我试图在调用函数 strcpy() 时在 GDB 上设置断点,但是 GDB 停止了,而且我不知道如何找到错误,我是 GDB 新手,我想研究二进制利用,所以我正在阅读的论坛对此没有任何解释,这里是输出;
(gdb) disassemble main
Dump of assembler code for function main:
0x00000000000011c9 <+0>: endbr64
0x00000000000011cd <+4>: push rbp
0x00000000000011ce <+5>: mov rbp,rsp
0x00000000000011d1 <+8>: sub rsp,0x50
0x00000000000011d5 <+12>: mov DWORD PTR [rbp-0x44],edi
0x00000000000011d8 <+15>: mov QWORD PTR [rbp-0x50],rsi
0x00000000000011dc <+19>: mov rax,QWORD PTR fs:0x28
0x00000000000011e5 <+28>: mov QWORD PTR [rbp-0x8],rax
0x00000000000011e9 <+32>: xor eax,eax
0x00000000000011eb <+34>: cmp DWORD PTR [rbp-0x44],0x1
0x00000000000011ef <+38>: jne 0x1207 <main+62>
0x00000000000011f1 <+40>: lea rsi,[rip+0xe10] # 0x2008
0x00000000000011f8 <+47>: mov edi,0x1
0x00000000000011fd <+52>: mov eax,0x0
0x0000000000001202 <+57>: call 0x10c0 <errx@plt>
0x0000000000001207 <+62>: mov DWORD PTR [rbp-0x34],0x0
0x000000000000120e <+69>: mov rax,QWORD PTR [rbp-0x50]
0x0000000000001212 <+73>: add rax,0x8
0x0000000000001216 <+77>: mov rdx,QWORD PTR [rax]
0x0000000000001219 <+80>: lea rax,[rbp-0x30]
0x000000000000121d <+84>: mov rsi,rdx
0x0000000000001220 <+87>: mov rdi,rax
0x0000000000001223 <+90>: call 0x1090 <strcpy@plt> // breakpoint here
0x0000000000001228 <+95>: mov eax,DWORD PTR [rbp-0x34]
0x000000000000122b <+98>: test eax,eax
0x000000000000122d <+100>: je 0x1247 <main+126>
0x000000000000122f <+102>: mov eax,DWORD PTR [rbp-0x34]
0x0000000000001232 <+105>: mov esi,eax
0x0000000000001234 <+107>: lea rdi,[rip+0xde5] # 0x2020
0x000000000000123b <+114>: mov eax,0x0
0x0000000000001240 <+119>: call 0x10d0 <printf@plt>
0x0000000000001245 <+124>: jmp 0x1253 <main+138>
0x0000000000001247 <+126>: lea rdi,[rip+0xe12] # 0x2060
0x000000000000124e <+133>: call 0x10a0 <puts@plt>
0x0000000000001253 <+138>: mov eax,0x0
0x0000000000001258 <+143>: mov rcx,QWORD PTR [rbp-0x8]
0x000000000000125c <+147>: xor rcx,QWORD PTR fs:0x28
0x0000000000001265 <+156>: je 0x126c <main+163>
0x0000000000001267 <+158>: call 0x10b0 <__stack_chk_fail@plt>
0x000000000000126c <+163>: leave
0x000000000000126d <+164>: ret
End of assembler dump.
(gdb) break *0x0000000000001223 // I want to set the breakpoint here
Breakpoint 1 at 0x1223
(gdb) r AAAA // I try to run the program providing arguments
Starting program: /home/ryan/liveoverflow_youtube/0x05_simple_crackme_intro_assembler/stackReg AAAA
[1]+ Stopped gdb stackReg // This is the problem?
最佳答案
GDB 像这样停止是当 GDB 在尝试放置断点时抛出错误时发生的错误,它已在上游 GDB 中通过此补丁修复:
https://sourceware.org/ml/gdb-patches/2019-05/msg00361.html
一旦你看到 GDB 像这样停止:
[1]+ Stopped
你应该被扔回 shell。只需使用 fg 命令恢复 GDB 并继续调试 session 。一旦 GDB 9 发布,这个错误就会被修复。
正如评论中指出的,断点地址不正确的原因是您使用的是位置无关可执行文件(PIE),当进程启动时,代码将被重新定位。
使用starti启动GDB,然后你可以反汇编main并查看代码实际放置在哪里。
关于assembly - 为什么我在 GDB 上出现断点问题? GDB 停止,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60121858/