I have a
bomb project where I need to defuse certain phases by finding "pas phrases" that will defuse the
bomb. Right now I have been working with phase_2, for which the assembly code is shown below.
Phase_2 requires as an input 6 numbers, which I need to find in order to defuse this phase. I analyzed this assembly, and I came up with the C code below, that covers lines from 40101c to 401044. It is basically a for loop that makes sure that elements t[0]==t[3], t[1]==t[4] and t[2]==t[5] that the user inputs, are equal. According to my logic, the user can input any 6 numbers as long as the above condition is satisfied. Say 1, 2, 3, 1, 2, 3 would be a valid "pas phrase". However this solution does not convince me for some reason. Am I doing something wrong?
0000000000400ffc <phase_2>:
400ffc: 48 89 5c 24 e0 mov %rbx,-0x20(%rsp)
401001: 48 89 6c 24 e8 mov %rbp,-0x18(%rsp)
401006: 4c 89 64 24 f0 mov %r12,-0x10(%rsp)
40100b: 4c 89 6c 24 f8 mov %r13,-0x8(%rsp)
401010: 48 83 ec 48 sub $0x48,%rsp
401014: 48 89 e6 mov %rsp,%rsi
401017: e8 65 0a 00 00 callq 401a81 <read_six_numbers>
40101c: 48 89 e5 mov %rsp,%rbp
40101f: 4c 8d 6c 24 0c lea 0xc(%rsp),%r13
401024: 41 bc 00 00 00 00 mov $0x0,%r12d
40102a: 48 89 eb mov %rbp,%rbx
40102d: 8b 45 0c mov 0xc(%rbp),%eax
401030: 39 45 00 cmp %eax,0x0(%rbp)
401033: 74 05 je 40103a <phase_2+0x3e>
401035: e8 2d 09 00 00 callq 401967 <_GLOBAL_RESET_>
40103a: 44 03 23 add (%rbx),%r12d
40103d: 48 83 c5 04 add $0x4,%rbp
401041: 4c 39 ed cmp %r13,%rbp
401044: 75 e4 jne 40102a <phase_2+0x2e>
401046: 45 85 e4 test %r12d,%r12d
401049: 75 05 jne 401050 <phase_2+0x54>
40104b: e8 17 09 00 00 callq 401967 <_GLOBAL_RESET_>
401050: 48 8b 5c 24 28 mov 0x28(%rsp),%rbx
401055: 48 8b 6c 24 30 mov 0x30(%rsp),%rbp
40105a: 4c 8b 64 24 38 mov 0x38(%rsp),%r12
40105f: 4c 8b 6c 24 40 mov 0x40(%rsp),%r13
401064: 48 83 c4 48 add $0x48,%rsp
401068: c3
for (int i=0; i<3; i++){
if(t[i] != t[i+3]){
explode();
}
}
