1581, 1/80 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   zen0c1de
   http://dieuhouse.tistory.com
   [Reverse Engineering] ¸®¹ö½ÌÀÇ ±âÃÊ - ¹ü¿ë ·¹Áö½ºÅÍ¿Í Assembly(Pop,Mov)

http://www.hackerschool.org/HS_Boards/zboard.php?id=Free_Lectures&no=7892 [º¹»ç]


EAX (Accumulator)

        - »ê¼ú, ³í¸® ¿¬»êÀÇ Áß½ÉÀÌ µÇ´Â ·¹Áö½ºÅÍÀÌ´Ù.

        - »ê¼ú, ³í¸® ¿¬»êÀ» ÇÒ ¶§ EAX¿¡ ¸¹ÀÌ ³Ö°í »ç¿ëÇÑ´Ù.

        - ÇÔ¼öÀÇ ¸®ÅÏ °ªÀ» ÀúÀåÇÏ´Â ·¹Áö½ºÅÍÀÌ´Ù.

        (Áï EAX´Â ÇϳªÀ̱⠶§¹®¿¡ ¸®ÅÏ °ªÀº 2°³ ÀÌ»óÀÌ µÉ ¼ö ¾ø´Ù.)



        EBX (Base Register)

        - °£Á¢ ¹øÁö ÁöÁ¤ ½Ã »ç¿ëµÈ´Ù.



        ¡Ø °£Á¢ ¹øÁö : int array[]={1,3,5}; ¿¡¼­ 3À̶ó´Â º¯¼ö¸¦ ¾²°í½ÍÀ¸¸é array[1]À» »ç¿ëÇؼ­ À妽º¿¡ Á¢±ÙÇØ ÁÖ

        ´Âµ¥ ¿©±â¼­ 1ÀÌ °£Á¢ ¹øÁöÀÌ´Ù. array[1]À» Ç®¾î¼­ ¾²¸é

        *(array+2)°¡ µÈ´Ù.



        ECX (Count Register)

        - ·çÇÁ¿Í °°Àº ¸í·ÉÀÇ ¹Ýº¹¼öÇàÀÌ ÇÊ¿ä·Î ÇÒ ‹š ¹Ýº¹È½¼ö ÁöÁ¤¿¡ ÁÖ·Î »ç¿ëÇÑ´Ù.

        - C¿¡¼­ »ç¿ëÇÏ´Â while, for¹®ÀÇ ¹Ýº¹¹®°ú´Â ´Ù¸£´Ù.(Assembly¿¡¼­ »ç¿ëÇÏ´Â ¹Ýº¹)

        - ECX¿¡ nÀ» ³ÖÀ¸¸é n¹ø µ·´Ù´Â ¶æÀÌ´Ù.




        EDX (Data Register)

        - °£Á¢ ¹øÁö ÁöÁ¤¿¡ »ç¿ëµÇ¸ç, °ö¼À ³ª´°¼ÀÀ» ÇÒ ¶§¿¡´Â º¸Á¶ Accumulator·Î »ç¿ë µÇ¾î        Áö±âµµÇÔ.

        - EAX¸¦ µµ¿ÍÁشٴ ´À³¦ÀÌ °­ÇÏ´Ù.

        - 2ÀÇ 32½ÂÀº ´ë·« 42¾ï Á¤µµ°¡ µÇ´Âµ¥, ¾î¶² °ªÀ» °öÇßÀ» ¶§ ±× °á°ú°¡ 42¾ïÀÌ ³Ñ¾î°¡¸é, EAXÀÇ ¾Õ¿¡ EDX°¡ ºÙ¾î¼­

        µµ¿ÍÁØ´Ù. (¹ü¿ë ·¹Áö½ºÅÍ´Â 32bit¶ó¼­ EAX·Î´Â 2ÀÇ 32½Â,         ¾à 42¾ï Á¤µµ ¹Û¿¡ Ç¥ÇöÇÏÁö ¸øÇÑ´Ù.



