RSS Feed

Hacking the Art of Exploitation

Created: 01.03.2021

I’ve been longing to finish Hacking the Art of Exploitation book, but I needed VM for that and this wasn’t very convenient. But recently I’ve set my EC2 AWS environment and am going to use VMs remotely. This makes it easier to finally finish the book 📚.

# compile
gcc firstprog.c
# check a.out
# ls -l a.out 

# run

objdump -D a.out | grep -A20 main.:

gcc -g firstprog.c
gcc -o char_array char_array.c

gdb -q ./firstprog.o
break main
info registers



Failed to install gcc of the previous versions therefore decided to compile with the VM on other laptop and copy on AWS.

gdb with a -g flag will simply allow access to source code and use the debugging symbols (for example, to label functions with their original names).

Now, the examine command.

(gdb) x/x $eip # display the value of eip as a 32-bit (64 for 64bit OS) hex value
(gdb) x/2x $eip # display 8 bytes (64bits) starting at address in eip in hex
(gdb) x/2o $eip # display 8 bytes (64bits) starting at address in eip in octal
(gdb) x/8xb $eip # display 8 * 4 bytes starting from eip as blocks of 1 byte
(gdb) x/10i $eip # display 10 instructions starting from eip

To print the call stack, type bt (backtrace). Type in again to review the current stack.

&address # show the address of the variable 
*address # show the contents of the variable, called dereference