1
=> 0x000000000000121c <+129>:   b8 00 00 00 00  mov    $0x0,%eax
   0x0000000000001221 <+134>:   c9  leaveq 
   0x0000000000001222 <+135>:   c3  retq

I cannot seem to find the hex address through gdb. Can i even inject a positive return value b8 01 00 00 00 with the method "printf '\x01' | dd of= ....." into an hex file from the information i get from GDB? i cant seem to find the "seek" value for dd

MarzRover
  • 11
  • 1
  • I try to identify a unique pattern near the bytes I want to change. I use od to dump the file, find the unique pattern, and figure the offset in the file of the bytes I want to change from that. – prl Jun 21 '20 at 05:49
  • You can of course also do the actual mapping from virtual address to file offsets. For that you'd have to consult the ELF headers but it's usually not worth the trouble, as the pattern search is easier. – Jester Jun 21 '20 at 11:33
  • Apologies for asking but how do you perform the pattern search? Because i don’t know what GDB code corresponds with the code from the hex file – MarzRover Jun 21 '20 at 11:46

0 Answers0