This is pretty similiar to A08, the only difference being that the push before calling printf is with eax.
eax in this program has stored the results of sub_401000, and we immediately push it onto the stack. By pushing before a function call, we're essentially passing it to the function.
Subscribe to:
Post Comments (Atom)
-
Introduction: During some house cleaning I had an old external drive that was encrypted with an old version of truecrypt. I wanted to mount...
-
Live Linux forensics in a KVM based environment (part 1) Most of this blog will be based on a image that I created that I will be walking... -
Starting Linux analysis with volatility When working in the security field you will eventually come across a time that you will need to do...
No comments:
Post a Comment