ytshih/unixprog2024-hw3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Yi-Ting Shih
2025-04-12 08:26:23 +08:00
commit aa66855054
57 changed files with 1702 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
test_case/Makefile Normal file
View File

@@ -0,0 +1,13 @@
.PHONY: all
all: ../sdb
python run.py 1
python run.py 2
python run.py 3
python run.py 4
python run.py h1
python run.py h2
python run.py h3
python run.py h4
python run.py h5
python run.py h6

BIN
test_case/deep Executable file
View File

Binary file not shown.

BIN
test_case/game Executable file
View File

Binary file not shown.

BIN
test_case/guess Executable file
View File

Binary file not shown.

BIN
test_case/hello Executable file
View File

Binary file not shown.

6
test_case/in/1.in Normal file
View File

@@ -0,0 +1,6 @@
../sdb
si
load ./hello
si
si
cont

9
test_case/in/2.in Normal file
View File

@@ -0,0 +1,9 @@
../sdb ./hello
break 0x401005
break 40102b
info break
si
si
cont
info reg
cont

14
test_case/in/3.in Normal file
View File

@@ -0,0 +1,14 @@
../sdb ./guess
break 0x4010de
cont
1
patch 0x4010e8 0x9090 2
si
info break
delete 0
break 0x4010ea
delete 0
info break
cont
patch 0x402015 0x4e49570a 4
cont

9
test_case/in/4.in Normal file
View File

@@ -0,0 +1,9 @@
../sdb ./hello
break 0x401005
break 40102b
cont
syscall
syscall
syscall
syscall
syscall

13
test_case/in/h1.in Normal file
View File

@@ -0,0 +1,13 @@
../sdb ./game
break 401005
break 401009
info break
syscall
syscall
delete 0
cont
2
break 401005
info break
cont
2

9
test_case/in/h2.in Normal file
View File

@@ -0,0 +1,9 @@
../sdb ./game
break 401005
cont
patch 40101a 0x02f88348 4
cont
1
patch 40101a 0x01f88348 4
cont
1

6
test_case/in/h3.in Normal file
View File

@@ -0,0 +1,6 @@
../sdb
si
load ./deep
si
si
cont

9
test_case/in/h4.in Normal file
View File

@@ -0,0 +1,9 @@
../sdb ./deep
break 401136
break 40113d
info break
si
si
cont
info reg
cont

12
test_case/in/h5.in Normal file
View File

@@ -0,0 +1,12 @@
../sdb ./deep
break 40109c
info break
break 401031
info break
delete 0
info break
delete 3
info break
cont
info break
cont

9
test_case/in/h6.in Normal file
View File

@@ -0,0 +1,9 @@
../sdb ./game
break 0x4010f1
syscall
syscall
syscall
syscall
3
syscall
syscall

19
test_case/out/1.ans Normal file
View File

@@ -0,0 +1,19 @@
** please load a program first.
** program './hello' loaded. entry point 0x401000.
401000: f3 0f 1e fa endbr64
401004: 55 push rbp
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
401004: 55 push rbp
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
401014: 48 89 c6 mov rsi, rax
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
401014: 48 89 c6 mov rsi, rax
401017: bf 01 00 00 00 mov edi, 1
hello world!
** the target program terminated.

36
test_case/out/2.ans Normal file
View File

@@ -0,0 +1,36 @@
** program './hello' loaded. entry point 0x401000.
401000: f3 0f 1e fa endbr64
401004: 55 push rbp
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
** set a breakpoint at 0x401005.
** set a breakpoint at 0x40102b.
Num Address
0 0x401005
1 0x40102b
401004: 55 push rbp
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
401014: 48 89 c6 mov rsi, rax
** hit a breakpoint at 0x401005.
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
401014: 48 89 c6 mov rsi, rax
401017: bf 01 00 00 00 mov edi, 1
** hit a breakpoint at 0x40102b.
40102b: b8 01 00 00 00 mov eax, 1
401030: 0f 05 syscall
401032: c3 ret
401033: b8 00 00 00 00 mov eax, 0
401038: 0f 05 syscall
$rax 0x0000000000402000 $rbx 0x0000000000000000 $rcx 0x0000000000000000
$rdx 0x000000000000000e $rsi 0x0000000000402000 $rdi 0x0000000000000001
$rbp 0x00007ffe0e5cd5b8 $rsp 0x00007ffe0e5cd5b0 $r8 0x0000000000000000
$r9 0x0000000000000000 $r10 0x0000000000000000 $r11 0x0000000000000000
$r12 0x0000000000000000 $r13 0x0000000000000000 $r14 0x0000000000000000
$r15 0x0000000000000000 $rip 0x000000000040102b $eflags 0x0000000000000202
hello world!
** the target program terminated.