Æ÷ÀÎÅÍ ·¹Áö½ºÅÍ(Pointer Register)

- ½ºÅðú °ü·ÃÀÌ ÀÖ´Â ·¹Áö½ºÅÍÀÌ´Ù.



        ESP (Stack Pointer)

        - ½ºÅÃÀÇ °¡Àå À­ ºÎºÐÀ» °¡¸®Å²´Ù.

        - Top Pointer¶ó°íµµ ÇÑ´Ù.

        - Full Descending ¹æ½ÄÀ» »ç¿ëÇÏ´Â Intel ArchitectureÀÇ °æ¿ì, °¡Àå ÃÖ±Ù¿¡ ½ºÅÿ¡ µé¾î¿Â µ¥ÀÌÅ͸¦ °¡¸®Å²´Ù.



        EBP (Base Pointer)

        - ½ºÅÃÀÇ ¹Ù´ÚÀ» °¡¸®Å²´Ù.

        - Stack FrameÀ» »ç¿ëÇÒ °æ¿ì ÇöÀç ½ÇÇàÁßÀÎ ÇÔ¼ö¸¦ È£ÃâÇÑ ÇÔ¼ö°¡ »ç¿ëÇÏ´Â Stack FrameÀÇ ¹Ù´ÚÀ» °¡¸®Å²´Ù.



À妽º ·¹Áö½ºÅÍ (Index Register)

- ¹®ÀÚ¿­°ú °ü·ÃµÈ ·¹Áö½ºÅÍ

- ´Ù¸¥ ¹ü¿ë ·¹Áö½ºÅÍ¿Í ¸¶Âù°¡Áö·Î ¿¬»ê°ú °£Á¢ ¹øÁö ÁöÁ¤¿¡ »ç¿ëµÈ´Ù.

- ¹®ÀÚ¿­À» ºñ±³Çϰųª Àü¼ÛÇÏ´Â ½ºÆ®¸µ ¸í·É¿¡¼­´Â ´ÙÀ½°ú °°ÀÌ »ç¿ëµÈ´Ù.

        

        ESI (Source Index)

        - º¹»ç ȤÀº ºñ±³¸¦ Çϴµ¥ »ç¿ëµÇ´Â Source ¹®ÀÚ¿­À» ³ªÅ¸³½´Ù.



        EDI (Destination Index)

        - º¹»ç ȤÀº ºñ±³¸¦ Çϴµ¥ »ç¿ëµÇ´Â Destination ¹®ÀÚ¿­À» ³ªÅ¸³½´Ù.



------------------------------------------------------------------------------------

¸í·É¾î



POP



ex) POP [Operand]

- ESP°¡ °¡¸£Å°´Â °÷¿¡ ÀúÀåµÈ ³»¿ëÀ» Destination Operand ¿¡ ÀúÀå ÈÄ ESP°ª Á¶Á¤

( Ascending Stack : ESP°ª °¨¼Ò, Descending Stack : ESP °ª Áõ°¡ )



MOV



ex) MOV [Destination], [Source]

- µ¥ÀÌÅÍ º¹»ç ( °ª º¹»ç )

¿ëµµ£º1. ·¹Áö½ºÅÍ -> ¸Þ¸ð¸®·Î º¹»ç

      2. ¸Þ¸ð¸® -> ·¹Áö½ºÅÍ·Î º¹»ç

      3. ·¹Áö½ºÅÍ -> ·¹Áö½ºÅÍ·Î º¹»ç

      4. ¸Þ¸ð¸® or ·¹Áö½ºÅÍ¿¡ °ªÀ» ³ÖÀ½



¡Ø ¸Þ¸ð¸® -> ¸Þ¸ð¸®·Î º¹»ç ½Ã¿¡´Â »ç¿ëÇÏÁö ¾Ê´Â´Ù!

