1. We find that there are a TON of function calls in the disassembly. We dont care about the first few, just set a breakpoint right after the user input
2. Now, we find that 0x47deb0 will actually act as scanf(), so this stores the user input
1. We can also assume that 0x467a60 is printf()
3. Note that this stuff at the bottom will be the Stack Canary check
4. So, this leaves us with all the key checking logic in these four functions
sub_47d9b0
- There is a user input length check to see if the string length of our key is greater than 16 (you can check rdx in the debugger)
- True case:
- Then, it checks if the string length is smaller than maxint. if it is higher, then segfault
- Then, it checks if string length is bigger than 0, if it is not, then dont do anyting
- True: 1.
- Then, it checks if the string length is smaller than maxint. if it is higher, then segfault