37
test_case/out/3.ans Normal file
View File

@@ -0,0 +1,37 @@
** program './guess' loaded. entry point 0x40108b.
40108b: f3 0f 1e fa endbr64
40108f: 55 push rbp
401090: 48 89 e5 mov rbp, rsp
401093: 48 83 ec 10 sub rsp, 0x10
401097: ba 12 00 00 00 mov edx, 0x12
** set a breakpoint at 0x4010de.
guess a number >
** hit a breakpoint at 0x4010de.
4010de: 48 89 c7 mov rdi, rax
4010e1: e8 1a ff ff ff call 0x401000
4010e6: 85 c0 test eax, eax
4010e8: 75 1b jne 0x401105
4010ea: ba 06 00 00 00 mov edx, 6
** patch memory at address 0x4010e8.
4010e1: e8 1a ff ff ff call 0x401000
4010e6: 85 c0 test eax, eax
4010e8: 90 nop
4010e9: 90 nop
4010ea: ba 06 00 00 00 mov edx, 6
Num Address
0 0x4010de
** delete breakpoint 0.
** set a breakpoint at 0x4010ea.
** breakpoint 0 does not exist.
Num Address
1 0x4010ea
** hit a breakpoint at 0x4010ea.
4010ea: ba 06 00 00 00 mov edx, 6
4010ef: 48 8d 05 1f 0f 00 00 lea rax, [rip + 0xf1f]
4010f6: 48 89 c6 mov rsi, rax
4010f9: bf 01 00 00 00 mov edi, 1
4010fe: e8 25 00 00 00 call 0x401128
** patch memory at address 0x402015.
WIN
** the target program terminated.

37
test_case/out/4.ans Normal file
View File

@@ -0,0 +1,37 @@
** program './hello' loaded. entry point 0x401000.
401000: f3 0f 1e fa endbr64
401004: 55 push rbp
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
** set a breakpoint at 0x401005.
** set a breakpoint at 0x40102b.
** hit a breakpoint at 0x401005.
401005: 48 89 e5 mov rbp, rsp
401008: ba 0e 00 00 00 mov edx, 0xe
40100d: 48 8d 05 ec 0f 00 00 lea rax, [rip + 0xfec]
401014: 48 89 c6 mov rsi, rax
401017: bf 01 00 00 00 mov edi, 1
** hit a breakpoint at 0x40102b.
40102b: b8 01 00 00 00 mov eax, 1
401030: 0f 05 syscall
401032: c3 ret
401033: b8 00 00 00 00 mov eax, 0
401038: 0f 05 syscall
** enter a syscall(1) at 0x401030.
401030: 0f 05 syscall
401032: c3 ret
401033: b8 00 00 00 00 mov eax, 0
401038: 0f 05 syscall
40103a: c3 ret
hello world!
** leave a syscall(1) = 14 at 0x401030.
401030: 0f 05 syscall
401032: c3 ret
401033: b8 00 00 00 00 mov eax, 0
401038: 0f 05 syscall
40103a: c3 ret
** enter a syscall(60) at 0x401040.
401040: 0f 05 syscall
** the address is out of the range of the text section.
** the target program terminated.

44
test_case/out/h1.ans Normal file
View File

@@ -0,0 +1,44 @@
** program './game' loaded. entry point 0x401000.
401000: b9 05 00 00 00 mov ecx, 5
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
** set a breakpoint at 0x401005.
** set a breakpoint at 0x401009.
Num Address
0 0x401005
1 0x401009
** hit a breakpoint at 0x401005.
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
401015: e8 72 00 00 00 call 0x40108c
** hit a breakpoint at 0x401009.
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
401015: e8 72 00 00 00 call 0x40108c
40101a: 48 83 f8 01 cmp rax, 1
** delete breakpoint 0.
guess a number :
wrong
** hit a breakpoint at 0x401009.
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
401015: e8 72 00 00 00 call 0x40108c
40101a: 48 83 f8 01 cmp rax, 1
** set a breakpoint at 0x401005.
Num Address
1 0x401009
2 0x401005
guess a number :
wrong
** hit a breakpoint at 0x401005.
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
401015: e8 72 00 00 00 call 0x40108c

26
test_case/out/h2.ans Normal file
View File

@@ -0,0 +1,26 @@
** program './game' loaded. entry point 0x401000.
401000: b9 05 00 00 00 mov ecx, 5
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
** set a breakpoint at 0x401005.
** hit a breakpoint at 0x401005.
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
401015: e8 72 00 00 00 call 0x40108c
** patch memory at address 0x40101a.
guess a number :
wrong
** hit a breakpoint at 0x401005.
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
401015: e8 72 00 00 00 call 0x40108c
** patch memory at address 0x40101a.
guess a number :
you win
** the target program terminated.