   (¸Þ¸ð¸®¿¡¼­ ¸Þ¸ð¸®·Î´Â º¹»ç°¡ ºÒ°¡´ÉÇÏ´Ù, ¸Þ¸ð¸® -> ·¹Áö½ºÅÍ -> ¸Þ¸ð¸®¿Í °°Àº ¹æ½ÄÀ¸·Î    ÇØ¾ß °¡´ÉÇÏ´Ù

¡Ø Destination Operand¿Í Source OperandÀÇ Å©±â°¡ ´Ù¸¦ ¶§´Â »ç¿ëÇÏÁö ¸øÇÑ´Ù.

  Hit : 12583     Date : 2013/07/18 01:51



    
     [°øÁö] °­Á¸¦ ¿Ã¸®½Ç ¶§´Â ¸»¸Ó¸®¸¦ ´Þ¾ÆÁÖ¼¼¿ä^¤Ñ^ [29] ¸Û¸Û 02/27 18685
1580   °í¼ö´ÔµéÀÇ µµ¿òÀ» ¹Þ°í ½Í½À´Ï´Ù     vbnm111
02/11 140
1579   ¸®´ª½º Ä¿³Î 2.6 ¹öÀü ÀÌÈÄÀÇ LKM     jdo
07/25 648
1578   ½©ÄÚµå ¸ðÀ½     ÇØÅ·ÀßÇÏ°í½Í´Ù
01/15 1460
1577   Call by value VS Call by Reference     ÇØÅ·ÀßÇÏ°í½Í´Ù
01/15 850
1576   (²Ä¼ö) L.O.B Çѹ濡 Ŭ¸®¾îÇϱâ[2]     ÇØÅ·ÀßÇÏ°í½Í´Ù
01/14 1166
1575   towelroot.c (zip) ÄÚ¸àÆÃ.[1]     scube
08/18 3696
1574   levitator.c (¾Èµå·ÎÀÌµå ·çÆÃ) °ø°Ý ºÐ¼® ¼Ò½º ÄÚµå °øÀ¯.[4]     scube
08/17 3616
1573   ¹«·á Á¤º¸º¸¾È ±â¼úÀÎÀç ¾ç¼º °úÁ¤ ±³À°»ý ¸ðÁý     chanjung111
06/17 4407
1572   K-Shield ÁִϾî 5±â ¸ðÁý     lrtk
06/17 4151
1571   [ÆÁ] ÆÄÀ̽ã 2¼Ò½º¸¦ 3À¸·Î º¯°æÇØÁÖ´Â »çÀÌÆ®[3]     ÇѽÂÀç
05/13 3845
1570   ±¸±Û ¹é¸µÅ© ÀÛ¾÷ Áú¹®¿ä     wkatnxka
03/30 3299
1569   [ÆÁ] ¿ìºÐÅõ ¹Ì·¯¸µ¼­¹ö     ÇѽÂÀç
03/09 3987
1568 ºñ¹Ð±ÛÀÔ´Ï´Ù  °¨À»¸øÀâ°Ú³×¿ä¤Ì¤Ì     À×À×À×
01/15 3
1567   µ¥ºñ¾È °è¿­ ¸®´ª½º ÀÇÁ¸¼º ±úÁ³À»¶§ ÇØ°á¹ý     ÇѽÂÀç
11/27 4461
1566   È«º¸ÇÕ´Ï´Ù. ½Å»ý º¸¾ÈÄ¿¹Â´ÏƼÀÔ´Ï´Ù.     kimwoojin0952
10/26 4195
1565   ½Å±âÇÑ ÇÁ·Î±×·¡¹Ö ¾ð¾î[3]     koreal33t
09/06 4593
1564   À©µµ¿ì,¸®´ª½º¿¡¼­ ³» ip¸¦ È®ÀÎÇØ º¸ÀÚ [1]     koreal33t
09/06 3794
1563   CTF »çÀÌÆ®[1]     koreal33t
09/06 4447
1562   ÀÚ°ÝÁõ (¹®Á¦)»çÀÌÆ® [2]     koreal33t
09/06 4263
1 [2][3][4][5][6][7][8][9][10]..[80]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org