Part 13 - Debugging Boolean Primitive Datatype

For a complete table of contents of all the lessons please click below as it will give you a brief of each lesson in addition to the topics it will cover. https://github.com/mytechnotalent/hacking\_c-\_arm64

Today we are going to debug our very simple boolean primitive datatype.

To begin let’s open up our binary in Radare2.

  1. radare2 ./0x04_asm64_boolean_primitive_datatype

Let’s take advantage of Radare2’s auto analysis feature.

  1. aaa

The next thing we want to do logically is fire up the program in debug mode so it maps the raw machine code from disk to a running process.

  1. ood

Now that we have a running instance we can seek to the main entry point of the binary.

  1. s main

Let us take an initial examination by doing the following.

  1. v

We see in 0x55718999bc movz w0, 0x1_or moving _0x1 into w0 which is our bool true. REMEMBER your address will be different due to ASLR.

Let’s set a breakpoint at 0x55718999bc and verify the contents.

  1. [0x55718999b4]> db 0x55718999bc
  2. [0x55718999b4]> dc
  1. hit breakpoint at: 0x55718999bc
  1. [0x55718999bc]> ds
  2. [0x55718999bc]> dr w0
  3. 0x00000001
  4. [0x55718999bc]>

Very simply we broke right before the value 0x1 was to be placed in w0 and then we stepped and saw that it was in fact 0x1 inside of w0 after the step. This means that our program successfully put a 1 _or _true into the w0 register which matches what our source code created.

If we dc again we see it echoed to the stdout as expected.

  1. [0x55718999bc]> dc
  2. 1
  3. (96445) Process exited with status=0x0
  1. [0x7fac4f903c]>

In our next lesson we will hack the boolean to make it 0.