Assembly 分析汇编代码EX“;mov%eax,0x8(%ebx)";
这是一个硬件问题。我并不是在问“爆炸炸弹”从未运行过的答案。我要求澄清/指导代码的一小部分中发生了什么 这就是我想弄明白的(下面的[0x8(%ebx)]代码发生了什么情况)? 0x8(%register)不意味着它正在访问内存地址%register+0x8处的值吗?它看起来不像是存储在那里的内存地址。。。 我知道这是一个模糊的问题。我在psuedoesque代码中将我不理解的行标记为LINEXXX HexAddress**。[LINEXXX-是ddd的行号,它不允许我从ddd复制,所以我使用了objdump…] 非常感谢你, 任何小提示都将不胜感激Assembly 分析汇编代码EX“;mov%eax,0x8(%ebx)";,assembly,puzzle,disassembly,mov,Assembly,Puzzle,Disassembly,Mov,这是一个硬件问题。我并不是在问“爆炸炸弹”从未运行过的答案。我要求澄清/指导代码的一小部分中发生了什么 这就是我想弄明白的(下面的[0x8(%ebx)]代码发生了什么情况)? 0x8(%register)不意味着它正在访问内存地址%register+0x8处的值吗?它看起来不像是存储在那里的内存地址。。。 我知道这是一个模糊的问题。我在psuedoesque代码中将我不理解的行标记为LINEXXX HexAddress**。[LINEXXX-是ddd的行号,它不允许我从ddd复制,所以我使用了o
8048efa: 8b 5c 24 10 mov 0x10(%esp),%ebx
8048efe: 8b 44 24 14 mov 0x14(%esp),%eax
8048f02: 89 43 08 mov %eax,0x8(%ebx)
8048f05: 8b 54 24 18 mov 0x18(%esp),%edx
8048f09: 89 50 08 mov %edx,0x8(%eax)
8048f0c: 8b 44 24 1c mov 0x1c(%esp),%eax
8048f10: 89 42 08 mov %eax,0x8(%edx)
8048f13: 8b 54 24 20 mov 0x20(%esp),%edx
8048f17: 89 50 08 mov %edx,0x8(%eax)
8048f1a: 8b 44 24 24 mov 0x24(%esp),%eax
8048f1e: 89 42 08 mov %eax,0x8(%edx)
8048f21: c7 40 08 00 00 00 00 movl $0x0,0x8(%eax)
8048f28: be 05 00 00 00 mov $0x5,%esi
8048f2d: 8b 43 08 mov 0x8(%ebx),%eax
8048f30: 8b 10 mov (%eax),%edx
8048f32: 39 13 cmp %edx,(%ebx)
8048f34: 7d 05 jge 8048f3b <phase_6+0xca>
8048f36: e8 d3 03 00 00 call 804930e <explode_bomb>
8048f3b: 8b 5b 08 mov 0x8(%ebx),%ebx
8048f3e: 83 ee 01 sub $0x1,%esi
8048efa:8b 5c 24 10 mov 0x10(%esp),%ebx
8048efe:8b 44 24 14 mov 0x14(%esp),%eax
8048f02:89 43 08 mov%eax,0x8(%ebx)
8048f05:8b 54 24 18 mov 0x18(%esp),%edx
8048f09:89 50 08 mov%edx,0x8(%eax)
8048f0c:8b 44 24 1c mov 0x1c(%esp),%eax
8048f10:89 42 08 mov%eax,0x8(%edx)
8048f13:8b 54 24 20 mov 0x20(%esp),%edx
8048f17:89 50 08 mov%edx,0x8(%eax)
8048f1a:8b 44 24 mov 0x24(%esp),%eax
8048f1e:89 42 08 mov%eax,0x8(%edx)
8048f21:c7 40 08 00 movl$0x0,0x8(%eax)
8048f28:be 05 00 mov$0x5,%esi
8048f2d:8b 43 08 mov 0x8(%ebx),%eax
8048f30:8b 10 mov(%eax),%edx
8048f32:39 13 cmp%edx,(%ebx)
8048f34:7d 05 jge 8048f3b
8048f36:e8 d3 03 00 00呼叫804930e
8048f3b:8b 5b 08 mov 0x8(%ebx),%ebx
8048f3e:83 ee 01子$0x1,%esi
example input-> "6 89 79 69 59 49"
eax = "6 89 79 69 59 49"
stuff
