Enter si again:
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |eax 0x4 4 ecx 0x804a000 134520832 edx 0xd 13 | |eax 0xd 13 esp 0xffffd950 0xffffd950 edx 0xd 13 | |esi 0x0 0 edi 0x0 0 eip 0x8049015 0x8049015 <_start+21 | |eflags 0x202 [ IF ] cs 0x23 35 ss 0x2b 7 43 7 <print_hex | |ds 0x2b 43 es 0x2b 43 fs 0x0 0 | |gs 0x0 0 k0 0x0 0 k1 0x0 0 | |k2 0x0 0 k3 0x0 0 k4 0x0 0 | |k5 0x0 0 k6 0x0 0 k7 0x0 0 | |------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |B+ 0x8049000 <_start> mov eax,0x4 | | 0x8049005 <_start+5> mov ebx,0x1 | | 0x804900a <_start+10> lea ecx,ds:0x804a000 | | 0x8049010 <_start+16> mov edx,0xd | | > 0x8049015 <_start+21> int 0x80 | | 0x8049015 <_start+21> int 0x800x4 | | > 0x8049017 <print_hex_message> mov eax,0x4 | | 0x8049021 <print_hex_message+10> lea ecx,ds:0x804a00d | | 0x8049027 <print_hex_message+16> mov edx,0xd | | 0x804902c <print_hex_message+21> int 0x80 | | 0x804902e <exit_program> mov eax,0x1 | | 0x8049033 <exit_program+5> mov ebx,0x0 | | 0x8049038 <exit_program+10> int 0x80 | | 0x804903a add BYTE PTR [eax],al | | 0x804903c add BYTE PTR [eax],al | | 0x804903e add BYTE PTR [eax],al | | 0x8049040 add BYTE PTR [eax],al | | 0x8049042 add BYTE PTR [eax],al | | 0x8049044 add BYTE PTR [eax],al | | 0x8049046 add BYTE PTR [eax],al | |------------------------------------------------------------------------------------------------------------------------------------------------------------------------| native process 96349 In: _start L?? PC: 0x8049015 0xf7ffc31c - 0xf7print_hex_messagec in system-supplied DSO at 0xf7ffc000 7 0xf7ffc3b8 - 0xf7ffc40c is .note in system-supplied DSO at 0xf7ffc000 0xf7ffc40c - 0xf7ffc430 is .eh_frame_hdr in system-supplied DSO at 0xf7ffc000 0xf7ffc430 - 0xf7ffc53c is .eh_frame in system-supplied DSO at 0xf7ffc000 0xf7ffc540 - 0xf7ffd262 is .text in system-supplied DSO at 0xf7ffc000 --Type <RET> for more, q to quit, c to continue without paging-- 0xf7ffd262 - 0xf7ffd2c2 is .altinstructions in system-supplied DSO at 0xf7ffc000 0xf7ffd2c2 - 0xf7ffd2e2 is .altinstr_replacement in system-supplied DSO at 0xf7ffc000 (gdb) x /26xb 0x0804a000 0x804a000: 0x48 0x65 0x6c 0x6c 0x6f 0x20 0x57 0x6f 0x804a008: 0x72 0x6c 0x64 0x21 0x0a 0x48 0x65 0x6c 0x804a010: 0x6c 0x6f 0x20 0x57 0x6f 0x72 0x6c 0x64 0x804a018: 0x21 0x0a (gdb) x /26cb 0x0804a000 0x804a000: 72 'H' 101 'e' 108 'l' 108 'l' 111 'o' 32 ' ' 87 'W' 111 'o' 0x804a008: 114 'r' 108 'l' 100 'd' 33 '!' 10 '\n' 72 'H' 101 'e' 108 'l' 0x804a010: 108 'l' 111 'o' 32 ' ' 87 'W' 111 'o' 114 'r' 108 'l' 100 'd' 0x804a018: 33 '!' 10 '\n' (gdb) si 0x08049015 in _start () (gdb) si Hello World! 0x08049017 in print_hex_message () (gdb)
Our interrupt 0x80 instruction was reached, and it invoked the write syscall, passing the parameters we set in the ebx, ecx, and edx registers.
ebx was set to 0x1, for stdout, so our program wrote "Hello World!\n" to the terminal. Note, this output may be injected into the gdb command
frame, which can corrupt the dislay output. Enter ctrl + l (Lower case L) to redraw the screen and fix this.
In my example, it appears that there are duplicate 0x8049015 instruction lines and a phantom 0x800x4 interrupt instruction.
Re-drawing the output corrects this.
GDB shows that we have reached the print_hex_message label which will execute the same steps as before to invoke a write syscall.
We can continue the program to completion by entering:
GDB shows that we have reached the print_hex_message label which will execute the same steps as before to invoke a write syscall.
We can continue the program to completion by entering:
continue