21
test_case/out/h3.ans Normal file
View File

@@ -0,0 +1,21 @@
** please load a program first.
** program './deep' loaded. entry point 0x401131.
401131: f3 0f 1e fa endbr64
401135: 55 push rbp
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
401135: 55 push rbp
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
401142: e8 3f ff ff ff call 0x401086
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
401142: e8 3f ff ff ff call 0x401086
401147: 89 45 fc mov dword ptr [rbp - 4], eax
this is callee
hello world
hello unix
** the target program terminated.

38
test_case/out/h4.ans Normal file
View File

@@ -0,0 +1,38 @@
** program './deep' loaded. entry point 0x401131.
401131: f3 0f 1e fa endbr64
401135: 55 push rbp
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
** set a breakpoint at 0x401136.
** set a breakpoint at 0x40113d.
Num Address
0 0x401136
1 0x40113d
401135: 55 push rbp
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
401142: e8 3f ff ff ff call 0x401086
** hit a breakpoint at 0x401136.
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
401142: e8 3f ff ff ff call 0x401086
401147: 89 45 fc mov dword ptr [rbp - 4], eax
** hit a breakpoint at 0x40113d.
40113d: b8 00 00 00 00 mov eax, 0
401142: e8 3f ff ff ff call 0x401086
401147: 89 45 fc mov dword ptr [rbp - 4], eax
40114a: b8 00 00 00 00 mov eax, 0
40114f: e8 5d ff ff ff call 0x4010b1
$rax 0x0000000000000000 $rbx 0x0000000000000000 $rcx 0x0000000000000000
$rdx 0x0000000000000000 $rsi 0x0000000000000000 $rdi 0x0000000000000000
$rbp 0x00007fffffffe0a8 $rsp 0x00007fffffffe098 $r8 0x0000000000000000
$r9 0x0000000000000000 $r10 0x0000000000000000 $r11 0x0000000000000000
$r12 0x0000000000000000 $r13 0x0000000000000000 $r14 0x0000000000000000
$r15 0x0000000000000000 $rip 0x000000000040113d $eflags 0x0000000000000202
this is callee
hello world
hello unix
** the target program terminated.

31
test_case/out/h5.ans Normal file
View File

@@ -0,0 +1,31 @@
** program './deep' loaded. entry point 0x401131.
401131: f3 0f 1e fa endbr64
401135: 55 push rbp
401136: 48 89 e5 mov rbp, rsp
401139: 48 83 ec 10 sub rsp, 0x10
40113d: b8 00 00 00 00 mov eax, 0
** set a breakpoint at 0x40109c.
Num Address
0 0x40109c
** set a breakpoint at 0x401031.
Num Address
0 0x40109c
1 0x401031
** delete breakpoint 0.
Num Address
1 0x401031
** breakpoint 3 does not exist.
Num Address
1 0x401031
** hit a breakpoint at 0x401031.
401031: 48 89 c6 mov rsi, rax
401034: bf 01 00 00 00 mov edi, 1
401039: e8 20 01 00 00 call 0x40115e
40103e: 90 nop
40103f: c9 leave
Num Address
1 0x401031
this is callee
hello world
hello unix
** the target program terminated.

44
test_case/out/h6.ans Normal file
View File

@@ -0,0 +1,44 @@
** program './game' loaded. entry point 0x401000.
401000: b9 05 00 00 00 mov ecx, 5
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
** set a breakpoint at 0x4010f1.
** enter a syscall(1) at 0x401052.
401052: 0f 05 syscall
401054: 59 pop rcx
401055: c3 ret
401056: 51 push rcx
401057: b8 01 00 00 00 mov eax, 1
guess a number :
** leave a syscall(1) = 18 at 0x401052.
401052: 0f 05 syscall
401054: 59 pop rcx
401055: c3 ret
401056: 51 push rcx
401057: b8 01 00 00 00 mov eax, 1
** enter a syscall(0) at 0x401088.
401088: 0f 05 syscall
40108a: 59 pop rcx
40108b: c3 ret
40108c: 51 push rcx
40108d: b8 00 00 00 00 mov eax, 0
** leave a syscall(0) = 2 at 0x401088.
401088: 0f 05 syscall
40108a: 59 pop rcx
40108b: c3 ret
40108c: 51 push rcx
40108d: b8 00 00 00 00 mov eax, 0
** hit a breakpoint at 0x4010f1.
4010f1: 48 8d 35 2b 0f 00 00 lea rsi, [rip + 0xf2b]
4010f8: ba 06 00 00 00 mov edx, 6
4010fd: 0f 05 syscall
4010ff: 59 pop rcx
401100: c3 ret
** enter a syscall(1) at 0x4010fd.
4010fd: 0f 05 syscall
4010ff: 59 pop rcx
401100: c3 ret
401101: b8 3c 00 00 00 mov eax, 0x3c
401106: 48 31 ff xor rdi, rdi

