CS 410 SNHU Steps to Take for Converting the Binary File to C Project

User Generated

Fngryyvgr

Programming

CS 410

Southern New Hampshire University

CS

Description

   

Unformatted Attachment Preview

CS 410 Stepping Stone Six Guidelines and Rubric Overview: In Stepping Stones Four and Five, you converted files using languages including binary, assembly, and C. In Stepping Stone Six, you will take another key step toward a successful final project by practicing the security dimensions of reverse engineering. Specifically, you will convert legacy binary code to C, examine the code for security flaws, and report on these flaws. Prompt: For this assignment, you are given a legacy binary file in Codio. This file is found under “Module 5 Stepping Stone Assignment”:  assignment5_1.o To complete this assignment, examine the file for security flaws and reverse engineer it to C. Submit a Microsoft Word document that contains the following: 1. A detailed list of the steps you took converting the binary file to C 2. Commented assembly code that corresponds to the binary file 3. Commented C code that corresponds to the assembly file, including the logical errors or security flaws (The comments for this code should include explanations of the logical or security flaws.) 4. The corrected C code with comments Rubric Guidelines for Submission: Submit a Microsoft Word document containing all of the critical elements. Critical Elements Proficient (100%) Steps in Converting Lists the steps in conversion, Binary to C with no significant errors or omissions Commented Assembly in Correspondence with Binary Comments on assembly code in correspondence with binary, with no significant errors or omissions Commented C Code Comments on C code and with Security Flaws reveals security flaws, with no significant errors or omissions Emergent (80%) Needs Improvement (60%) Not Evident (0%) Value List the steps in conversion, with significant errors or omissions to correct Attempts to list the steps in conversion, but the submission has fundamental or frequent errors or omissions No attempt to list the steps in conversion is evident 25 Comments on assembly code in correspondence with binary, but with significant errors or omissions to correct Comments may not correspond with binary or may have fundamental or frequent errors or omissions No attempt to comment on assembly code is evident 25 Comments may be incomplete or may have significant errors or omissions to correct Comments may not address security issues or may have fundamental or frequent errors or omissions No attempt to comment on C code with security flaws is evident 25 Critical Elements Proficient (100%) Emergent (80%) Needs Improvement (60%) Commented Corrected C Code Comments are complete and code addresses security flaws with no significant errors or omissions Comments may be incomplete or code may have significant errors or omissions to correct Submission may not address security flaws or may have fundamental or frequent errors or omissions Not Evident (0%) Value No attempt to correct C code or comment on corrected code is evident Total 25 100%
Purchase answer to see full attachment
Explanation & Answer:
1 Project
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello, here is the file bro

Student Name:
Assignment Name:
Submission Date:

1. A detailed list of the steps you took converting the binary file to C
a. Using gdb, we check the functions available in the binary file, info functions.
The above command display the functions given below. We have two functions to
consider, the main and the DisplayMenu function.

b. Disassembling the main function.
Using disassemble /m main command in gdb, we get the assembly statements of the
binary file.

The above image just show part of the disassembled main function.In gdb we can
move step by step in the assembly file, to check the result of the statements when
executed. Creating breakpoints allow us to check the statements part by part.
Lets put a break point at
0x00000000004006f2 :

mov

$0x4008c9,%edi

This can be achieved by this command in gdb
b *0x00000000004006f2

Then running the code, print the four lines as shown below
---------------- 1)Add

-

- 2)Subtract - 3)Multiply - 4)Exit

-

----------------

The above lines can only be printed on the screen using printf statement in c. We can
also see in the disassembled main that, the first statements call 0x4004e0 six
times, which is the print statements. Therefore writing this in c, becomes

printf ("----------------\n");
printf ("- 1)Add -\n");
printf ("- 2)Subtract -\n");
printf ("- 3)Multiply -\n");
printf ("- 4)Exit -\n");
printf ("----------------\n");

Putting our next breakpoint at 0x0000000000400709
b * 0x0000000000400709
Putting a break point a line after the call for scanf, the program displays the menu, allow one to
choose a choice then in stops at the breakpoint.

Therefore we can confirm that our next statements calls for a scanf statement, to take in a value
or the choice, the choice of the user per the menu given.

This can be performed by scanf statement in c
scanf ("%d", &choice);
0x00000000004006fc : callq 0x400520
0x0000000000400701 : mov -0x1c(%rbp),%eax
The value entered is stored in a variable choice, which has been defined before as seen below
0x00000000004006a3 :

movl $0x0,-0x1c(%rbp), with an initial value of zero

After the scanf statement, the following comparison can also bee seen in the disassembled main
First condition check.

The value entered by the user is stored in a memory location,

mov -0x1c(%rbp),%eax

Immediately after the value is moved to %eax, as seen above we see a CMP statement, as seen in
the above image, the value is compared to 1
0x0000000000400704 : cmp $0x1,%eax

This statement is followed by jne instruction, which is a conditional jump. The condition will
jump to +175 in the main function as seen below
0x0000000000400707 : jne 0x400749

Therefore the instructions before are performed only when the condition posed is
met, that is comparing the choice if it’s equal to 1.
This is the same as the below code in c
If(choice == 1){
Block of code
}

Code between the condition block

Sample code 1
0x0000000000400707 : jne 0x400749
0x0000000000400709 : lea -0x14(%rbp),%rdx
0x000000000040070d : lea -0x18(%rbp),%rax
0x0000000000400711 : mov %rax,%rsi
0x0000000000400714 : mov $0x4008cc,%edi
0x0000000000400719 : mov $0x0,%eax
0x000000000040071e : callq 0x400520
0x0000000000400723 : mov -0x18(%rbp),%edx
0x0000000000400726 : mov -0x14(%rbp),%eax
0x0000000000400729 : mov %edx,%ecx
0x000000000040072b : sub %eax,%ecx
0x000000000040072d : mov -0x14(%rbp),%edx
0x0000000000400730 : mov -0x18(%rbp),%eax
0x0000000000400733 : mov %eax,%esi
0x0000000000400735 : mov $0x4008d2,%edi
0x000000000040073a : mov $0x0,%eax
0x000000000040073f : callq 0x4004f0
0x0000000000400744 : jmpq 0x4007d1

Creating a breakpoint at
0x0000000000400744 : jmpq 0x4007d1

Then we execute the program to check the function of this block.

Breakpoint 4 at 0x400744
(gdb) run
The program being debugged has been started already.
Start it from the beg...


Anonymous
Great content here. Definitely a returning customer.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags