I am really stuck on phase 3. Since the 1st and fourth numbers (same for the 2nd & 5th and 3rd and 6th) should be the same numbers to
defuse the 1st bomb,
I confused as to where to begin looking to solve the 2nd bomb. I
assume that
This address
(gdb) print $ebp
$13 = (void *) 0xbf9cd4a8
has something to do with. But as to apply it I not sure. Any you
provide any insight as to what I need to do?
Code:Dump of assembler code for function phase_3:
0x080488a6 <phase_3+0>: push %ebp
0x080488a7 <phase_3+1>: mov %esp,%ebp
0x080488a9 <phase_3+3>: sub $0x28,%esp
0x080488ac <phase_3+6>: movl $0x0,0xfffffffc(%ebp)
0x080488b3 <phase_3+13>: lea 0xffffffe0(%ebp),%eax
0x080488b6 <phase_3+16>: mov %eax,0x4(%esp)
0x080488ba <phase_3+20>: mov 0x8(%ebp),%eax
0x080488bd <phase_3+23>: mov %eax,(%esp)
0x080488c0 <phase_3+26>: call 0x8048dac <read_six_numbers>
0x080488c5 <phase_3+31>: movl $0x0,0xfffffff8(%ebp)
0x080488cc <phase_3+38>: jmp 0x80488f6 <phase_3+80>
0x080488ce <phase_3+40>: mov 0xfffffff8(%ebp),%eax
0x080488d1 <phase_3+43>: mov 0xffffffe0(%ebp,%eax,4),%edx
0x080488d5 <phase_3+47>: mov 0xfffffff8(%ebp),%eax
0x080488d8 <phase_3+50>: add $0x3,%eax
0x080488db <phase_3+53>: mov 0xffffffe0(%ebp,%eax,4),%eax
0x080488df <phase_3+57>: cmp %eax,%edx
0x080488e1 <phase_3+59>: je 0x80488e8 <phase_3+66>
0x080488e3 <phase_3+61>: call 0x804906c <explode_bomb>
0x080488e8 <phase_3+66>: mov 0xfffffff8(%ebp),%eax
0x080488eb <phase_3+69>: mov 0xffffffe0(%ebp,%eax,4),%eax
0x080488ef <phase_3+73>: add %eax,0xfffffffc(%ebp)
0x080488f2 <phase_3+76>: addl $0x1,0xfffffff8(%ebp)
0x080488f6 <phase_3+80>: cmpl $0x2,0xfffffff8(%ebp)
0x080488fa <phase_3+84>: jle 0x80488ce <phase_3+40>
0x080488fc <phase_3+86>: cmpl $0x0,0xfffffffc(%ebp)
0x08048900 <phase_3+90>: jne 0x8048907 <phase_3+97>
0x08048902 <phase_3+92>: call 0x804906c <explode_bomb>
0x08048907 <phase_3+97>: leave
0x08048908 <phase_3+98>: ret
End of assembler dump.
That's number 2. Keep going!
6 9 12 6 9 12
Breakpoint 1, 0x080488df in phase_3 ()
(gdb) cont
Continuing.
Breakpoint 1, 0x080488df in phase_3 ()
(gdb) cont
Continuing.
Breakpoint 1, 0x080488df in phase_3 ()
(gdb) cont
Continuing.
Halfway there!
cont
BOOM!!!
The bomb has blown up.
Program exited with code 010.
(gdb)