Part 19 - Debugging Double Primitive Datatype

For a complete table of contents of all the lessons please click below as it will give you a brief of each lesson in addition to the topics it will cover. https://github.com/mytechnotalent/hacking\_c-\_arm64

Today we are going to debug our very simple double primitive datatype.

To begin let’s open up our binary in Radare2.

  1. radare2 ./0x06_asm64_double_primitive_datatype

Let’s take advantage of Radare2’s auto analysis feature.

  1. aaa

The next thing we want to do logically is fire up the program in debug mode so it maps the raw machine code from disk to a running process.

  1. ood

Now that we have a running instance we can seek to the main entry point of the binary.

  1. s main

Let us take an initial examination by doing the following.

  1. v

When dealing with double floating-point numbers in ARM64 we have to understand that we want to locate where the fmov instruction occurs where we take a value from our w0 register and move it into the floating point d0 register. Here is where all the magic happens! This is just like our floating-point numbers that deal with s0.

Let us define a break point right below the fmov instruction. REMEMBER with ASLR your addresses will be different than this example.

  1. [0x556bf809b4]> db 0x556bf809c4
  2. [0x556bf809b4]> dc
  3. hit breakpoint at: 0x556bf809c4
  4. [0x556bf809c4]> dr w0
  5. 0x33333333

We move our w0 register into d0 so we HAVE to change these values in d0 which is different from our float. We will explore this in the next lesson.

Lets continue to show our value.

  1. [0x556bf809c4]> dc
  2. 10.1
  3. (39979) Process exited with status=0x0
  4. [0x7fa37da0fc]>

In our next lesson we will hack this value!