Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/vba/17.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Assembly 分析汇编代码EX“;mov%eax,0x8(%ebx)";_Assembly_Puzzle_Disassembly_Mov - Fatal编程技术网

Assembly 分析汇编代码EX“;mov%eax,0x8(%ebx)";

Assembly 分析汇编代码EX“;mov%eax,0x8(%ebx)";,assembly,puzzle,disassembly,mov,Assembly,Puzzle,Disassembly,Mov,这是一个硬件问题。我并不是在问“爆炸炸弹”从未运行过的答案。我要求澄清/指导代码的一小部分中发生了什么 这就是我想弄明白的(下面的[0x8(%ebx)]代码发生了什么情况)? 0x8(%register)不意味着它正在访问内存地址%register+0x8处的值吗?它看起来不像是存储在那里的内存地址。。。 我知道这是一个模糊的问题。我在psuedoesque代码中将我不理解的行标记为LINEXXX HexAddress**。[LINEXXX-是ddd的行号,它不允许我从ddd复制,所以我使用了o

这是一个硬件问题。我并不是在问“爆炸炸弹”从未运行过的答案。我要求澄清/指导代码的一小部分中发生了什么

这就是我想弄明白的(下面的[0x8(%ebx)]代码发生了什么情况)? 0x8(%register)不意味着它正在访问内存地址%register+0x8处的值吗?它看起来不像是存储在那里的内存地址。。。 我知道这是一个模糊的问题。我在psuedoesque代码中将我不理解的行标记为LINEXXX HexAddress**。[LINEXXX-是ddd的行号,它不允许我从ddd复制,所以我使用了objdump…]

非常感谢你, 任何小提示都将不胜感激

8048efa:    8b 5c 24 10             mov    0x10(%esp),%ebx
8048efe:    8b 44 24 14             mov    0x14(%esp),%eax
8048f02:    89 43 08                mov    %eax,0x8(%ebx)
8048f05:    8b 54 24 18             mov    0x18(%esp),%edx
8048f09:    89 50 08                mov    %edx,0x8(%eax)
8048f0c:    8b 44 24 1c             mov    0x1c(%esp),%eax
8048f10:    89 42 08                mov    %eax,0x8(%edx)
8048f13:    8b 54 24 20             mov    0x20(%esp),%edx
8048f17:    89 50 08                mov    %edx,0x8(%eax)
8048f1a:    8b 44 24 24             mov    0x24(%esp),%eax
8048f1e:    89 42 08                mov    %eax,0x8(%edx)
8048f21:    c7 40 08 00 00 00 00    movl   $0x0,0x8(%eax)
8048f28:    be 05 00 00 00          mov    $0x5,%esi
8048f2d:    8b 43 08                mov    0x8(%ebx),%eax
8048f30:    8b 10                   mov    (%eax),%edx
8048f32:    39 13                   cmp    %edx,(%ebx)
8048f34:    7d 05                   jge    8048f3b <phase_6+0xca>
8048f36:    e8 d3 03 00 00          call   804930e <explode_bomb>
8048f3b:    8b 5b 08                mov    0x8(%ebx),%ebx
8048f3e:    83 ee 01                sub    $0x1,%esi
8048efa:8b 5c 24 10 mov 0x10(%esp),%ebx
8048efe:8b 44 24 14 mov 0x14(%esp),%eax
8048f02:89 43 08 mov%eax,0x8(%ebx)
8048f05:8b 54 24 18 mov 0x18(%esp),%edx
8048f09:89 50 08 mov%edx,0x8(%eax)
8048f0c:8b 44 24 1c mov 0x1c(%esp),%eax
8048f10:89 42 08 mov%eax,0x8(%edx)
8048f13:8b 54 24 20 mov 0x20(%esp),%edx
8048f17:89 50 08 mov%edx,0x8(%eax)
8048f1a:8b 44 24 mov 0x24(%esp),%eax
8048f1e:89 42 08 mov%eax,0x8(%edx)
8048f21:c7 40 08 00 movl$0x0,0x8(%eax)
8048f28:be 05 00 mov$0x5,%esi
8048f2d:8b 43 08 mov 0x8(%ebx),%eax
8048f30:8b 10 mov(%eax),%edx
8048f32:39 13 cmp%edx,(%ebx)
8048f34:7d 05 jge 8048f3b
8048f36:e8 d3 03 00 00呼叫804930e
8048f3b:8b 5b 08 mov 0x8(%ebx),%ebx
8048f3e:83 ee 01子$0x1,%esi
我编写了一些伪代码来帮助我更好地了解正在发生的事情:

