I'm currently working on the binary bomb project and am stuck on phase 5. My version appears to be a little different than the other walkthroughs and tutorials I've searched for. This is x86-64 assembly. I've figured out that it is looking for two integers as input. Here is the phase_5 assembly:
40105c: 55 push %rbp
40105d: 53 push %rbx
40105e: 48 81 ec b8 01 00 00 sub $0x1b8,%rsp
401065: c7 84 24 90 01 00 00 movl $0x4,0x190(%rsp)
40106c: 04 00 00 00
401070: 48 c7 84 24 98 01 00 movq $0x0,0x198(%rsp)
401077: 00 00 00 00 00
40107c: 48 c7 84 24 a8 01 00 movq $0x0,0x1a8(%rsp)
401083: 00 00 00 00 00
401088: c7 84 24 70 01 00 00 movl $0x2,0x170(%rsp)
40108f: 02 00 00 00
401093: 4c 8d 9c 24 90 01 00 lea 0x190(%rsp),%r11
40109a: 00
40109b: 4c 89 9c 24 78 01 00 mov %r11,0x178(%rsp)
4010a2: 00
4010a3: 48 c7 84 24 88 01 00 movq $0x0,0x188(%rsp)
4010aa: 00 00 00 00 00
4010af: c7 84 24 50 01 00 00 movl $0x1,0x150(%rsp)
4010b6: 01 00 00 00
4010ba: 48 8d 84 24 70 01 00 lea 0x170(%rsp),%rax
4010c1: 00
4010c2: 48 89 84 24 58 01 00 mov %rax,0x158(%rsp)
4010c9: 00
4010ca: 4c 89 9c 24 68 01 00 mov %r11,0x168(%rsp)
4010d1: 00
4010d2: c7 84 24 30 01 00 00 movl $0xfffffffe,0x130(%rsp)
4010d9: fe ff ff ff
4010dd: 48 8d 94 24 50 01 00 lea 0x150(%rsp),%rdx
4010e4: 00
4010e5: 48 89 94 24 38 01 00 mov %rdx,0x138(%rsp)
4010ec: 00
4010ed: 48 89 84 24 48 01 00 mov %rax,0x148(%rsp)
4010f4: 00
4010f5: c7 84 24 10 01 00 00 movl $0xfffffffb,0x110(%rsp)
4010fc: fb ff ff ff
401100: 48 8d 8c 24 30 01 00 lea 0x130(%rsp),%rcx
401107: 00
401108: 48 89 8c 24 18 01 00 mov %rcx,0x118(%rsp)
40110f: 00
401110: 48 89 94 24 28 01 00 mov %rdx,0x128(%rsp)
401117: 00
401118: c7 84 24 f0 00 00 00 movl $0x8,0xf0(%rsp)
40111f: 08 00 00 00
401123: 48 8d b4 24 10 01 00 lea 0x110(%rsp),%rsi
40112a: 00
40112b: 48 89 b4 24 f8 00 00 mov %rsi,0xf8(%rsp)
401132: 00
401133: 48 89 8c 24 08 01 00 mov %rcx,0x108(%rsp)
40113a: 00
40113b: c7 84 24 d0 00 00 00 movl $0xffffffff,0xd0(%rsp)
401142: ff ff ff ff
401146: 4c 8d 84 24 f0 00 00 lea 0xf0(%rsp),%r8
40114d: 00
40114e: 4c 89 84 24 d8 00 00 mov %r8,0xd8(%rsp)
401155: 00
401156: 48 89 b4 24 e8 00 00 mov %rsi,0xe8(%rsp)
40115d: 00
40115e: c7 84 24 b0 00 00 00 movl $0xb,0xb0(%rsp)
401165: 0b 00 00 00
401169: 4c 8d 8c 24 d0 00 00 lea 0xd0(%rsp),%r9
401170: 00
401171: 4c 89 8c 24 b8 00 00 mov %r9,0xb8(%rsp)
401178: 00
401179: 4c 89 84 24 c8 00 00 mov %r8,0xc8(%rsp)
401180: 00
401181: c7 84 24 90 00 00 00 movl $0x5,0x90(%rsp)
401188: 05 00 00 00
40118c: 4c 8d 94 24 b0 00 00 lea 0xb0(%rsp),%r10
401193: 00
401194: 4c 89 94 24 98 00 00 mov %r10,0x98(%rsp)
40119b: 00
40119c: 4c 89 8c 24 a8 00 00 mov %r9,0xa8(%rsp)
4011a3: 00
4011a4: c7 44 24 70 0d 00 00 movl $0xd,0x70(%rsp)
4011ab: 00
4011ac: 48 8d 9c 24 90 00 00 lea 0x90(%rsp),%rbx
4011b3: 00
4011b4: 48 89 5c 24 78 mov %rbx,0x78(%rsp)
4011b9: 48 c7 84 24 80 00 00 movq $0x0,0x80(%rsp)
4011c0: 00 00 00 00 00
4011c5: 4c 89 94 24 88 00 00 mov %r10,0x88(%rsp)
4011cc: 00
4011cd: 48 89 84 24 a0 01 00 mov %rax,0x1a0(%rsp)
4011d4: 00
4011d5: 48 89 94 24 80 01 00 mov %rdx,0x180(%rsp)
4011dc: 00
4011dd: 48 89 8c 24 60 01 00 mov %rcx,0x160(%rsp)
4011e4: 00
4011e5: 48 89 b4 24 40 01 00 mov %rsi,0x140(%rsp)
4011ec: 00
4011ed: 4c 89 84 24 20 01 00 mov %r8,0x120(%rsp)
4011f4: 00
4011f5: 4c 89 8c 24 00 01 00 mov %r9,0x100(%rsp)