after stuff (read_six_numbers)
eax = 6
0x28(esp,edi*4)
edi=0 -> 6
edi=1 -> 89
edi=2 -> 79
edi=3 -> 69
edi=4 -> 59
edi=5 -> 49
naming this as array[]
----------------
edi=0;
esi=0;
Line31:
eax = array[edi];
eax--;
if((unsigned int)eax > 5) explodebomb();
esi=1+edi;
if(esi==6)goto Line109
ebx=esi;
Line58:
eax=array[ebx];
if(eax == array[esi-1]) explodebomb();
ebx++;
edi=esi;
if(5<=ebx)goto Line58;
else goto Line31;
Line85:
edx = *edx + 8;
eax++;
if(ecx != eax)goto Line85;
Line85:
array2[esi]=edx;
ebx++;
if(6 != ebx) goto Line114;
goto Line137
ebx = 0;
esi=ebx;
ecx=array[ebx];
eax = 1;
edx=0x804c154;
if(1>ecx)goto Line85;
goto Line95;
ebx=array2[0];
eax=array2[1];
LINE145-0x08048f02**** 0x8(ebx)=eax;
edx=array2[2];
LINE152-0x08048f09**** 0x8(eax)=edx;
eax=array2[3];
LINE159-0x08048f10**** 0x8(edx)=eax;
edx=array2[4];
LINE166-0x08048f17**** 0x8(eax)=edx;
eax=array2[5];
LINE173-0x08048f1e**** 0x8(edx)=eax;
LINE176-0x08048f21**** 0x8(eax)=eax;
esi=5;
Line188:
LINE188-0x08048f2d**** eax=0x8(ebx);
edx=(eax);
if(!(edx >= (ebx))) explodebomb();
LINE202-0x08048f3b**** ebx=0x8(ebx);
esi--;
if(edx != (ebx)) goto Line188;
esp+=0x40;
return eax;
示例输入->“6 89 79 69 59 49”
eax=“6 89 79 69 59 49”
东西
东西之后(读六个数字)
eax=6
0x28(esp、edi*4)
edi=0->6
edi=1->89
edi=2->79
edi=3->69
edi=4->59
edi=5->49
将其命名为数组[]
----------------
edi=0;
esi=0;
第31行:
eax=数组[edi];
eax-;
如果((无符号整数)eax>5)爆炸炸弹();
esi=1+edi;
如果(esi==6)转到第109行
ebx=esi;
第58行:
eax=数组[ebx];
if(eax==数组[esi-1]);
ebx++;
edi=esi;
如果(5ecx)转到线路85;
后藤95号线;
ebx=array2[0];
eax=array2[1];
行145-0x08048f02****0x8(ebx)=eax;
edx=array2[2];
线路152-0x08048f09****0x8(eax)=edx;
eax=array2[3];
行159-0x08048f10****0x8(edx)=eax;
edx=array2[4];
线路166-0x08048f17****0x8(eax)=edx;
eax=array2[5];
线路173-0x08048f1e****0x8(edx)=eax;
行176-0x08048f21****0x8(eax)=eax;
esi=5;
第188行:
行188-0x08048f2d****eax=0x8(ebx);
edx=(eax);
如果(!(edx>=(ebx)))爆炸炸弹();
线路202-0x08048f3b****ebx=0x8(ebx);
esi--;
如果(edx!=(ebx))转到第188行;
esp+=0x40;
返回eax;
08048e71 <phase_6>:
8048e71: 57 push %edi
8048e72: 56 push %esi
8048e73: 53 push %ebx
8048e74: 83 ec 40 sub $0x40,%esp
8048e77: 8d 44 24 28 lea 0x28(%esp),%eax
8048e7b: 89 44 24 04 mov %eax,0x4(%esp)
8048e7f: 8b 44 24 50 mov 0x50(%esp),%eax
