十一、逆向练习 

 1 00411A20    push  ebp
 2 00411A21    mov   ebp,esp
 3 00411A23    sub   esp,0E8h
 4 00411A29    push  ebx
 5 00411A2A    push  esi
 6 00411A2B    push  edi
 7 00411A2C    lea   edi,[ebp-0E8h]
 8 00411A32    mov   ecx,3Ah
 9 00411A37    mov   eax,0CCCCCCCCh
10 00411A3C    rep  stos  dword ptr[edi]
11 00411A3E    mov   eax,dword ptr [a]
12 00411A41    add      eax,dword ptr [b]
13 00411A44    mov   dword ptr [d],eax
14 00411A47    mov   dword ptr [i],1
15 00411A4E    mov   dword ptr [c],0
16 00411A55     cmp      dword ptr [c],64h
17 00411A59    jge      myfunction+46h (00411A66h)
18 00411A5B     mov   eax,dword ptr[c]
19 00411A5E     add   eax,dword ptr [i]
20 00411A61     mov   dword ptr [c],eax
21 00411A64    jmp   myfunction+35h  (00411A55h)
22 00411A66    mov   eax,dword ptr [c]
23 00411A69    mov   dword ptr [ebp-0E8h],eax
24 00411A6F    cmp      dword ptr [ebp-0E8h],0
25 00411A79    je      myfunction+63h (00411A83h)
26 00411A78    cmp      dword ptr [ebp-0E8h],1
27 00411A7F    je      myfunction+6Ah  (00411A8Ah)
28 00411A81     jmp   myfunction+72h   (00411A92h)
29 00411A83    mov   dword ptr [d],1
30 00411A8A    mov   eax,dword ptr [c]
31 00411A8D    mov   dword ptr [d],eax
32 00411A90    jmp      myfunction+79h  (00411A99h)
33 00411A92    mov   dword ptr [d],0
34 00411A99    mov   eax,dword ptr [d]
35 00411A9c    pop   edi
36 00411A9D    pop   esi
37 00411A9E    pop   ebx
38 00411A9F    mov   esp,ebp
39 00411AA1     pop   ebp
40 00411AA2    ret

请把对应的c/c++代码写出来。

下面是我自己写的c++代码:

 1 int _tmain(int argc, _TCHAR* argv[])
 2 {
 3     int a=5,b=6,c=0,d,e;
 4     d=a+b;
 5     int i=1;
 6 
 7 
 8     while(c<100)
 9     {
10         c=c+i;
11     }
12 
13     e=c;
14 
15     if( (e==0) || (e==1) )
16     {
17         return c;
18     }
19     else
20     {
21         return 0;
22     }
23 }

然后对应的汇编代码,未验证这些代码的正确性。

 1 int _tmain(int argc, _TCHAR* argv[])
 2 {
 3 00411370  push        ebp  
 4 00411371  mov         ebp,esp 
 5 00411373  sub         esp,108h 
 6 00411379  push        ebx  
 7 0041137A  push        esi  
 8 0041137B  push        edi  
 9 0041137C  lea         edi,[ebp-108h] 
10 00411382  mov         ecx,42h 
11 00411387  mov         eax,0CCCCCCCCh 
12 0041138C  rep stos    dword ptr es:[edi] 
13     int a=5,b=6,c=0,d,e;
14 0041138E  mov         dword ptr [a],5 
15 00411395  mov         dword ptr [b],6 
16 0041139C  mov         dword ptr [c],0 
17     d=a+b;
18 004113A3  mov         eax,dword ptr [a] 
19 004113A6  add         eax,dword ptr [b] 
20 004113A9  mov         dword ptr [d],eax 
21     int i=1;
22 004113AC  mov         dword ptr [i],1 
23 
24 
25     while(c<100)
26 004113B3  cmp         dword ptr [c],64h 
27 004113B7  jge         wmain+54h (4113C4h) 
28     {
29         c=c+i;
30 004113B9  mov         eax,dword ptr [c] 
31 004113BC  add         eax,dword ptr [i] 
32 004113BF  mov         dword ptr [c],eax 
33     }
34 004113C2  jmp         wmain+43h (4113B3h) 
35 
36     e=c;
37 004113C4  mov         eax,dword ptr [c] 
38 004113C7  mov         dword ptr [e],eax 
39 
40     if( (e==0) || (e==1) )
41 004113CA  cmp         dword ptr [e],0 
42 004113CE  je          wmain+66h (4113D6h) 
43 004113D0  cmp         dword ptr [e],1 
44 004113D4  jne         wmain+6Dh (4113DDh) 
45     {
46         return c;
47 004113D6  mov         eax,dword ptr [c] 
48 004113D9  jmp         wmain+6Fh (4113DFh) 
49     }
50     else
51 004113DB  jmp         wmain+6Fh (4113DFh) 
52     {
53         return 0;
54 004113DD  xor         eax,eax 
55     }
56 }
57 004113DF  pop         edi  
58 004113E0  pop         esi  
59 004113E1  pop         ebx  
60 004113E2  mov         esp,ebp 
61 004113E4  pop         ebp  
62 004113E5  ret

.....

posted @ 2012-04-30 17:30  r3call  阅读(301)  评论(0编辑  收藏  举报