44
test_case/output.txt Normal file
View File

@@ -0,0 +1,44 @@
** program './game' loaded. entry point 0x401000.
401000: b9 05 00 00 00 mov ecx, 5
401005: 48 83 f9 00 cmp rcx, 0
401009: 74 1f je 0x40102a
40100b: e8 2b 00 00 00 call 0x40103b
401010: e8 5c 00 00 00 call 0x401071
** set a breakpoint at 0x4010f1.
** enter a syscall(1) at 0x401052.
401052: 0f 05 syscall
401054: 59 pop rcx
401055: c3 ret
401056: 51 push rcx
401057: b8 01 00 00 00 mov eax, 1
guess a number :
** leave a syscall(1) = 18 at 0x401052.
401052: 0f 05 syscall
401054: 59 pop rcx
401055: c3 ret
401056: 51 push rcx
401057: b8 01 00 00 00 mov eax, 1
** enter a syscall(0) at 0x401088.
401088: 0f 05 syscall
40108a: 59 pop rcx
40108b: c3 ret
40108c: 51 push rcx
40108d: b8 00 00 00 00 mov eax, 0
** leave a syscall(0) = 2 at 0x401088.
401088: 0f 05 syscall
40108a: 59 pop rcx
40108b: c3 ret
40108c: 51 push rcx
40108d: b8 00 00 00 00 mov eax, 0
** hit a breakpoint at 0x4010f1.
4010f1: 48 8d 35 2b 0f 00 00 lea rsi, [rip + 0xf2b]
4010f8: ba 06 00 00 00 mov edx, 6
4010fd: 0f 05 syscall
4010ff: 59 pop rcx
401100: c3 ret
** enter a syscall(1) at 0x4010fd.
4010fd: 0f 05 syscall
4010ff: 59 pop rcx
401100: c3 ret
401101: b8 3c 00 00 00 mov eax, 0x3c
401106: 48 31 ff xor rdi, rdi

71
test_case/run.py Normal file
View File

@@ -0,0 +1,71 @@
from pwn import *
import time
import sys
import difflib
def read_file(filename):
"""Read a file and return its contents as a list of lines."""
with open(filename, "r") as f:
return f.readlines()
def normalize_line(line):
"""Normalize a line by stripping leading/trailing whitespace and reducing internal whitespace to a single space."""
return ' '.join(line.split())
def compare_files(file1, file2):
"""Compare two files and print the differences or 'accept' if they are the same."""
content1 = read_file(file1)
content2 = read_file(file2)
# Normalize lines to ignore whitespace differences
normalized1 = [normalize_line(line) for line in content1]
normalized2 = [normalize_line(line) for line in content2]
diff = difflib.unified_diff(normalized1, normalized2, fromfile=file1, tofile=file2)
# Convert the generator to a list to check if there are any differences
diff_list = list(diff)
if not diff_list:
print("accept")
else:
for line in diff_list:
print(line)
if __name__ == "__main__":
if len(sys.argv) < 2:
print("Usage: ./run.py <test case id>")
sys.exit(1)
filename = "./in/" + sys.argv[1] + ".in"
f = open(filename)
input_lines = f.read().splitlines()
# start process
p_run = input_lines[0].split(" ")
if len(p_run) == 1:
p = process([p_run[0]])
else:
p = process([p_run[0]] + [p_run[1]])
for i in range(1, len(input_lines)):
# info(input_lines[i])
p.sendline(input_lines[i].encode())
time.sleep(0.2)
# wait
time.sleep(1)
# \x00, (sdb)...
with open("output.txt", "w", encoding="utf-8") as f:
output = p.recvall(timeout=1).decode("utf-8")
output = output.replace("\x00", "") # \x00 terminate
output = output.replace("(sdb) ", "")
output = output.replace("guess a number > ", "guess a number > \n")
f.write(output)
p.close()
ans_file = "./out/" + sys.argv[1] + ".ans"
info(ans_file)
compare_files("output.txt", ans_file)