C 언어 코드와 어셈블리 언어 코드 테이블
|
#include(){
}
|
0x080482f4 <main+0>: push %ebp |
|
#include(){ printf(""); }
|
0x08048328 <main+0>: push %ebp |
|
#include(){ printf("Hello?"); }
|
0x08048328 <main+0>: push %ebp |
|
#include(){ printf("Hello?"); printf("Well come"); }
|
0x08048328 <main+0>: push %ebp
|
|
#include(){ int x,y,z; }
#include(){ } 와 같다. |
0x080482f4 <main+0>: push %ebp |
|
#include(){ int x,y,z; x = 1; }
|
0x080482f4 <main+0>: push %ebp |
|
#include(){ int x,y,z; x = 1; y = 2; }
|
0x080482f4 <main+0>: push %ebp |
|
#include(){ int x,y,z; x = 1; y = 2; z = x + y; }
|
0x080482f4 <main+0>: push %ebp |
|
#include(){ int x,y,z; x = 1; y = 2; z = x + y; printf("%d + %d = %d\n",x,y,z); }
|
0x08048328 <main+0>: push %ebp |
레지스터(Register)
EAX : 사칙연산
EDX : EAX 보조
ECX : 카운트 역할
ESP : 스택 프레임의 끝 지점 주소가 저장
EBP : 스택 프레임의 시작 지점 주소 저장
|
main() { }
|
0x080482f4 <main+0>: push %ebp 0x080482f5 <main+1>: mov %esp,%ebp 0x080482f7 <main+3>: sub $0x8,%esp 0x080482fa <main+6>: and $0xfffffff0,%esp 0x080482fd <main+9>: mov $0x0,%eax 0x08048302 <main+14>: sub %eax,%esp 0x08048304 <main+16>: leave 0x08048305 <main+17>: ret 0x08048306 <main+18>: nop 0x08048307 <main+19>: nop
PUSH : 값을 스택에 저장 MOV : 데이터 이동 SUB : 뺄셈 LEA : 주소값을 옮김 RET : ESP 레지스터가 가르키는 값을 EIP 레지스터에 저장 NOP : 프로그램 딜레이, 남은 공간을 채움 |
# main함수(return)
|
#include <stdio.h>
main() { return 0; }
|
0x080482f4 <main+0>: push %ebp 0x080482f5 <main+1>: mov %esp,%ebp 0x080482f7 <main+3>: sub $0x8,%esp 0x080482fa <main+6>: and $0xfffffff0,%esp 0x080482fd <main+9>: mov $0x0,%eax 0x08048302 <main+14>: sub %eax,%esp 0x08048304 <main+16>: mov $0x0,%eax 0x08048309 <main+21>: leave 0x0804830a <main+22>: ret 0x0804830b <main+23>: nop |
|
#include <stdio.h>
main() { int i; for(i=0; i<5; i++) return 0; }
|
0x080482f4 <main+0>: push %ebp 0x080482f5 <main+1>: mov %esp,%ebp 0x080482f7 <main+3>: sub $0x8,%esp 0x080482fa <main+6>: and $0xfffffff0,%esp 0x080482fd <main+9>: mov $0x0,%eax 0x08048302 <main+14>: sub %eax,%esp 0x08048304 <main+16>: movl $0x0,0xfffffffc(%ebp) 0x0804830b <main+23>: cmpl $0x4,0xfffffffc(%ebp) 0x0804830f <main+27>: jle 0x8048313 <main+31> 0x08048311 <main+29>: jmp 0x804831c <main+40> 0x08048313 <main+31>: movl $0x0,0xfffffff8(%ebp) 0x0804831a <main+38>: jmp 0x804831c <main+40> 0x0804831c <main+40>: mov 0xfffffff8(%ebp),%eax 0x0804831f <main+43>: leave 0x08048320 <main+44>: ret 0x08048321 <main+45>: nop 0x08048322 <main+46>: nop 0x08048323 <main+47>: nop
CMP : 흐름제어(비교) JLE : CMP(작거나 같을 경우) JMP : 특정한 곳으로 분기 |
|
#include <stdio.h> main() { int i=10; if(i >= 5) { printf("*"); i--; } return 0;
}
|
