97, 1/5 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   hrl733
   ¼¼³»±â°¡ Áú¹®Á»ÇÏ°Ù½À´Ï´Ù

http://www.hackerschool.org/HS_Boards/zboard.php?AllArticle=true&no=51 [º¹»ç]


³× ÀÌÁ¦ ¾î¼Àºí¸®¾î¿Í ¸®¹ö½º¿£Áö´Ï¾î¸µ¿¡ È˹̸¦´À³¢¸ç ´«À»¶ß°ÔµÈ ¼¼³»±âÀÔ´Ï´Ù
´Ù¸§ÀÌ ¾Æ´Ï¶ó Á¦°øºÎ¹æ½ÄÀÌ µ¶ÇÐÀε¥ ±âº»»ó½ÄÃ¥ÀÐÁö¾Ê°í ¾î¼Àºí¸®¾î¼Ò½º¸¦ºÁ¼­ Çϳª¾¿Ç®¾î°¡¸é¼­ ¸ð¸£´Â°Ç ¹è¿ö°¡´Â ±×·±½ÄÀ¸·Î °øºÎÇϰŵç¿ä ±×·¡¼­ ´Ù¸§ÀÌ ¾Æ´Ï¶ó ±¸¹®ÀÌ ÀÌÇØ°¡ ¾ÈµÇ´ÂÁ¡µéÀÌ Àվ Áú¹®Çغ¾´Ï´Ù ¿¹¸¦µé¾î  

[enable]
registersymbol(Timer)
alloc(pu,256)
registersymbol(pu)
alloc(Timer,4)
//eip=  pu   º£À̽º=702C87
Timer:
dd 00
pu:  
cmp [Timer],2
jl 702c90
mov [Timer],0
jmp 702C89
[disable]
dealloc(pu)
unregistersymbol(pu)

ÀÌ·¸°Ô ÀÕÀ¸¸é Áú¹®À»Çغ¸°Ù½À´Ï´Ù (´Ü¾î µéÀº ¾Ë°í ÀÕ½À´Ï´Ù )
1.registersymbolÀֵ̿ΰ³ÁÒ?(À§¿¡´ÂŸÀ̸Ӱí¾Æ·¡´ÂǪÀε¥¿ÖµÎ°³Àΰ¡¿ä ÇÑ°³¸¸Àվ µÇ´Â°Å¾Æ´Ñ°¡¿ä)
2.allocÀÌ ¿Ö µÎ°³ÁÒ? (ù¹ø° alloc¿¡´Â ÀúµÎ°³°¡ eip°ªÀΰɾƴµ¥ ¾Æ·¡allocÀºÀÌÇØ°¡ °¡Áö¾Ê´Â±º¿ä )
3.±×¸®°í
Timer:
dd 00
pu:  
cmp [Timer],2
jl 702c90
mov [Timer],0
jmp 702C89

À̱¸¹®ÀÌ ±Ã±ÝÇÕ´Ï´Ù Àú°³ ¹«¾ùÀ»¶æÇÏ´ÂÁö ¼³¸íÇØÁֽǼöÀͫ塂 ´ÙÇØÁÖ½Ã¸é °¨»çÇÏ°Ù½À´Ï´Ù

  Hit : 3380     Date : 2012/11/06 01:04


    
housdd 1.timer¿Ípu´Â ¼­·Î Ʋ¸°ÇÔ¼öÀÔ´Ï´Ù.
°³º°ÀûÀ¸·Î ´ã±âÀ§Çؼ­ µû·Î¼±¾ðÇؼ­ µÎ°³¼±¾ðµÈ°ÍÀÔ´Ï´Ù.

2.allocµµ À§¿Í´äº¯ÀÌ ºñ½ÁÇÕ´Ï´Ù.
Áõ°¡¼ö°¡ Ʋ¸±»ÓÀÔ´Ï´Ù.

3. timer registerº¯¼ö¿¡
2¹ÙÀÌÆ®Ãâ·ÂÇÑ´Ù.
pu registerº¯¼ö¿¡
timerÀÇ º¯¼ö¿¡ °ªÀ»´ëÀÔÇؼ­ timerÀǺ¯¼ö¿¡°ªÀ»´õÇÏ°í
Á¡ÇÁ½ÃŲ´Ù 702C89		 2012/12/16