8048e83: 89 04 24 mov %eax,(%esp)
8048e86: e8 ce 05 00 00 call 8049459 <read_six_numbers>
8048e8b: bf 00 00 00 00 mov $0x0,%edi
8048e90: 8b 44 bc 28 mov 0x28(%esp,%edi,4),%eax
8048e94: 83 e8 01 sub $0x1,%eax
8048e97: 83 f8 05 cmp $0x5,%eax
8048e9a: 76 05 jbe 8048ea1 <phase_6+0x30>
8048e9c: e8 6d 04 00 00 call 804930e <explode_bomb>
8048ea1: 8d 77 01 lea 0x1(%edi),%esi
8048ea4: 83 fe 06 cmp $0x6,%esi
8048ea7: 74 35 je 8048ede <phase_6+0x6d>
8048ea9: 89 f3 mov %esi,%ebx
8048eab: 8b 44 9c 28 mov 0x28(%esp,%ebx,4),%eax
8048eaf: 39 44 b4 24 cmp %eax,0x24(%esp,%esi,4)
8048eb3: 75 05 jne 8048eba <phase_6+0x49>
8048eb5: e8 54 04 00 00 call 804930e <explode_bomb>
8048eba: 83 c3 01 add $0x1,%ebx
8048ebd: 89 f7 mov %esi,%edi
8048ebf: 83 fb 05 cmp $0x5,%ebx
8048ec2: 7e e7 jle 8048eab <phase_6+0x3a>
8048ec4: eb ca jmp 8048e90 <phase_6+0x1f>
8048ec6: 8b 52 08 mov 0x8(%edx),%edx
8048ec9: 83 c0 01 add $0x1,%eax
8048ecc: 39 c8 cmp %ecx,%eax
8048ece: 75 f6 jne 8048ec6 <phase_6+0x55>
8048ed0: 89 54 b4 10 mov %edx,0x10(%esp,%esi,4)
8048ed4: 83 c3 01 add $0x1,%ebx
8048ed7: 83 fb 06 cmp $0x6,%ebx
8048eda: 75 07 jne 8048ee3 <phase_6+0x72>
8048edc: eb 1c jmp 8048efa <phase_6+0x89>
8048ede: bb 00 00 00 00 mov $0x0,%ebx
8048ee3: 89 de mov %ebx,%esi
8048ee5: 8b 4c 9c 28 mov 0x28(%esp,%ebx,4),%ecx
8048ee9: b8 01 00 00 00 mov $0x1,%eax
8048eee: ba 54 c1 04 08 mov $0x804c154,%edx
8048ef3: 83 f9 01 cmp $0x1,%ecx
8048ef6: 7f ce jg 8048ec6 <phase_6+0x55>
8048ef8: eb d6 jmp 8048ed0 <phase_6+0x5f>
8048efa: 8b 5c 24 10 mov 0x10(%esp),%ebx
8048efe: 8b 44 24 14 mov 0x14(%esp),%eax
8048f02: 89 43 08 mov %eax,0x8(%ebx)
8048f05: 8b 54 24 18 mov 0x18(%esp),%edx
8048f09: 89 50 08 mov %edx,0x8(%eax)
8048f0c: 8b 44 24 1c mov 0x1c(%esp),%eax
8048f10: 89 42 08 mov %eax,0x8(%edx)
8048f13: 8b 54 24 20 mov 0x20(%esp),%edx
8048f17: 89 50 08 mov %edx,0x8(%eax)
8048f1a: 8b 44 24 24 mov 0x24(%esp),%eax
8048f1e: 89 42 08 mov %eax,0x8(%edx)
8048f21: c7 40 08 00 00 00 00 movl $0x0,0x8(%eax)
8048f28: be 05 00 00 00 mov $0x5,%esi
8048f2d: 8b 43 08 mov 0x8(%ebx),%eax
8048f30: 8b 10 mov (%eax),%edx
8048f32: 39 13 cmp %edx,(%ebx)
8048f34: 7d 05 jge 8048f3b <phase_6+0xca>
8048f36: e8 d3 03 00 00 call 804930e <explode_bomb>
8048f3b: 8b 5b 08 mov 0x8(%ebx),%ebx
