C代码逆向工程中错误的用户和密码
wrong user and password in C code reverse engineering
我从二进制文件中获得这段代码,要求输入用户名和密码,我设法找到了用户 "mari" 和密码 "luig",但它说错误的用户名是代码:
undefined8 main(void)
{
int iVar1;
undefined4 local_96;
undefined2 local_92;
undefined local_90;
undefined4 local_8f;
undefined2 local_8b;
undefined local_89;
char local_88 [64];
char local_48 [64];
local_8f = 0x6769756c;
local_8b = 0x3169;
local_89 = 0;
local_96 = 0x6972616d;
local_92 = 0x316f;
local_90 = 0;
printf("enter username :");
__isoc99_scanf(&DAT_00102019,local_48);
iVar1 = strcmp(local_48,(char *)&local_96);
if (iVar1 == 0) {
printf("enter password :");
__isoc99_scanf(&DAT_00102019,local_88);
iVar1 = strcmp(local_88,(char *)&local_8f);
if (iVar1 == 0) {
printf("welldone use it to submit the flag :D");
}
else {
printf("wrong password");
}
}
else {
printf("wrong username");
}
return 0;
}
为什么 "mari" 作为用户和 "luig" 作为密码不起作用?
要比较的用户名和密码以十六进制形式存储在整数变量中:
local_8f = 0x6769756c; // 4 byte variable: g i u l
local_8b = 0x3169; // 2 byte variable: 1 i
local_89 = 0; // 1 byte variable: [=10=]
local_96 = 0x6972616d; // 4 byte variable: i r a m
local_92 = 0x316f; // 2 byte variable: 1 o
local_90 = 0; // 1 byte variable: [=10=]
这些变量以字节反转的方式存储在内存中。
所以变量local_8f在内存中解释为字符串时,实际读取为luigi1[=12=],变量local_96在内存中解释为字符串时,实际读取为mario1[=14=]。这些是您必须输入的uid/pwd。
我从二进制文件中获得这段代码,要求输入用户名和密码,我设法找到了用户 "mari" 和密码 "luig",但它说错误的用户名是代码:
undefined8 main(void)
{
int iVar1;
undefined4 local_96;
undefined2 local_92;
undefined local_90;
undefined4 local_8f;
undefined2 local_8b;
undefined local_89;
char local_88 [64];
char local_48 [64];
local_8f = 0x6769756c;
local_8b = 0x3169;
local_89 = 0;
local_96 = 0x6972616d;
local_92 = 0x316f;
local_90 = 0;
printf("enter username :");
__isoc99_scanf(&DAT_00102019,local_48);
iVar1 = strcmp(local_48,(char *)&local_96);
if (iVar1 == 0) {
printf("enter password :");
__isoc99_scanf(&DAT_00102019,local_88);
iVar1 = strcmp(local_88,(char *)&local_8f);
if (iVar1 == 0) {
printf("welldone use it to submit the flag :D");
}
else {
printf("wrong password");
}
}
else {
printf("wrong username");
}
return 0;
}
为什么 "mari" 作为用户和 "luig" 作为密码不起作用?
要比较的用户名和密码以十六进制形式存储在整数变量中:
local_8f = 0x6769756c; // 4 byte variable: g i u l
local_8b = 0x3169; // 2 byte variable: 1 i
local_89 = 0; // 1 byte variable: [=10=]
local_96 = 0x6972616d; // 4 byte variable: i r a m
local_92 = 0x316f; // 2 byte variable: 1 o
local_90 = 0; // 1 byte variable: [=10=]
这些变量以字节反转的方式存储在内存中。
所以变量local_8f在内存中解释为字符串时,实际读取为luigi1[=12=],变量local_96在内存中解释为字符串时,实际读取为mario1[=14=]。这些是您必须输入的uid/pwd。