Assembly Language for Beginners

9.5. ORACLE RDBMS: .SYM-FILES 0000240 10002020 10002024 10002028 1000202c 0000260 10002030 10002034 10002038 1000203c 0000300 10 ...

9.5. ORACLE RDBMS: .SYM-FILES .text:60351080 sub_60351080 proc near .text:60351080 .text:60351080 arg_0 = dword ptr 8 .text:6035 ...

9.5. ORACLE RDBMS: .SYM-FILES // additional offset assert (sscanf (argv[2], "%X", &offset)==1); // get file length assert (( ...

9.6 Oracle RDBMS: .MSB-files Oh, let’s also try Oracle RDBMS for win64. There has to be 64-bit addresses instead, right? The 8-b ...

9.6. ORACLE RDBMS: .MSB-FILES There are Oracle RDBMS error message files in text form, so we can compare the text and packed bin ...

9.6. ORACLE RDBMS: .MSB-FILES Now let’s open the ORAUS.MSB binary file and find these text strings. And there are: Figure 9.27:H ...

9.6. ORACLE RDBMS: .MSB-FILES Let’s see the contents of the first block: Figure 9.28:Hiew: first block Here we see the texts of ...

9.6. ORACLE RDBMS: .MSB-FILES (%s.%s) violated” starts at position 0x1461 (from the file’s start) or at 0x61 (from the at the bl ...

9.6. ORACLE RDBMS: .MSB-FILES Let’s back to the header of .MSB-file: Figure 9.29:Hiew: file header Now we can quickly find the n ...

9.6. ORACLE RDBMS: .MSB-FILES There is also a table that came after the header which probably contains 16-bit values: Figure 9.3 ...

9.7 Exercises. 9.6.1 Summary The method is probably too old-school for modern computers. Supposedly, this file format was develo ...

Chapter 10 10 Dynamic binary instrumentation DBItools can be viewed as highly advanced and fast debuggers. 10.1 Using PIN DBI fo ...

10.1. USING PIN DBI FOR XOR INTERCEPTION < ip=0x140017ba1 count=0xf01 ip=0x140017b21 count=0x9eab5 ip=0x140017b48 count=0x79 ...

10.1. USING PIN DBI FOR XOR INTERCEPTION .text:000000014002C503 ja short loc_14002C507 .text:000000014002C505 inc ebx Loop body ...

10.2 Cracking Minesweeper with PIN. .text:0000000140043E22 ror r10d, 2 .text:0000000140043E26 add r8d, 5A827999h .text:000000014 ...

10.2. CRACKING MINESWEEPER WITH PIN Yes, unlike Minesweeper from Windows XP, mines are places randomlyafteruser’s click on cell, ...

10.2. CRACKING MINESWEEPER WITH PIN 10.2.3 Peeking into placement of mines How can we get information about where mines are plac ...

10.3 Why “instrumentation”? free(0x20af9cf0) free(): we have this block in our records, size=0x18 0x20AF9CF0: 43 00 00 00 50 00 ...

Chapter 11 Other things 11.1 Executable files patching. 11.1.1 Text strings The C strings are the thing that is the easiest to p ...

11.2 Function arguments number statistics As a last resort, it is possible to write jumps that circumvent the relocs, or you wil ...