CHAPTER 7. SCANF() CHAPTER 7. SCANF()
7.3.3 MSVC: x86 + OllyDbg
Let’s try to hack our program in OllyDbg, forcing it to thinkscanf()always works without error.
When an address of a local variable is passed intoscanf(), the variable initially contains some random garbage, in this
case0x6E494714:
Figure 7.9:OllyDbg: passing variable address intoscanf()