assembly

问题 I am reading the book Hacking: The Art of Exploitation , 2nd Edition and in the simple C program #include <stdio.h> int main() { int i; for (i = 0; i < 10; i++) { puts("Hello, world!\n"); } return 0; } The book lists that the gdb debug will modify the ebp register first: (gdb) x/i $eip 0x8048384 <main+16>: mov DWORD PTR [ebp-4],0x0 As it explains that This assembly instruction will move the value of 0 into memory located at the address stored in the EBP register, minus 4. This is where the C

问题 I am reading the book Hacking: The Art of Exploitation , 2nd Edition and in the simple C program #include <stdio.h> int main() { int i; for (i = 0; i < 10; i++) { puts("Hello, world!\n"); } return 0; } The book lists that the gdb debug will modify the ebp register first: (gdb) x/i $eip 0x8048384 <main+16>: mov DWORD PTR [ebp-4],0x0 As it explains that This assembly instruction will move the value of 0 into memory located at the address stored in the EBP register, minus 4. This is where the C

问题 I'm following a basic shell-spawning exploit example. Below is exactly what my book tells me to write, yet I still get a segfault. When running this in gdb, I get a segfault at "mov byte [esi + 7], al". This line is necessary so that I can put a null byte at the end of my string "/bin/sh". When I flipped it around to "mov byte al, [esi + 7]", this did not cause a segfault. I'm assuming that I do not have write permissions to the place in memory where my string is stored. It seems I only have

问题 I'm following a basic shell-spawning exploit example. Below is exactly what my book tells me to write, yet I still get a segfault. When running this in gdb, I get a segfault at "mov byte [esi + 7], al". This line is necessary so that I can put a null byte at the end of my string "/bin/sh". When I flipped it around to "mov byte al, [esi + 7]", this did not cause a segfault. I'm assuming that I do not have write permissions to the place in memory where my string is stored. It seems I only have

问题 I have input like this: This is, ,,, *&% a ::; demo + String. +Need to**@!/// format:::::!!! this.` Output Required: ThisisademoStringNeedtoformatthis I have to do this without using str_trim. Edit: I am writing an encryption program. I have to remove all punctuation from the string and turn all lower case letters to uppercase before I encrypt it. I added the code. I need to remove the spaces, or any punctuation before I turn it to upper case. So far I haven't found anything in my book that

问题 I found this recently: https://github.com/xoreaxeaxeax/movfuscator It seems to be contingent on the fact that mov is turing-complete. Is that true, and why? 回答1: Yes, x86's mov is Turing complete. I added that tag to your question because it may not be true for other ISAs with an instruction called mov , and the movfuscator compiler only targets x86. It's not "mov" itself doing computation , it's x86 addressing modes which can do addition (and bit-shift). I haven't looked in detail at how it

问题 I found this recently: https://github.com/xoreaxeaxeax/movfuscator It seems to be contingent on the fact that mov is turing-complete. Is that true, and why? 回答1: Yes, x86's mov is Turing complete. I added that tag to your question because it may not be true for other ISAs with an instruction called mov , and the movfuscator compiler only targets x86. It's not "mov" itself doing computation , it's x86 addressing modes which can do addition (and bit-shift). I haven't looked in detail at how it

问题 From my textbook: To produce the binary version of each instruction in the assembly language program, the assembler must determine the addresses corresponding to all labels. Assemblers keep track of labels used in branches and data transfer instructions in a symbol table. As you might expect, the table contains pairs of symbols and addresses. Why does it need a symbol table? If we have a symbol table with a label name and an address, what is the use of the address? What is at the address...

问题 consider we have this: .... pxor xmm1, xmm1 movdqu xmm0, [reax] pcmpeqb xmm0, xmm1 pmovmskb eax, xmm0 test ax , ax jz .zero ... is there any way to not use 'pmovmskb' and test the bitmask directly from xmm0 (to check if it's zero) ? is there any SSE instruction for this action ? in fact, im searching for something like 'ptest xmm0, xmm0' action but in SSE2 ... not SSE4 回答1: It's generally not worth using SSE4.1 ptest xmm0,xmm0 on a pcmpeqb result, especially not if you're branching. pmovmskb

问题 consider we have this: .... pxor xmm1, xmm1 movdqu xmm0, [reax] pcmpeqb xmm0, xmm1 pmovmskb eax, xmm0 test ax , ax jz .zero ... is there any way to not use 'pmovmskb' and test the bitmask directly from xmm0 (to check if it's zero) ? is there any SSE instruction for this action ? in fact, im searching for something like 'ptest xmm0, xmm0' action but in SSE2 ... not SSE4 回答1: It's generally not worth using SSE4.1 ptest xmm0,xmm0 on a pcmpeqb result, especially not if you're branching. pmovmskb