lionaneesh/gdb_bank_sect2017.py

## gdb_bank_sect2017.py
import gdb
import sys
import os

class MyBreakpoint(gdb.Breakpoint):
    def stop (self):
        return True

gdb.execute('file ./bank_patched')
MyBreakpoint("*0x555555554c56")
gdb.execute('run < payload_bank')

print(gdb.parse_and_eval('rand_data'))

print('setting seed:', seed)
gdb.execute('set variable rand_data=' + str(seed))
print(gdb.parse_and_eval('rand_data'))

# rand_data overwritten
MyBreakpoint("*0x555555554eeb")
gdb.execute('continue')
print(gdb.parse_and_eval('rand_data'))
h = gdb.execute('x/1s $rbp-0xe0', to_string=True)
gdb.execute("dump binary memory result.bin 0x00040000 0x00071000")
print("Hash", h.split('"')[1])
gdb.execute('quit')
	import gdb
	import sys
	import os

	class MyBreakpoint(gdb.Breakpoint):
	def stop (self):
	return True

	gdb.execute('file ./bank_patched')
	MyBreakpoint("*0x555555554c56")
	gdb.execute('run < payload_bank')

	print(gdb.parse_and_eval('rand_data'))

	print('setting seed:', seed)
	gdb.execute('set variable rand_data=' + str(seed))
	print(gdb.parse_and_eval('rand_data'))

	# rand_data overwritten
	MyBreakpoint("*0x555555554eeb")
	gdb.execute('continue')
	print(gdb.parse_and_eval('rand_data'))
	h = gdb.execute('x/1s $rbp-0xe0', to_string=True)
	gdb.execute("dump binary memory result.bin 0x00040000 0x00071000")
	print("Hash", h.split('"')[1])
	gdb.execute('quit')