21,496
社区成员
发帖
与我相关
我的任务
分享看TheShellcoderbook不明白之处,求解释
0x8048430 <triangle>: push %ebp
0x8048431 <triangle + 1>: mov %esp, %ebp
0x8048433 <triangle + 3>: push %edi
0x8048434 <triangle + 4>: push %esi
0x8048435 <triangle + 5>: sub $0x30, %esp
0x8048438 <triangle + 8>: lea 0xffffffd8(%ebp), %edi //这一句
0x804843b <triangle + 11>: mov $0x8049508, %esi //这一句
0x8048440 <triangle + 16>: cld
0x8048441 <triangle + 17>: mov $0x30, %esp
0x8048446 <triangle + 22>: repz movsl %ds:(%esi), %es:(%edi)
0x8048448 <triangle + 24>: mov 0x8(%ebp), %eax
0x804844b <triangle + 27>: mov %eax, %edx
0x804844d <triangle + 29>: imul 0xc(%ebp), %edx
0x8048451 <triangle + 33>: mov %edx, %eax
0x8048453 <triangle + 35>: sar $0x1f, %eax//这一句
0x8048456 <triangle + 38>: shr $0x1f, %eax//这一句
0x8048459 <triangle + 41>: lea (%eax, %edx,1), %eax//这一句
0x804845c <triangle + 44>: sar %eax//这一句
0x804845e <triangle + 46>: mov %eax, oxffffffd4(%ebp)//这一句
0x8048461 <triangle + 49>: mov 0xffffffd4(%ebp), %eax//这一句
0x8048464 <triangle + 52>: mov %eax, %eax//这一句
0x8048466 <triangle + 54>: add $0x30, %esp
0x8048469 <triangle + 57>: pop %esi
0x804846a <triangle + 58>: pop %edi
0x804846b <triangle + 59>: pop %ebp
0x804846c <triangle + 60>: ret
在 vs2010反汇编没这么复杂
求i解释
0x8048431 <triangle + 1>: mov %esp, %ebp
0x8048433 <triangle + 3>: push %edi
0x8048434 <triangle + 4>: push %esi
0x8048435 <triangle + 5>: sub $0x30, %esp
0x8048438 <triangle + 8>: lea 0xffffffd8(%ebp), %edi //这一句
0x804843b <triangle + 11>: mov $0x8049508, %esi //这一句
0x8048440 <triangle + 16>: cld
0x8048441 <triangle + 17>: mov $0x30, %esp
0x8048446 <triangle + 22>: repz movsl %ds:(%esi), %es:(%edi)
0x8048448 <triangle + 24>: mov 0x8(%ebp), %eax
0x804844b <triangle + 27>: mov %eax, %edx
0x804844d <triangle + 29>: imul 0xc(%ebp), %edx
0x8048451 <triangle + 33>: mov %edx, %eax
0x8048453 <triangle + 35>: sar $0x1f, %eax//这一句
0x8048456 <triangle + 38>: shr $0x1f, %eax//这一句
0x8048459 <triangle + 41>: lea (%eax, %edx,1), %eax//这一句
0x804845c <triangle + 44>: sar %eax//这一句
0x804845e <triangle + 46>: mov %eax, oxffffffd4(%ebp)//这一句
0x8048461 <triangle + 49>: mov 0xffffffd4(%ebp), %eax//这一句
0x8048464 <triangle + 52>: mov %eax, %eax//这一句
0x8048466 <triangle + 54>: add $0x30, %esp
0x8048469 <triangle + 57>: pop %esi
0x804846a <triangle + 58>: pop %edi
0x804846b <triangle + 59>: pop %ebp
0x804846c <triangle + 60>: ret
在 vs2010反汇编没这么复杂
求i解释
...全文
请发表友善的回复…
发表回复
jimette 2013-08-09
- 打赏
- 举报
jimette 2013-07-17
- 打赏
- 举报
www_adintr_com 2013-06-27
- 打赏
- 举报
这是 at&t 风格的汇编,unix 下一般用这种
lea 0xffffffd8(%ebp), %edi 等价于 mov edi,[ebp-自己转补码算]
0x804843b <triangle + 11>: mov $0x8049508, %esi 这一句很简单呀 mov esi, 0x8049508
0x8048453 <triangle + 35>: sar $0x1f, %eax//这一句
0x8048456 <triangle + 38>: shr $0x1f, %eax//这一句
0x8048459 <triangle + 41>: lea (%eax, %edx,1), %eax//这一句
0x804845c <triangle + 44>: sar %eax//这一句
0x804845e <triangle + 46>: mov %eax, oxffffffd4(%ebp)//这一句
0x8048461 <triangle + 49>: mov 0xffffffd4(%ebp), %eax//这一句
0x8048464 <triangle + 52>: mov %eax, %eax//这一句
依次翻译为:
sar eax, 1fh
shr eax, 1fh
lea eax, [eax + edx * 1]
sar eax
mov eax,[ebp - 自己算]
mov [ebp - 自己算], eax
mov eax,eax
www_adintr_com 2013-06-27
- 打赏
- 举报
看不懂, 似乎没什么作用, 全是空操作, 它是不是想在代码段构造出特定的数据来哦, 看看这些代码对应的机器码有没有什么含义呢
jimette 2013-06-27
- 打赏
- 举报
0x8048459 <triangle + 41>: lea (%eax, %edx,1), %eax//这一句
0x804845c <triangle + 44>: sar %eax//这一句
0x804845e <triangle + 46>: mov %eax, oxffffffd4(%ebp)//这一句
0x8048461 <triangle + 49>: mov 0xffffffd4(%ebp), %eax//这一句
0x8048464 <triangle + 52>: mov %eax, %eax//这一句
这几句是用来做什么的?
jimette 2013-06-27
- 打赏
- 举报
sar $0x1f, %eax
shr $0x1f, %eax
为什么右移两次31bit?
jimette 2013-06-27
- 打赏
- 举报
大牛,字面意思我懂 只不过不知道那几句的作用