example input-> "6 89 79 69 59 49"
eax = "6 89 79 69 59 49"
stuff
after stuff (read_six_numbers)
eax = 6
0x28(esp,edi*4)
edi=0 -> 6
edi=1 -> 89
edi=2 -> 79
edi=3 -> 69
edi=4 -> 59
edi=5 -> 49

naming this as array[]
----------------
edi=0;
esi=0;
Line31:
eax = array[edi];
eax--;
if((unsigned int)eax > 5) explodebomb();
esi=1+edi;
if(esi==6)goto Line109
ebx=esi;
Line58:
eax=array[ebx];
if(eax == array[esi-1]) explodebomb();
ebx++;
edi=esi;
if(5<=ebx)goto Line58;
else goto Line31;
Line85:
edx = *edx + 8;
eax++;
if(ecx != eax)goto Line85;
Line85:
array2[esi]=edx;
ebx++;
if(6 != ebx) goto Line114;
goto Line137
ebx = 0;
esi=ebx;
ecx=array[ebx];
eax = 1;
edx=0x804c154;
if(1>ecx)goto Line85;
goto Line95;
ebx=array2[0];
eax=array2[1];
LINE145-0x08048f02**** 0x8(ebx)=eax;
edx=array2[2];
LINE152-0x08048f09**** 0x8(eax)=edx;
eax=array2[3];
LINE159-0x08048f10**** 0x8(edx)=eax;
edx=array2[4];
LINE166-0x08048f17**** 0x8(eax)=edx;
eax=array2[5];
LINE173-0x08048f1e**** 0x8(edx)=eax;
LINE176-0x08048f21**** 0x8(eax)=eax;
esi=5;
Line188:
LINE188-0x08048f2d**** eax=0x8(ebx);
edx=(eax);
if(!(edx >= (ebx))) explodebomb();
LINE202-0x08048f3b**** ebx=0x8(ebx);
esi--;
if(edx != (ebx)) goto Line188;
esp+=0x40;
return eax;
示例输入->“6 89 79 69 59 49”
eax=“6 89 79 69 59 49”
东西
东西之后(读六个数字)
eax=6
0x28(esp、edi*4)
edi=0->6
edi=1->89
edi=2->79
edi=3->69
edi=4->59
edi=5->49
将其命名为数组[]
----------------
edi=0;
esi=0;
第31行:
eax=数组[edi];
eax-;
如果((无符号整数)eax>5)爆炸炸弹();
esi=1+edi;
如果(esi==6)转到第109行
ebx=esi;
第58行:
eax=数组[ebx];
if(eax==数组[esi-1]);
ebx++;
edi=esi;
如果(5ecx)转到线路85;
后藤95号线;
ebx=array2[0];
eax=array2[1];
行145-0x08048f02****0x8(ebx)=eax;
edx=array2[2];
线路152-0x08048f09****0x8(eax)=edx;
eax=array2[3];
行159-0x08048f10****0x8(edx)=eax;
edx=array2[4];
线路166-0x08048f17****0x8(eax)=edx;
eax=array2[5];
线路173-0x08048f1e****0x8(edx)=eax;
行176-0x08048f21****0x8(eax)=eax;
esi=5;
第188行:
行188-0x08048f2d****eax=0x8(ebx);
edx=(eax);
如果(!(edx>=(ebx)))爆炸炸弹();
线路202-0x08048f3b****ebx=0x8(ebx);
esi--;
如果(edx!=(ebx))转到第188行;
esp+=0x40;
返回eax;
汇编代码:

