###### tags : `CTF PWN基礎題` # 題目:sysmagic #### 練習目的:gdb調用與測試 * 題目: https://drive.google.com/file/d/1Oc8yU0aHa5WqmLv5lhkN7g3njYWYszd3/view?usp=sharing * 題目: https://drive.google.com/file/d/1TwthQXDHEFX-rEjKeBKy9OJPQvshb4b2/view?usp=sharing - step1. ==查看原代碼== ```c= #include <stdio.h> #include <unistd.h> void get_flag(){ int fd ; int password; int magic ; char key[] = "Do_you_know_why_my_teammate_Orange_is_so_angry???"; char cipher[] = {7, 59, 25, 2, 11, 16, 61, 30, 9, 8, 18, 45, 40, 89, 10, 0, 30, 22, 0, 4, 85, 22, 8, 31, 7, 1, 9, 0, 126, 28, 62, 10, 30, 11, 107, 4, 66, 60, 44, 91, 49, 85, 2, 30, 33, 16, 76, 30, 66}; fd = open("/dev/urandom",0); read(fd,&password,4); printf("Give me maigc :"); scanf("%d",&magic); if(password == magic){ for(int i = 0 ; i < sizeof(cipher) ; i++){ printf("%c",cipher[i]^key[i]); } } } int main(){ setvbuf(stdout,0,2,0); get_flag(); return 0 ; } ``` - 看懂程式邏輯 - step2. ==開始玩gdb==  - step3. ==進入gdb== - 設置斷點,查看斷點 - 指令:b XXXXXXX  - step4. ==用gdb修改你想改的值== - 指令:set XXXXXXX - step4. ==應該就有flag了吧== - flag{XXXXXXX}