8048f3e: 83 ee 01 sub $0x1,%esi
8048f41: 75 ea jne 8048f2d <phase_6+0xbc>
8048f43: 83 c4 40 add $0x40,%esp
8048f46: 5b pop %ebx
8048f47: 5e pop %esi
8048f48: 5f pop %edi
8048f49: c3 ret
08048e71:
8048e71:57推送百分比edi
8048e72:56%推力esi
8048e73:53推送百分比ebx
8048e74:83 ec 40子$0x40,%esp
8048e77:8d 44 24 28 lea 0x28(%esp),%eax
8048e7b:89 44 24 04 mov%eax,0x4(%esp)
8048e7f:8b 44 24 50 mov 0x50(%esp),%eax
8048e83:89 04 24 mov%eax,(%esp)
8048e86:e8 ce 05 00 00拨打8049459
8048e8b:bf 00 mov$0x0,%edi
8048e90:8b 44 bc 28 mov 0x28(%esp,%edi,4),%eax
8048e94:83 e8 01子$0x1,%eax
8048e97:83 f8 05 cmp$0x5,%eax
8048e9a:76 05 jbe 8048ea1
8048e9c:e8 6d 04 00 00呼叫804930e
8048ea1:8d 77 01 lea 0x1(%edi),%esi
8048ea4:83 fe 06 cmp$0x6,%esi
8048ea7:74 35 je 8048ede
8048ea9:89 f3 mov%esi,%ebx
8048eab:8b 44 9c 28 mov 0x28(%esp,%ebx,4),%eax
8048eaf:39 44 b4 24 cmp%eax,0x24(%esp,%esi,4)
8048eb3:75 05 jne 8048eba
8048eb5:e8 54 04 00 00呼叫804930e
8048eba:83 c3 01添加$0x1,%ebx
8048ebd:89 f7 mov%esi,%edi
8048ebf:83 fb 05 cmp$0x5,%ebx
8048ec2:7e e7 jle 8048eab
8048ec4:eb ca jmp 8048e90
8048ec6:8b 52 08 mov 0x8(%edx),%edx
8048ec9:83 C001添加$0x1,%eax
8048ecc:39 c8 cmp%ecx,%eax
8048ece:75 f6 jne 8048ec6
8048ed0:89 54 b4 10 mov%edx,0x10(%esp,%esi,4)
8048ed4:83 c3 01添加$0x1,%ebx
8048ed7:83 fb 06 cmp$0x6,%ebx
8048eda:75 07 jne 8048ee3
8048edc:eb 1c jmp 8048efa
8048ede:bb 00 mov$0x0,%ebx
8048ee3:89移动百分比ebx,%esi
8048ee5:8b 4c 9c 28 mov 0x28(%esp,%ebx,4),%ecx
8048ee9:b8 01 00 mov$0x1,%eax
8048eee:ba 54 c1 04 08 mov$0x804c154,%edx
8048ef3:83 f9 01 cmp$0x1,%ecx
8048ef6:7f ce jg 8048ec6
8048ef8:eb d6 jmp 8048ed0
8048efa:8b 5c 24 10 mov 0x10(%esp),%ebx
8048efe:8b 44 24 14 mov 0x14(%esp),%eax
8048f02:89 43 08 mov%eax,0x8(%ebx)
8048f05:8b 54 24 18 mov 0x18(%esp),%edx
8048f09:89 50 08 mov%edx,0x8(%eax)
8048f0c:8b 44 24 1c mov 0x1c(%esp),%eax
8048f10:89 42 08 mov%eax,0x8(%edx)
8048f13:8b 54 24 20 mov 0x20(%esp),%edx
8048f17:89 50 08 mov
struct s {
int value;
int ??;
struct s * next;
};
// in esp+0x10
struct s *point_arr[6];
point_arr[0]->next = &point_arr[1];
point_arr[1]->next = &point_arr[2];
point_arr[2]->next = &point_arr[3];
point_arr[3]->next = &point_arr[4];
point_arr[4]->next = &point_arr[5];
point_arr[5]->next = NULL;