Question

Please Help, I have looked all over, and I just can't seem to find anything.

    Dump of assembler code for function phase_4:
   0x08048d81 <+0>: push   %ebp
   0x08048d82 <+1>: mov    %esp,%ebp
   0x08048d84 <+3>: sub    $0x28,%esp
   0x08048d87 <+6>: lea    -0xc(%ebp),%eax
   0x08048d8a <+9>: mov    %eax,0x8(%esp)
   0x08048d8e <+13>:    movl   $0x8049a68,0x4(%esp)
   0x08048d96 <+21>:    mov    0x8(%ebp),%eax
   0x08048d99 <+24>:    mov    %eax,(%esp)
   0x08048d9c <+27>:    call   0x8048788 <__isoc99_sscanf@plt>
   0x08048da1 <+32>:    cmp    $0x1,%eax
   0x08048da4 <+35>:    jne    0x8048dac <phase_4+43>
   0x08048da6 <+37>:    cmpl   $0x0,-0xc(%ebp)
   0x08048daa <+41>:    jg     0x8048db1 <phase_4+48>
   0x08048dac <+43>:    call   0x8049236 <explode_bomb>
   0x08048db1 <+48>:    mov    -0xc(%ebp),%eax
   0x08048db4 <+51>:    mov    %eax,(%esp)
   0x08048db7 <+54>:    call   0x8048b50 <func4>
   0x08048dbc <+59>:    cmp    $0x262,%eax
   0x08048dc1 <+64>:    je     0x8048dc8 <phase_4+71>
   0x08048dc3 <+66>:    call   0x8049236 <explode_bomb>
   0x08048dc8 <+71>:    leave  
   0x08048dc9 <+72>:    ret   






 Dump of assembler code for function func4:
   0x08048b50 <+0>: push   %ebp
   0x08048b51 <+1>: mov    %esp,%ebp
   0x08048b53 <+3>: sub    $0x18,%esp
   0x08048b56 <+6>: mov    %ebx,-0x8(%ebp)
   0x08048b59 <+9>: mov    %esi,-0x4(%ebp)
   0x08048b5c <+12>:    mov    0x8(%ebp),%ebx
   0x08048b5f <+15>:    mov    $0x1,%eax
   0x08048b64 <+20>:    cmp    $0x1,%ebx
   0x08048b67 <+23>:    jle    0x8048b83 <func4+51>
   0x08048b69 <+25>:    lea    -0x1(%ebx),%eax
   0x08048b6c <+28>:    mov    %eax,(%esp)
   0x08048b6f <+31>:    call   0x8048b50 <func4>
   0x08048b74 <+36>:    mov    %eax,%esi
   0x08048b76 <+38>:    sub    $0x2,%ebx
   0x08048b79 <+41>:    mov    %ebx,(%esp)
   0x08048b7c <+44>:    call   0x8048b50 <func4>
   0x08048b81 <+49>:    add    %esi,%eax
   0x08048b83 <+51>:    mov    -0x8(%ebp),%ebx
   0x08048b86 <+54>:    mov    -0x4(%ebp),%esi
   0x08048b89 <+57>:    mov    %ebp,%esp
   0x08048b8b <+59>:    pop    %ebp
   0x08048b8c <+60>:    ret  

I've been thinking that there are two numbers and that one of them is 610 since 0x08048dbc <+59>: cmp $0x262,%eax which 0x262 is 610.

No correct solution

OTHER TIPS

If you look at the format string passed to sscanf you will most likely see a single %d directive. Line +32 checks that sscanf read exactly 1 number, otherwise the bomb will explode.

Line +59 is checking the return value of func4 against 610, so you need to figure out what number to feed func4 such that it will give 610 back.

Without giving too much away, let me tell you that func4 is a simple recursive implementation of a well-known sequence. You should be able to find the recursion formula from the assembly code, and then you will probably recognize it.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top