Author:
toasterbirb

Language:
C/C++

Upload:
8:16 PM 07/05/2025

Download

Platform
Unix/linux etc.

Difficulty:
1.2

Quality:
4.2

Arch:
x86-64

Description

Something's wrong... I can feel it

• Comments
• Writeups

You must be logged in to post a comment

Boozy on 1:57 PM 07/06/2025: so in _start u can see the param's thats being passed to main is under going 1(so if x its passed as x/2) so when u pass ./argc x x,u are correct but not correct as in main the first param is being compared to 3(param_1==3) so,u either have to patch so param_1 == 1 or remove the 1.hope it helps :)

Ja4V8s28Ck on 2:17 PM 07/06/2025: @Boozy, You are right the argument count is cut in half during the `cmp`, So './argc deadbeef deadbeef deadbeef deadbeef deadbeef deadbeef' will work, but my question is why is the argument halved, I dont see any line of code that explain this behavior, So did you find any reason??

subham on 2:31 PM 07/06/2025: Help me , I am so confused !! it simply asks for 3 args I did ./argc hello hello doesn't it should be 3 ? Then i patched the je to jmp and still i am stuck at please provide valid args !

Ja4V8s28Ck on 3:15 PM 07/06/2025: @subham, There are 2 ways to solve this 1. Giving the proper number of arguments 2. Patching So if you properly patch, it will definitely work.

Boozy on 4:36 AM 07/07/2025: @Ja48s28Ck it haves the number of arguments becaus in the _start function,the func which calls the main along with the arguments does a right shift by 1 on the first parameter which is basically dividing by 2,the first parameter holds the value of number of arguments entered

mabdelou on 2:01 PM 07/20/2025: as Boozy says. the argc are getting dividing by 2 in _start lable exactly at "10e1: d0 e8 shr al, 1" which means shift al by 1 or in another word dividing by 2. so to solve the issue you need to pass the five or six parameters which will be later dividing by two to be 3 before pass to main function. or you just simply change "d0 e8" from the argc binary in line "10e1" or "10e0" to "04 00" which mean add al, 0 this just overrid the shifting logic and do logic that do nothing. so by that we can now run ./argc 1 1 and it will work just fine. i hope you find my explaining usefull.

You must be logged in to submit a writeup