4.1 Program hack

Source: Internet
Author: User

4.1 Program hack

20135206 at Jia Xin

?

Basic directives:

The NOP:NOP instruction is the "null instruction". When executing to the NOP instruction, the CPU does nothing, just as an instruction to execute the past and continue executing a command behind NOP. (Machine code: 90)

JNE: Conditional transfer directives, if not equal, jumps. (Machine code: 75)

JE: Conditional transfer instruction, if equal, jumps. (Machine code: 74)

JMP: Unconditional transfer instructions. Direct transfer within the section of JMP Short (machine code: EB) directly within the section of JMP near (machine code: E9) Section indirectly transfer JMP Word (Machine code: FF) between segments Direct (FAR) Transfer JMP remote (machine code: EA)

CMP: Compare instruction, function equivalent to subtraction instruction, just compare operation between operands, do not save result. After the CMP directive executes, it affects the flag register. Other relevant instructions are identified by identifying these affected flag register bits to get a comparison result.

?

Write a simple program 11.c

use Span style= "font-family:arial; Background-color:white ">objdump – d view main

Span style= "font-family:arial; Background-color:white ">main The assembly code of the function can be seen in the call" scanf " function request input, to [esp+0x1c] [esp+0x18] Two the contents of the memory units were compared, The effect should be to compare user input and preset passwords.

jne is a conditional jump, and if the condition is met, jump to 8048486 ;

jne the next two lines are the output content;

jmp is a jump statement (no conditions, then jump directly), jump directly to the 8048492 ;

jmp the next two lines are also the output content.

jnerepresents a jump when comparisons are not equal. In other words, when the input is not equal to the saved password, jump tojmpNext linemov, if the comparison results are equal, the executionjnenext two linesmov,CALLQline, description, executionmov,CALLQThe line output is " Right".

Complete three conversions below

  1. No matter the input is correct or not, you can log in normally.

    Use VI Editor Entry One ,

    Input: % ! xxd

    will be 0e instead XX:

    then enter: % ! xxd –R

    Input: Wq

    Use Objdump – D -One View Main

    Run the program 11.c

    Enter the wrong password to display Right

  2. No matter whether the input is correct or not, you can not log in normally.

    Similarly

    will be 750e Change into eb0e (EB for unconditional jump )

    Run the program

    Enter the correct password to display wrong

  3. Enter the correct password can not log in, enter the wrong password to login

    Similarly

    will be the Change into About

    Run the program

    Enter the wrong password to display Right

    Enter the correct password to display wrong

4.1 Program hack

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.