Linux Practice program hack

Source: Internet
Author: User

Program hack

I. Create 1.C Documents

Second, compile and view

The command is: Gcc-o 1 1.c

Disassembly: objdump-d 1

Third, turn 16 into the system

Command::%! Xxd

The assembly code of the main function shows that the programcompares the contents of [esp+0x1c] and [esp+0x18] two memory cells after invoking the "scanf" function request input, which should be compared with user input and preset password. that is, the default password is stored in the local variable [esp+0x1c].

Iv. Change 750c to 7500

V. Turn 16 into the system

Vi. Summary of Studies

The NOP:NOP instruction is the "null instruction". When executing to the NOP instruction, the CPU does nothing, just as an instruction to execute the past and continue executing a command behind NOP. (Machine code: 90)

JNE: Conditional transfer directives, if not equal, jumps. (Machine code: 75)

JE: Conditional transfer instruction, if equal, jumps. (Machine code: 74)

JMP: Unconditional transfer instructions.

Short transfer in JMP (machine code: EB)

Direct close transfer in JMP near (machine code: E9)

Indirect transfer in JMP Word (machine code: FF)

Direct (FAR) transfer between segments JMP remote (Machine code: EA)

CMP: Compare instruction, function equivalent to subtraction instruction, just compare operation between operands, do not save result. After the CMP directive executes, it affects the flag register. Other relevant instructions are identified by identifying these affected flag register bits to get a comparison result.

Linux Practice program hack

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.