0x08048328 <main+0>: push %ebp 0x08048329 <main+1>: mov %esp,%ebp 0x0804832b <main+3>: sub $0x8,%esp 0x0804832e <main+6>: and $0xfffffff0,%esp 0x08048331 <main+9>: mov $0x0,%eax 0x08048336 <main+14>: sub %eax,%esp 0x08048338 <main+16>: movl $0xa,0xfffffffc(%ebp) 0x0804833f <main+23>: cmpl $0x4,0xfffffffc(%ebp) 0x08048343 <main+27>: jle 0x8048355 <main+45> 0x08048345 <main+29>: sub $0xc,%esp 0x08048348 <main+32>: push $0x8048410 0x0804834d <main+37>: call 0x8048268 <printf> 0x08048352 <main+42>: add $0x10,%esp 0x08048355 <main+45>: lea 0xfffffffc(%ebp),%eax 0x08048358 <main+48>: decl (%eax) 0x0804835a <main+50>: mov $0x0,%eax 0x0804835f <main+55>: leave 0x08048360 <main+56>: ret 0x08048361 <main+57>: nop 0x08048362 <main+58>: nop 0x08048363 <main+59>: nop
CALL : 프로시저 호출 ADD : 덧셈 INC : 값 1씩 증가 DEC : 값 1씩 감소 |
|
#include <stdio.h>
main() { int i=10;
while(i != 5) { printf("*"); i--; } return 0;
}
|
0x08048328 <main+0>: push %ebp 0x08048329 <main+1>: mov %esp,%ebp 0x0804832b <main+3>: sub $0x8,%esp 0x0804832e <main+6>: and $0xfffffff0,%esp 0x08048331 <main+9>: mov $0x0,%eax 0x08048336 <main+14>: sub %eax,%esp 0x08048338 <main+16>: movl $0xa,0xfffffffc(%ebp) 0x0804833f <main+23>: cmpl $0x5,0xfffffffc(%ebp) 0x08048343 <main+27>: jne 0x8048347 <main+31> 0x08048345 <main+29>: jmp 0x804835e <main+54> 0x08048347 <main+31>: sub $0xc,%esp 0x0804834a <main+34>: push $0x8048414 0x0804834f <main+39>: call 0x8048268 <printf> 0x08048354 <main+44>: add $0x10,%esp 0x08048357 <main+47>: lea 0xfffffffc(%ebp),%eax 0x0804835a <main+50>: decl (%eax) 0x0804835c <main+52>: jmp 0x804833f <main+23> 0x0804835e <main+54>: mov $0x0,%eax 0x08048363 <main+59>: leave 0x08048364 <main+60>: ret 0x08048365 <main+61>: nop 0x08048366 <main+62>: nop 0x08048367 <main+63>: nop
JNE : CMP( 같지 않을 경우) |
|
#include <stdio.h>
int add(int x, int y);
int main() { int a = 10, b = 20; int res;
res = add(a,b); printf("result : %d\n", res); return 0; }
int add(int x, int y) { int temp; temp = x + y;
return temp; } |
0x08048328 <main+0>: push %ebp 0x08048329 <main+1>: mov %esp,%ebp 0x0804832b <main+3>: sub $0x18,%esp 0x0804832e <main+6>: and $0xfffffff0,%esp 0x08048331 <main+9>: mov $0x0,%eax 0x08048336 <main+14>: sub %eax,%esp 0x08048338 <main+16>: movl $0xa,0xfffffffc(%ebp) 0x0804833f<main+23>: movl $0x14,0xfffffff8(%ebp) 0x08048346 <main+30>: sub $0x8,%esp 0x08048349 <main+33>: pushl 0xfffffff8(%ebp) 0x0804834c <main+36>: pushl 0xfffffffc(%ebp) 0x0804834f <main+39>: call 0x8048374 <add> 0x08048354 <main+44>: add $0x10,%esp 0x08048357 <main+47>: mov %eax,0xfffffff4(%ebp) 0x0804835a <main+50>: sub $0x8,%esp 0x0804835d <main+53>: pushl 0xfffffff4(%ebp) 0x08048360 <main+56>: push $0x8048434 0x08048365 <main+61>: call 0x8048268 <printf> 0x0804836a <main+66>: add $0x10,%esp 0x0804836d <main+69>: mov $0x0,%eax 0x08048372 <main+74>: leave 0x08048373 <main+75>: ret
|
|
#include <stdio.h>
int main(void) { int i; scanf("%d", &i); return 0; }
|
0x08048328 <main+0>: push %ebp 0x08048329 <main+1>: mov %esp,%ebp 0x0804832b <main+3>: sub $0x8,%esp 0x0804832e <main+6>: and $0xfffffff0,%esp 0x08048331 <main+9>: mov $0x0,%eax 0x08048336 <main+14>: sub %eax,%esp 0x08048338 <main+16>: sub $0x8,%esp 0x0804833b <main+19>: lea 0xfffffffc(%ebp),%eax 0x0804833e <main+22>: push %eax 0x0804833f <main+23>: push $0x8048400 0x08048344 <main+28>: call 0x8048258 <scanf> 0x08048349 <main+33>: add $0x10,%esp 0x0804834c <main+36>: mov $0x0,%eax 0x08048351 <main+41>: leave 0x08048352 <main+42>: ret 0x08048353 <main+43>: nop |
# 배열 - strcpy
|
#include <stdio.h> #include <string.h>
int main(void) { char str1[10]="cat";
strcpy(str1, "tiger"); printf("%s\n", str1); return 0; }
|
0x0804835c <main+0>: push %ebp 0x0804835d <main+1>: mov %esp,%ebp 0x0804835f <main+3>: sub $0x18,%esp 0x08048362 <main+6>: and $0xfffffff0,%esp 0x08048365 <main+9>: mov $0x0,%eax 0x0804836a <main+14>: sub %eax,%esp 0x0804836c <main+16>: mov 0x804845c,%eax 0x08048371 <main+21>: mov %eax,0xffffffe8(%ebp) 0x08048374 <main+24>: movl $0x0,0xffffffec(%ebp) 0x0804837b <main+31>: movw $0x0,0xfffffff0(%ebp) 0x08048381 <main+37>: sub $0x8,%esp 0x08048384 <main+40>: push $0x8048466 0x08048389 <main+45>: lea 0xffffffe8(%ebp),%eax 0x0804838c <main+48>: push %eax 0x0804838d <main+49>: call 0x804829c <strcpy> 0x08048392 <main+54>: add $0x10,%esp 0x08048395 <main+57>: sub $0x8,%esp 0x08048398 <main+60>: lea 0xffffffe8(%ebp),%eax 0x0804839b <main+63>: push %eax 0x0804839c <main+64>: push $0x804846c 0x080483a1 <main+69>: call 0x804828c <printf> 0x080483a6 <main+74>: add $0x10,%esp 0x080483a9 <main+77>: mov $0x0,%eax 0x080483ae <main+82>: leave 0x080483af <main+83>: ret |
# gets - puts
|
#include <stdio.h>
int main(void) { char str[10];
gets(str); puts("입력된 문자열 : "); puts(str);
return 0; }
|
0x08048358 <main+0>: push %ebp 0x08048359 <main+1>: mov %esp,%ebp 0x0804835b <main+3>: sub $0x18,%esp 0x0804835e <main+6>: and $0xfffffff0,%esp 0x08048361 <main+9>: mov $0x0,%eax 0x08048366 <main+14>: sub %eax,%esp 0x08048368 <main+16>: sub $0xc,%esp 0x0804836b <main+19>: lea 0xffffffe8(%ebp),%eax 0x0804836e <main+22>: push %eax 0x0804836f <main+23>: call 0x8048278 <gets> 0x08048374 <main+28>: add $0x10,%esp 0x08048377 <main+31>: sub $0xc,%esp 0x0804837a <main+34>: push $0x804844c 0x0804837f <main+39>: call 0x8048288 <puts> 0x08048384 <main+44>: add $0x10,%esp 0x08048387 <main+47>: sub $0xc,%esp 0x0804838a <main+50>: lea 0xffffffe8(%ebp),%eax 0x0804838d <main+53>: push %eax 0x0804838e <main+54>: call 0x8048288 <puts> 0x08048393 <main+59>: add $0x10,%esp 0x08048396 <main+62>: mov $0x0,%eax 0x0804839b <main+67>: leave 0x0804839c <main+68>: ret 0x0804839d <main+69>: nop 0x0804839e <main+70>: nop 0x0804839f <main+71>: nop |
# 포인터
|
#include <stdio.h>
int main(void) { int a; int *pa;
pa = &a; *pa = 10;
printf("포인터로 a값 출력 : %d\n", *pa); printf("변수명으로 a값 출력 : %d\n", a);
return 0; }
|
