Ubuntu SMP
提前致謝。
1 個解決方案
解決方案1
1 2017-05-07 16:09:26
Dump of assembler code for function authorize: 0x000000000040076d <+0>: push %rbp
這是一個64位版本。 您應該改為使用x/2x $rbp 。
在程序中打印可以正常工作,但是gdb表示“無法訪問地址…”
[英]Print in program works but gdb says “Cannot access memory at address …”
C 程序遇到分段錯誤。 (gdb) 無法在地址訪問 memory
[英]C Program bump into segmentation fault. (gdb) Cannot access memory at address
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.