Lets see info about what is inside with general tools
objdump --debugging ./mycrk
nm -a ./mycrk
Okey checked and havent found nothing interesting. There was hope to find some nice string that could look like key. ... but there was no candidates for such string. Only way now is too see disassembly if there is something interesting. Lets use objdump for that. Should be enought of objdump as its just 1 level.
objdump -d ./mycrk
Okey we know that there is printed out first message and then we type in our key. First printf is for string and then scanf definetly to read our input.
80483f1: e8 ee fe ff ff call 80482e4 <printf@plt> 80483f6: 83 c4 10 add $0x10,%esp 80483f9: 83 ec 08 sub $0x8,%esp 80483fc: 8d 45 f4 lea -0xc(%ebp),%eax 80483ff: 50 push %eax 8048400: 68 22 85 04 08 push $0x8048522 8048405: e8 ba fe ff ff call 80482c4 <scanf@plt> 804840a: 83 c4 10 add $0x10,%esp 804840d: 8b 45 f8 mov -0x8(%ebp),%eax 8048410: 3b 45 f4 cmp -0xc(%ebp),%eax 8048413: 75 1d jne 8048432 <main+0x6e>
scanf has somekind of params at address 0x8048522. Lets check what it have ... and its "%d " ha then its scanf("%d ",(int)) then it reads integer we can assume that key are numbers only. In format string %d is signed number but who cares. And asume most easy task that it just compare with some number with are our searched key. Lets put breakpoint at 0x80483f6
and step instruction by instruction. That %eax=%ebp-0x8 is decision to validate key and one of the values are our own second is 0x5b1270 lets do small translation and ...
int(0x5b1270) = 5968496
;at this point happends comparison for if input value is valid or not ; something like ; if scanf("%d",stdin) == cd_key 804840d: 8b 45 f8 mov eax,DWORD PTR [ebp-0x8] 8048410: 3b 45 f4 cmp eax,DWORD PTR [ebp-0xc]
And lets check our number ... and its correct
break *0x000 breakpoint on address
x/i $pc print current position instruction
p $eflags print eflags
p $eax print register EAX values