Reverse Engineering for Beginners

CHAPTER 3. HELLO, WORLD! CHAPTER 3. HELLO, WORLD! The register containing theputs()address is called $T9, because registers pref ...

CHAPTER 3. HELLO, WORLD! CHAPTER 3. HELLO, WORLD! 11 .text:00000008 sw $fp, 0x20+var_8($sp) 12 ; set the FP (stack frame pointer ...

CHAPTER 3. HELLO, WORLD! CHAPTER 3. HELLO, WORLD! Breakpoint 1, 0x00400654 in main () (gdb) set step-mode on (gdb) disas Dump of ...

CHAPTER 4. FUNCTION PROLOGUE AND EPILOGUE CHAPTER 4. FUNCTION PROLOGUE AND EPILOGUE Chapter 4 Function prologue and epilogue A f ...

CHAPTER 5. STACK CHAPTER 5. STACK Chapter 5 Stack The stack is one of the most fundamental data structures in computer science^1 ...

CHAPTER 5. STACK CHAPTER 5. STACK of which may be extended by a system call. Starting at the highest address in the virtual addr ...

CHAPTER 5. STACK CHAPTER 5. STACK ARM ARM programs also use the stack for saving return addresses, but differently. As mentioned ...

CHAPTER 5. STACK CHAPTER 5. STACK If you declaremain()asmain()without arguments, they are, nevertheless, still present in the st ...

CHAPTER 5. STACK CHAPTER 5. STACK push esi call __snprintf push esi call _puts add esp, 28 ; 0000001cH ... The solealloca()argum ...

CHAPTER 5. STACK CHAPTER 5. STACK movl -4(%ebp), %ebx leave ret The code is the same as in the previous listing. By the way,movl ...

CHAPTER 5. STACK CHAPTER 5. STACK f2(); }; Compiling... Listing 5.4: Non-optimizing MSVC 2010 $SG2752 DB '%d, %d, %d', 0aH, 00H ...

CHAPTER 5. STACK CHAPTER 5. STACK But when we run the compiled program... c:\Polygon\c>st 1, 2, 3 Oh, what a weird thing! We ...

CHAPTER 5. STACK CHAPTER 5. STACK Let’s load the example into OllyDbg: Figure 5.1:OllyDbg:f1() Whenf1()assigns the variablesa,ba ...

CHAPTER 5. STACK CHAPTER 5. STACK And whenf2()executes: Figure 5.2:OllyDbg:f2() ...a,bandcoff2()are located at the same addresse ...

CHAPTER 5. STACK CHAPTER 5. STACK _f1 ENDP Unlike MSVC 2010, MSVC 2013 allocated a/b/c variables in functionf2()in reverse order ...

CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS Chapter 6 printf() with several arguments Now ...

CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS call ... ... push a1 push a2 push a3 call ... ...

CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS MSVC and OllyDbg Now let’s try to load this ex ...

CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS Press F8 (step over) 6 times, i.e. skip 6 inst ...

CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS CHAPTER 6.PRINTF()WITH SEVERAL ARGUMENTS Press F8 (step over). We see the following out ...