4011fc: 00
4011fd: 4c 89 94 24 e0 00 00 mov %r10,0xe0(%rsp)
401204: 00
401205: 48 89 9c 24 c0 00 00 mov %rbx,0xc0(%rsp)
40120c: 00
40120d: 48 8d 6c 24 70 lea 0x70(%rsp),%rbp
401212: 48 89 ac 24 a0 00 00 mov %rbp,0xa0(%rsp)
401219: 00
40121a: 48 c7 44 24 10 00 00 movq $0x0,0x10(%rsp)
401221: 00 00
401223: 48 89 6c 24 18 mov %rbp,0x18(%rsp)
401228: 48 89 5c 24 20 mov %rbx,0x20(%rsp)
40122d: 4c 89 54 24 28 mov %r10,0x28(%rsp)
401232: 4c 89 4c 24 30 mov %r9,0x30(%rsp)
401237: 4c 89 44 24 38 mov %r8,0x38(%rsp)
40123c: 48 89 74 24 40 mov %rsi,0x40(%rsp)
401241: 48 89 4c 24 48 mov %rcx,0x48(%rsp)
401246: 48 89 54 24 50 mov %rdx,0x50(%rsp)
40124b: 48 89 44 24 58 mov %rax,0x58(%rsp)
401250: 4c 89 5c 24 60 mov %r11,0x60(%rsp)
401255: 48 8d 4c 24 08 lea 0x8(%rsp),%rcx
40125a: 48 8d 54 24 0c lea 0xc(%rsp),%rdx
40125f: be 0d 29 40 00 mov $0x40290d,%esi
401264: b8 00 00 00 00 mov $0x0,%eax
401269: e8 92 f9 ff ff callq 400c00 <__isoc99_sscanf@plt>
40126e: 83 f8 01 cmp $0x1,%eax
401271: 7f 05 jg 401278 <phase_5+0x21c>
401273: e8 09 04 00 00 callq 401681 <explode_bomb>
401278: 83 7c 24 0c 0a cmpl $0xa,0xc(%rsp)
40127d: 76 05 jbe 401284 <phase_5+0x228>
40127f: e8 fd 03 00 00 callq 401681 <explode_bomb>
401284: 48 63 44 24 0c movslq 0xc(%rsp),%rax
401289: 48 8b 44 c4 10 mov 0x10(%rsp,%rax,8),%rax
40128e: 48 85 c0 test %rax,%rax
401291: 74 12 je 4012a5 <phase_5+0x249>
401293: ba 00 00 00 00 mov $0x0,%edx
401298: 03 10 add (%rax),%edx
40129a: 48 8b 40 18 mov 0x18(%rax),%rax
40129e: 48 85 c0 test %rax,%rax
4012a1: 75 f5 jne 401298 <phase_5+0x23c>
4012a3: eb 05 jmp 4012aa <phase_5+0x24e>
4012a5: ba 00 00 00 00 mov $0x0,%edx
4012aa: 39 54 24 08 cmp %edx,0x8(%rsp)
4012ae: 74 05 je 4012b5 <phase_5+0x259>
4012b0: e8 cc 03 00 00 callq 401681 <explode_bomb>
4012b5: 48 81 c4 b8 01 00 00 add $0x1b8,%rsp
4012bc: 5b pop %rbx
4012bd: 5d pop %rbp
4012be: c3 retq
Running gdb and p (char *) 0x40290d returns "%d %d" which is how I know it's scanning for two ints. I try to follow the compare and jump statements but get lost soon after. Any assistance would be appreciated. Thank you.
Obviously line 401278 is checking that the first number is less than or equal to 10. Then some calculations are done and the next check that can explode the bomb is at 4012aa. That is comparing the result of the calculation to the second number entered. Since you are using gdb you can simply put a breakpoint on that instruction and let the program run. Enter a valid first number followed by an arbitrary second. When stopped at the breakpoint print the value in edx. That will be the correct match for the first number entered.
Another approach is spotting the condition on line 40128e. This skips the whole calculation and simply compares the second number to zero. You will need to find the correct value to trigger this which fulfills 0x10(%rsp,%rax,8) == 0. Given that line 40121a does movq $0x0,0x10(%rsp) two zeroes trivially solve the problem.
Finally, you could reverse engineer the whole thing. Notice it is summing up elements of a linked list created on the stack in the first part of the code. The summing starts with the item specified by the first number and stops when the node with value zero is reached. The second number entered should match the calculated sum.