Irregular Expressions

Oct 19 2012   12:21AM GMT

Hackthissite.org Application Level 5 – Part 2



Posted by: Dan O'Connor
Tags:

After some a deeper dive, it looks like the switch statements that I set breakpoints on get called with the longer password.

With a little more playing I have located the key CMP that needs to be looked at.

00401080 |. 837D E4 10 |CMP DWORD PTR SS:[EBP-1C],10

If you know your your assembly or you are a good guesser CMP is a compare operation, this is in the suspect loop that seems to be checking out my entered password. After going through the 16 characters that I entered I stepped through the instructions, until I got to this line and started digging. I wanted to know what was at EBP-1C.

While stopped here if you go to the memory section and change the view to relative of EBP you can walk up the stack and see what it’s referencing.

The switches may have presented another avenue, but even by entering 4 characters, the password is still stored in the same location.

Ta-Da!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: