Assembly Language for Beginners

1.23. LINEAR CONGRUENTIAL GENERATOR _BSS ENDS _init$ = 8 _srand PROC push ebp mov ebp, esp mov eax, DWORD PTR _init$[ebp] mov DW ...

1.23. LINEAR CONGRUENTIAL GENERATOR my_srand PROC LDR r1,|L0.52| ; load pointer to rand_state STR r0,[r1,#0] ; save rand_state B ...

1.23. LINEAR CONGRUENTIAL GENERATOR ; the LI instruction is coalesced by IDA from LUI and ORI li $a0, 0x3C6EF35F addu $v0, $a0 ; ...

1.24 Structures 38: 000420c0 sll a0,a0,0x3 3c: 00821021 addu v0,a0,v0 40: 00022080 sll a0,v0,0x2 44: 00441021 addu v0,v0,a0 48: ...

1.24. STRUCTURES 1.24.1 MSVC: SYSTEMTIME example. Let’s take the SYSTEMTIME^158 win32 structure that describes time. This is how ...

1.24. STRUCTURES 16 bytes are allocated for this structure in the local stack —that is exactlysizeof(WORD)*8(there are 8 WORD va ...

1.24. STRUCTURES OllyDbg Let’s compile this example in MSVC 2010 with/GS- /MDkeys and run it in OllyDbg. Let’s open windows for ...

1.24. STRUCTURES simple example like this: include <windows.h> include <stdio.h> void main() { WORD array[8]; GetSys ...

1.24. STRUCTURES 1.24.2 Let’s allocate space for a structure using malloc() Sometimes it is simpler to place structures not the ...

1.24. STRUCTURES include <windows.h> include <stdio.h> void main() { WORD *t; t=(WORD *)malloc (16); GetSystemTime ( ...

1.24. STRUCTURES void main() { struct tm t; time_t unix_time; unix_time=time(NULL); localtime_r (&unix_time, &t); printf ...

1.24. STRUCTURES Somehow,IDAdid not write the local variables’ names in the local stack. But since we already are expe- rienced ...

1.24. STRUCTURES Hexadecimal number decimal number field name 0x00000025 37 tm_sec 0x0000000a 10 tm_min 0x00000012 18 tm_hour 0x ...

1.24. STRUCTURES so it shows here structure elements accesses and their names. Listing 1.335: Optimizing Xcode 4.6.3 (LLVM) (Thu ...

1.24. STRUCTURES 6 var_38 = -0x38 7 seconds = -0x34 8 minutes = -0x30 9 hour = -0x2C 10 day = -0x28 11 month = -0x24 12 year = - ...

1.24. STRUCTURES 76 $LC5: .ascii "Seconds: %d\n" This is an example where the branch delay slots can confuse us. For example, th ...

1.24. STRUCTURES mov [esp+30h+var_2C], eax lea eax, [esp+30h+unix_time] mov [esp+30h+var_30], eax call localtime_r mov eax, [esp ...

1.24. STRUCTURES struct tm t; time_t unix_time; int i; unix_time=time(NULL); localtime_r (&unix_time, &t); for (i=0; i&l ...

1.24. STRUCTURES Indeed: the space in the local stack is first treated as a structure, and then it’s treated as an array. It’s e ...

1.24. STRUCTURES lea eax, [esp+10h] mov [esp], eax ; timer call _localtime_r lea esi, [esi+0] ; NOP ; ESI here is the pointer to ...