How to disassemble stripped binary

-

Disassemble stripped binary

A stripped binary is a program that is compiled with a strip flag that tells the compiler to discard these debugging symbols and compile to program 

Simply, A binary with no debugging symbol 

In GCC if we want strip a binary we can compile with -s option/parameter

In normal program debuggers like GDB disassembles a binary using those mechanisms

  • Debug Information: GDB relies on debug information that is often generated during the compilation of a program with debugging symbols enabled. These symbols provide a mapping between the source code and the corresponding machine code instructions.

  • Symbol Table: The debug information includes a symbol table that associates functions, variables, and other code elements with their memory addresses and data types. This information is crucial for GDB to understand the structure of the program.

     

    So lets cut to the chase Here is how we disassemble stripped binary 

    I have created some c program for test purpose which is stripped.





    Step-1:

    Lets open the program in GDB


    As we see, GDB says there is no symbol table to disassemble the binary 

    Honestly speaking, GDB says no sysbol table loaded even if the program is not stripped

     

    Step-2:

    Lets run the program and find out the entry point/address for the program


     

    Step-3:

     Lets set a break point at the entry point and forward 200 instruction from the entry point which we had set a break point.



      

    We disassembled the binary now lets find out the password for the program


    Step-4:

    Lets see the disassembled code try to understand the program


    In this section the program is trying to check the string length is equal to 12

    specifically at 0x555555555234 

     Then it compare the input text to some unknown text at 0x55555555524d

     If it equal or not equal it print some texts using puts function.

     

    Step-5: 

    Lets set a break point at 0x55555555524d and run the program



     

     



    So when we input a string with 12 length, It compares with "justpassword",

    if it is equal it must the output says "Welcome" else it says "Wrong password"

     




Comments

Post a Comment

Popular posts from this blog

flag [pwn]pwnable.kr game writeup

-
Image
                                flag [pwn]pwnable.kr game writeup Description Papa brought me a packed present! let's open it. Download : http://pwnable.kr/bin/flag This is reversing task. all you need is binary     Step-1: As the description says the binary is packed so lets see if we can do smtg.  UPX 😋 Step-2: Lets unpack the binary Step-3: Lets disassemble and get the flag........................... Personally I use radare2 mostly  Flag: UPX...? sounds like a delivery service :)
Read more

droid2 picoCTF Reverse Engineering writeup

-
Image
Description Find the pass, get the flag. Check out this file .   Solution    lets decompile the app using jadx-gui    Link to download jadx-gui   wget https://github.com/skylot/jadx/releases/download/v1.1.0/jadx-1.1.0.zip unzip jadx-1.1.0.zip -d jadx cd jadx ./jadx-gui           Lets launch and open two.apk and seek to com.hellocmu.picoctf.FlagstaffHill         At this function we have seen an array containing string and the if condition is trying to access the array.   Above that there is a variables and i try to represent those like this      then I create a simple python program because I don't like in Java for real. here is the program         Now, lets try this password    dismass.ogg.weatherwax.aching.nitt.garlick   Flag: picoCTF{what.is.your.favourite.colour}    
Read more

Malware Development Basics

-
Image
  Malware is malicious software specifically designed to damage, steal, or exploit information from computer systems and networks. It can take various forms, such as viruses, worms, Trojans, ransomware, and spyware. Developing, distributing, or using malware is against the law and can lead to severe legal consequences, including fines and imprisonment. It is essential to use your programming skills for legitimate and ethical purposes, such as creating useful applications, enhancing cybersecurity, and contributing positively to the digital world. If you are interested in cybersecurity, ethical hacking, or learning how to protect computer systems from potential threats, there are legitimate and legal ways to pursue knowledge and training in these fields. There are various courses, certifications, and resources available that focus on ethical hacking and cybersecurity practices. By choosing the ethical path, you can contribute positively to society and help create a safer and more sec...
Read more