Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
cs-465:project-11-extracting-secrets [2016/11/30 00:55]
oliphaun [Requirements]
cs-465:project-11-extracting-secrets [2016/11/30 00:57] (current)
oliphaun [Requirements]
Line 22: Line 22:
 * Use a debugger to bypass this password mechanism and make the program function normally. (Instead of exiting, it will print out a random quote from the file fortunes.enc.) This is done by modifying variables, registers, return addresses, etc. using the debugger. (See the [http://​www.gnu.org/​software/​ddd/​manual/​html_mono/​ddd.html ddd manual] or [http://​sourceware.org/​gdb/​current/​onlinedocs/​gdb/​ gdb manual] for help) * Use a debugger to bypass this password mechanism and make the program function normally. (Instead of exiting, it will print out a random quote from the file fortunes.enc.) This is done by modifying variables, registers, return addresses, etc. using the debugger. (See the [http://​www.gnu.org/​software/​ddd/​manual/​html_mono/​ddd.html ddd manual] or [http://​sourceware.org/​gdb/​current/​onlinedocs/​gdb/​ gdb manual] for help)
  
-* Now that you understand the code, open the executable in a hex editor (khexedit on the Linux machines) and modify the assembly code so that you can obtain a fortune every time you run the program. Perhaps any cdkey that you enter will now work, for instance. You may be able to insert noops (0x90) to effectively crack the executable. Dr. Seamons was able to do this by modifying just one byte in the executable [http://​www.kevssite.com/​2009/​04/​21/​using-vi-as-a-hex-editor//​ using vim as a hex editor]. The result will be a new executable file that you can run and obtain a fortune.+* Now that you understand the code, open the executable in a hex editor (khexedit on the Linux machines) and modify the assembly code so that you can obtain a fortune every time you run the program. Perhaps any cdkey that you enter will now work, for instance. You may be able to insert noops (0x90) to effectively crack the executable. Dr. Seamons was able to do this by modifying just one byte in the executable [http://​www.kevssite.com/​2009/​04/​21/​using-vi-as-a-hex-editor//​ using vim as a hex editor]. ​(vim works better for this than vi.) The result will be a new executable file that you can run and obtain a fortune.
  
 * Find a way to obtain all of the plaintext fortunes from fortunes.enc using the debugger. * Find a way to obtain all of the plaintext fortunes from fortunes.enc using the debugger.
cs-465/project-11-extracting-secrets.txt ยท Last modified: 2016/11/30 00:57 by oliphaun
Back to top
CC Attribution-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0