汇编 if else
2024-09-28 14:14:49
知识点:
if else
逆向还原代码 一、了解if else结构
sub esp,
|. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-]
0040102C |. 3B45 F8 CMP EAX,DWORD PTR SS:[EBP-]
0040102F |. 7E JLE SHORT ifelse01. //表示 else部分的开始
|. FC204000 PUSH ifelse01.004020FC ; /format = "a>b"
|. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
0040103C |. 83C4 ADD ESP,
0040103F |. EB 0E JMP SHORT ifelse01.0040104F //结合前边的 jle 401041 判断是否有else部分
|> PUSH ifelse01. ; /format = "b>=a"
|. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
0040104C |. 83C4 ADD ESP, 二、逆向还原代码
int a,b,c;
//00401006 |. 68 F4204000 PUSH ifelse01.004020F4 ; /format = "begin"
//0040100B |. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
//00401011 |. 83C4 04 ADD ESP,4
printf("begin");
//00401014 |. C745 FC 01000>MOV DWORD PTR SS:[EBP-4],1
//0040101B |. C745 F8 02000>MOV DWORD PTR SS:[EBP-8],2
//00401022 |. C745 F4 03000>MOV DWORD PTR SS:[EBP-C],3 a=1,b=2,c=3;
//00401029 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
//0040102C |. 3B45 F8 CMP EAX,DWORD PTR SS:[EBP-8]
//0040102F |. 7E 10 JLE SHORT ifelse01.00401041
if (a>b)
{ //00401031 |. 68 FC204000 PUSH ifelse01.004020FC ; /format = "a>b"
//00401036 |. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
//0040103C |. 83C4 04 ADD ESP,4
//0040103F |. EB 0E JMP SHORT ifelse01.0040104F
printf("a>b");
}else
{ //00401041 |> 68 00214000 PUSH ifelse01.00402100 ; /format = "b>=a"
//00401046 |. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
//0040104C |. 83C4 04 ADD ESP,4
printf("b>=a");
}
//0040104F |> \8B4D F4 MOV ECX,DWORD PTR SS:[EBP-C] ; c
//00401052 |. 3B4D F8 CMP ECX,DWORD PTR SS:[EBP-8] ; b
//00401055 |. 7E 46 JLE SHORT ifelse01.0040109D ; if (c>b)
if (c>b)
{
//00401057 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C] c
//0040105A |. 3B55 FC CMP EDX,DWORD PTR SS:[EBP-4] a
//0040105D |. 7E 20 JLE SHORT ifelse01.0040107F
if (c>a)
{
//0040105F |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
//00401062 |. 50 PUSH EAX ; /<%d>
//00401063 |. 8B4D F4 MOV ECX,DWORD PTR SS:[EBP-C] ; |
//00401066 |. 51 PUSH ECX ; |<%d>
//00401067 |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8] ; |
//0040106A |. 52 PUSH EDX ; |<%d>
//0040106B |. 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C] ; |
//0040106E |. 50 PUSH EAX ; |<%d>
//0040106F |. 68 08214000 PUSH ifelse01.00402108 ; |format = "%d>%d,%d>%d"
//00401074 |. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
//0040107A |. 83C4 14 ADD ESP,14
printf("%d>%d,%d>%d",c,b,c,a);
//0040107D |. EB 1E JMP SHORT ifelse01.0040109D
}else
{
//0040107F |> 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
//00401082 |. 51 PUSH ECX ; /<%d>
//00401083 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C] ; |
//00401086 |. 52 PUSH EDX ; |<%d>
//00401087 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8] ; |
//0040108A |. 50 PUSH EAX ; |<%d>
//0040108B |. 8B4D F4 MOV ECX,DWORD PTR SS:[EBP-C] ; |
//0040108E |. 51 PUSH ECX ; |<%d>
//0040108F |. 68 14214000 PUSH ifelse01.00402114 ; |format = "%d>%d,%d<=%d"
//00401094 |. FF15 A0204000 CALL DWORD PTR DS:[<&MSVCR90.printf>] ; \printf
//0040109A |. 83C4 14 ADD ESP,14
printf("%d>%d,%d<=%d",c,b,c,a);
}
}
//0040109D |> 33C0 XOR EAX,EAX
最新文章
- jsoup: Java HTML Parser (类似jquery)
- iOS AFNetWorking 下载pdf文档
- zoj The 12th Zhejiang Provincial Collegiate Programming Contest Team Formation
- MyBatis之六:缓存
- javascript笔记---貌似大叔
- ANDROID对文件的操作
- .Net基于RealProxy实现AOP
- 201521123090 《Java程序设计》第7周学习总结
- 小计:Shopee批量删除修复~附脚本
- win7 ssh linux虚拟机(ubuntu12.04)
- python第一百六十九天,第十九周作业
- 【慕课网实战】Spark Streaming实时流处理项目实战笔记十六之铭文升级版
- 在PHP5.4上使用Google翻译的API报错
- 并发编程之 CAS 的原理
- 74. Search a 2D Matrix(二分查找,剑指offer 1)
- jsjl_for_ubuntu12.04
- R的grep和grepl
- BigDecimal处理加减乘除
- 2016级算法第五次上机-E.AlvinZH的学霸养成记IV
- Solium代码测试框架