0x08048328 <main+0>: push %ebp 0x08048329 <main+1>: mov %esp,%ebp 0x0804832b <main+3>: sub $0x8,%esp 0x0804832e <main+6>: and $0xfffffff0,%esp 0x08048331 <main+9>: mov $0x0,%eax 0x08048336 <main+14>: sub %eax,%esp 0x08048338 <main+16>: lea 0xfffffffc(%ebp),%eax 0x0804833b <main+19>: mov %eax,0xfffffff8(%ebp) 0x0804833e <main+22>: mov 0xfffffff8(%ebp),%eax 0x08048341 <main+25>: movl $0xa,(%eax) 0x08048347 <main+31>: sub $0x8,%esp 0x0804834a <main+34>: mov 0xfffffff8(%ebp),%eax 0x0804834d <main+37>: pushl (%eax) 0x0804834f <main+39>: push $0x8048424 0x08048354 <main+44>: call 0x8048268 <printf> 0x08048359 <main+49>: add $0x10,%esp 0x0804835c <main+52>: sub $0x8,%esp 0x0804835f <main+55>: pushl 0xfffffffc(%ebp) 0x08048362 <main+58>: push $0x804843c 0x08048367 <main+63>: call 0x8048268 <printf> 0x0804836c <main+68>: add $0x10,%esp 0x0804836f <main+71>: mov $0x0,%eax 0x08048374 <main+76>: leave 0x08048375 <main+77>: ret 0x08048376 <main+78>: nop 0x08048377 <main+79>: nop |
# getchar - putchar
|
#include <stdio.h>
int main(void) { char ch;
ch = getchar(); putchar(ch); fflush(stdin); putchar('\n');
return 0; }
|
0x080483b8 <main+0>: push %ebp 0x080483b9 <main+1>: mov %esp,%ebp 0x080483bb <main+3>: sub $0x8,%esp 0x080483be <main+6>: and $0xfffffff0,%esp 0x080483c1 <main+9>: mov $0x0,%eax 0x080483c6 <main+14>: sub %eax,%esp 0x080483c8 <main+16>: call 0x80482c8 <getchar> 0x080483cd <main+21>: mov %al,0xffffffff(%ebp) 0x080483d0 <main+24>: sub $0xc,%esp 0x080483d3 <main+27>: movsbl 0xffffffff(%ebp),%eax 0x080483d7 <main+31>: push %eax 0x080483d8 <main+32>: call 0x80482e8 <putchar> 0x080483dd <main+37>: add $0x10,%esp 0x080483e0 <main+40>: sub $0xc,%esp 0x080483e3 <main+43>: pushl 0x80495c0 0x080483e9 <main+49>: call 0x80482d8 <fflush> 0x080483ee <main+54>: add $0x10,%esp 0x080483f1 <main+57>: sub $0xc,%esp 0x080483f4 <main+60>: push $0xa 0x080483f6 <main+62>: call 0x80482e8 <putchar> 0x080483fb <main+67>: add $0x10,%esp 0x080483fe <main+70>: mov $0x0,%eax 0x08048403 <main+75>: leave 0x08048404 <main+76>: ret 0x08048405 <main+77>: nop 0x08048406 <main+78>: nop 0x08048407 <main+79>: nop |
# fgets - fputs
|
#include <stdio.h>
int main(void) { char str[20];
fgets(str, sizeof(str), stdin); fputs(str, stdout); return 0; }
|
0x080483a4 <main+0>: push %ebp 0x080483a5 <main+1>: mov %esp,%ebp 0x080483a7 <main+3>: sub $0x28,%esp 0x080483aa <main+6>: and $0xfffffff0,%esp 0x080483ad <main+9>: mov $0x0,%eax 0x080483b2 <main+14>: sub %eax,%esp 0x080483b4 <main+16>: sub $0x4,%esp 0x080483b7 <main+19>: pushl 0x80495a0 0x080483bd <main+25>: push $0x14 0x080483bf <main+27>: lea 0xffffffd8(%ebp),%eax 0x080483c2 <main+30>: push %eax 0x080483c3 <main+31>: call 0x80482c4 <fgets> 0x080483c8 <main+36>: add $0x10,%esp 0x080483cb <main+39>: sub $0x8,%esp 0x080483ce <main+42>: pushl 0x804959c 0x080483d4 <main+48>: lea 0xffffffd8(%ebp),%eax 0x080483d7 <main+51>: push %eax 0x080483d8 <main+52>: call 0x80482d4 <fputs> 0x080483dd <main+57>: add $0x10,%esp 0x080483e0 <main+60>: mov $0x0,%eax 0x080483e5 <main+65>: leave 0x080483e6 <main+66>: ret 0x080483e7 <main+67>: nop
|
'Learning > └◆Reversing' 카테고리의 다른 글
| 04_Level3 -> Level4[FTZ] system() 함수의 취약점 분석 (0) | 2017.01.20 |
|---|---|
| 03_level2 -> level3[FTZ] vi 편집기 백도어 (0) | 2017.01.19 |
| [과제] gdb(디버거) 사용법 (0) | 2017.01.19 |
| [참고]어셈블리 예제 (0) | 2017.01.19 |
