root@kali:~/ohm/code_exec# gcc -fno-stack-protector -z execstack -g -o bypass2 bypass2.c
root@kali:~/ohm/code_exec# gdb bypass2 
GNU gdb (Debian 7.12-6+b1) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from bypass2...done.
(gdb) break bypass2.c :9
Breakpoint 1 at 0x790: file bypass2.c, line 9.
(gdb) run AAAAAAAAAAAAAAAA
Starting program: /root/ohm/code_exec/bypass2 AAAAAAAAAAAAAAAA

Breakpoint 1, check_serial (serial=0x7fffffffe4aa 'A' <repeats 16 times>)
    at bypass2.c:9
9	  if (strcmp(serial_buff, "SN123456") == 0) flag = 1;
(gdb) x/32xw $rsp
0x7fffffffe020:	0x00000000	0x00000000	0xffffe4aa	0x00007fff
0x7fffffffe030:	0x41414141	0x41414141	0x41414141	0x41414141
0x7fffffffe040:	0x00000000	0x00000000	0xffffe076	0x00007fff
0x7fffffffe050:	0x00000001	0x00000000	0xf7abe905	0x00007fff
0x7fffffffe060:	0x00000001	0x00000000	0x5555487d	0x00005555
0x7fffffffe070:	0xf7de70e0	0x00007fff	0x00000000	0x00000000
0x7fffffffe080:	0xffffe0a0	0x00007fff	0x55554800	0x00005555
0x7fffffffe090:	0xffffe188	0x00007fff	0x00000000	0x00000002
(gdb) print 0x7fffffffe088 - 0x7fffffffe030
$2 = 88
(gdb) 