08048e71 <phase_6>:
8048e71:    57                      push   %edi
8048e72:    56                      push   %esi
8048e73:    53                      push   %ebx
8048e74:    83 ec 40                sub    $0x40,%esp
8048e77:    8d 44 24 28             lea    0x28(%esp),%eax
8048e7b:    89 44 24 04             mov    %eax,0x4(%esp)
8048e7f:    8b 44 24 50             mov    0x50(%esp),%eax
8048e83:    89 04 24                mov    %eax,(%esp)
8048e86:    e8 ce 05 00 00          call   8049459 <read_six_numbers>
8048e8b:    bf 00 00 00 00          mov    $0x0,%edi
8048e90:    8b 44 bc 28             mov    0x28(%esp,%edi,4),%eax
8048e94:    83 e8 01                sub    $0x1,%eax
8048e97:    83 f8 05                cmp    $0x5,%eax
8048e9a:    76 05                   jbe    8048ea1 <phase_6+0x30>
8048e9c:    e8 6d 04 00 00          call   804930e <explode_bomb>
8048ea1:    8d 77 01                lea    0x1(%edi),%esi
8048ea4:    83 fe 06                cmp    $0x6,%esi
8048ea7:    74 35                   je     8048ede <phase_6+0x6d>
8048ea9:    89 f3                   mov    %esi,%ebx
8048eab:    8b 44 9c 28             mov    0x28(%esp,%ebx,4),%eax
8048eaf:    39 44 b4 24             cmp    %eax,0x24(%esp,%esi,4)
8048eb3:    75 05                   jne    8048eba <phase_6+0x49>
8048eb5:    e8 54 04 00 00          call   804930e <explode_bomb>
8048eba:    83 c3 01                add    $0x1,%ebx
8048ebd:    89 f7                   mov    %esi,%edi
8048ebf:    83 fb 05                cmp    $0x5,%ebx
8048ec2:    7e e7                   jle    8048eab <phase_6+0x3a>
8048ec4:    eb ca                   jmp    8048e90 <phase_6+0x1f>
8048ec6:    8b 52 08                mov    0x8(%edx),%edx
8048ec9:    83 c0 01                add    $0x1,%eax
8048ecc:    39 c8                   cmp    %ecx,%eax
8048ece:    75 f6                   jne    8048ec6 <phase_6+0x55>
8048ed0:    89 54 b4 10             mov    %edx,0x10(%esp,%esi,4)
8048ed4:    83 c3 01                add    $0x1,%ebx
8048ed7:    83 fb 06                cmp    $0x6,%ebx
8048eda:    75 07                   jne    8048ee3 <phase_6+0x72>
8048edc:    eb 1c                   jmp    8048efa <phase_6+0x89>
8048ede:    bb 00 00 00 00          mov    $0x0,%ebx
8048ee3:    89 de                   mov    %ebx,%esi
8048ee5:    8b 4c 9c 28             mov    0x28(%esp,%ebx,4),%ecx
8048ee9:    b8 01 00 00 00          mov    $0x1,%eax
8048eee:    ba 54 c1 04 08          mov    $0x804c154,%edx
8048ef3:    83 f9 01                cmp    $0x1,%ecx
8048ef6:    7f ce                   jg     8048ec6 <phase_6+0x55>
8048ef8:    eb d6                   jmp    8048ed0 <phase_6+0x5f>
8048efa:    8b 5c 24 10             mov    0x10(%esp),%ebx
8048efe:    8b 44 24 14             mov    0x14(%esp),%eax
8048f02:    89 43 08                mov    %eax,0x8(%ebx)
8048f05:    8b 54 24 18             mov    0x18(%esp),%edx
8048f09:    89 50 08                mov    %edx,0x8(%eax)
8048f0c:    8b 44 24 1c             mov    0x1c(%esp),%eax
8048f10:    89 42 08                mov    %eax,0x8(%edx)
8048f13:    8b 54 24 20             mov    0x20(%esp),%edx
8048f17:    89 50 08                mov    %edx,0x8(%eax)
8048f1a:    8b 44 24 24             mov    0x24(%esp),%eax
8048f1e:    89 42 08                mov    %eax,0x8(%edx)
8048f21:    c7 40 08 00 00 00 00    movl   $0x0,0x8(%eax)
8048f28:    be 05 00 00 00          mov    $0x5,%esi
8048f2d:    8b 43 08                mov    0x8(%ebx),%eax
8048f30:    8b 10                   mov    (%eax),%edx
8048f32:    39 13                   cmp    %edx,(%ebx)
8048f34:    7d 05                   jge    8048f3b <phase_6+0xca>
8048f36:    e8 d3 03 00 00          call   804930e <explode_bomb>
8048f3b:    8b 5b 08                mov    0x8(%ebx),%ebx
8048f3e:    83 ee 01                sub    $0x1,%esi
8048f41:    75 ea                   jne    8048f2d <phase_6+0xbc>
8048f43:    83 c4 40                add    $0x40,%esp
8048f46:    5b                      pop    %ebx
8048f47:    5e                      pop    %esi
8048f48:    5f                      pop    %edi
8048f49:    c3                      ret    
08048e71:
8048e71:57推送百分比edi
8048e72:56%推力esi
8048e73:53推送百分比ebx
8048e74:83 ec 40子$0x40,%esp
8048e77:8d 44 24 28 lea 0x28(%esp),%eax
8048e7b:89 44 24 04 mov%eax,0x4(%esp)
8048e7f:8b 44 24 50 mov 0x50(%esp),%eax
8048e83:89 04 24 mov%eax,(%esp)
8048e86:e8 ce 05 00 00拨打8049459
8048e8b:bf 00 mov$0x0,%edi
8048e90:8b 44 bc 28 mov 0x28(%esp,%edi,4),%eax
8048e94:83 e8 01子$0x1,%eax
8048e97:83 f8 05 cmp$0x5,%eax
8048e9a:76 05 jbe 8048ea1
8048e9c:e8 6d 04 00 00呼叫804930e
8048ea1:8d 77 01 lea 0x1(%edi),%esi
8048ea4:83 fe 06 cmp$0x6,%esi
8048ea7:74 35 je 8048ede
8048ea9:89 f3 mov%esi,%ebx
8048eab:8b 44 9c 28 mov 0x28(%esp,%ebx,4),%eax
8048eaf:39 44 b4 24 cmp%eax,0x24(%esp,%esi,4)
8048eb3:75 05 jne 8048eba
8048eb5:e8 54 04 00 00呼叫804930e
8048eba:83 c3 01添加$0x1,%ebx
8048ebd:89 f7 mov%esi,%edi
8048ebf:83 fb 05 cmp$0x5,%ebx
8048ec2:7e e7 jle 8048eab
8048ec4:eb ca jmp 8048e90
8048ec6:8b 52 08 mov 0x8(%edx),%edx
8048ec9:83 C001添加$0x1,%eax
8048ecc:39 c8 cmp%ecx,%eax
8048ece:75 f6 jne 8048ec6
8048ed0:89 54 b4 10 mov%edx,0x10(%esp,%esi,4)
8048ed4:83 c3 01添加$0x1,%ebx
8048ed7:83 fb 06 cmp$0x6,%ebx
8048eda:75 07 jne 8048ee3
8048edc:eb 1c jmp 8048efa
8048ede:bb 00 mov$0x0,%ebx
8048ee3:89移动百分比ebx,%esi
8048ee5:8b 4c 9c 28 mov 0x28(%esp,%ebx,4),%ecx
8048ee9:b8 01 00 mov$0x1,%eax
8048eee:ba 54 c1 04 08 mov$0x804c154,%edx
8048ef3:83 f9 01 cmp$0x1,%ecx
8048ef6:7f ce jg 8048ec6
8048ef8:eb d6 jmp 8048ed0
8048efa:8b 5c 24 10 mov 0x10(%esp),%ebx
8048efe:8b 44 24 14 mov 0x14(%esp),%eax
8048f02:89 43 08 mov%eax,0x8(%ebx)
8048f05:8b 54 24 18 mov 0x18(%esp),%edx
8048f09:89 50 08 mov%edx,0x8(%eax)
8048f0c:8b 44 24 1c mov 0x1c(%esp),%eax
8048f10:89 42 08 mov%eax,0x8(%edx)
8048f13:8b 54 24 20 mov 0x20(%esp),%edx
8048f17:89 50 08 mov
struct s { 
    int value; 
    int ??;
    struct s * next;
};
// in esp+0x10
struct s *point_arr[6];
point_arr[0]->next = &point_arr[1];
point_arr[1]->next = &point_arr[2];
point_arr[2]->next = &point_arr[3];
point_arr[3]->next = &point_arr[4];
point_arr[4]->next = &point_arr[5];
point_arr[5]->next = NULL;