C++博客-WindSoundhttp://www.cppblog.com/WindSound/zh-cnFri, 10 Apr 2026 04:17:32 GMTFri, 10 Apr 2026 04:17:32 GMT60ReadODAsm L1_3.Chttp://www.cppblog.com/WindSound/archive/2010/05/08/114853.htmlWindSoundWindSoundSat, 08 May 2010 08:33:00 GMThttp://www.cppblog.com/WindSound/archive/2010/05/08/114853.htmlhttp://www.cppblog.com/WindSound/comments/114853.htmlhttp://www.cppblog.com/WindSound/archive/2010/05/08/114853.html#Feedback0http://www.cppblog.com/WindSound/comments/commentRss/114853.htmlhttp://www.cppblog.com/WindSound/services/trackbacks/114853.html 100401010 >|> \55            push    ebp
 200401011  |.  8BEC          mov     ebp, esp
 300401013  |.  83EC 4C       sub     esp, 4C
 400401016  |.  53            push    ebx
 500401017  |.  56            push    esi
 600401018  |.  57            push    edi
 700401019  |.  8D7D B4       lea     edi, dword ptr ss:[ebp-4C]
 80040101C  |.  B9 13000000   mov     ecx, 13
 900401021  |.  B8 CCCCCCCC   mov     eax, CCCCCCCC
1000401026  |.  F3:AB         rep     stos dword ptr es:[edi]
1100401028  |.  68 34904200   push    00429034                         ; /format = "请输入",B6,"?,B8,"?,D7,"?a,b):"
120040102D  |.  E8 DE000000   call    printf                           ; \printf
1300401032  |.  83C4 04       add     esp, 4
1400401035  |.  8D45 F8       lea     eax, dword ptr ss:[ebp-8]
1500401038  |.  50            push    eax
1600401039  |.  8D4D FC       lea     ecx, dword ptr ss:[ebp-4]
170040103C  |.  51            push    ecx
180040103D  |.  68 2C904200   push    0042902C                         ; /format = "%d,%d"
1900401042  |.  E8 69000000   call    scanf                            ; \scanf
2000401047  |.  83C4 0C       add     esp, 0C
210040104A  |.  8B55 FC       mov     edx, dword ptr ss:[ebp-4]        ;  ; 压入到浮点寄存器
220040104D  |.  3B55 F8       cmp     edx, dword ptr ss:[ebp-8]
2300401050  |.  7E 08         jle     short 0040105A                   ;  ; 如果edx < [ebp-8]则跳
2400401052  |.  8B45 FC       mov     eax, dword ptr ss:[ebp-4]
2500401055  |.  8945 F4       mov     dword ptr ss:[ebp-C], eax
2600401058  |.  EB 06         jmp     short 00401060
270040105A  |>  8B4D F8       mov     ecx, dword ptr ss:[ebp-8]
280040105D  |.  894D F4       mov     dword ptr ss:[ebp-C], ecx
2900401060  |>  8B55 F4       mov     edx, dword ptr ss:[ebp-C]
3000401063  |.  52            push    edx                              ; /<%d>
3100401064  |.  68 1C904200   push    0042901C                         ; |format = "max = %d",CR,LF,""
3200401069  |.  E8 A2000000   call    printf                           ; \printf
330040106E  |.  83C4 08       add     esp, 8
3400401071  |.  33C0          xor     eax, eax
3500401073  |.  5F            pop     edi
3600401074  |.  5E            pop     esi
3700401075  |.  5B            pop     ebx
3800401076  |.  83C4 4C       add     esp, 4C
3900401079  |.  3BEC          cmp     ebp, esp
400040107B  |.  E8 C0010000   call    _chkesp
4100401080  |.  8BE5          mov     esp, ebp
4200401082  |.  5D            pop     ebp
4300401083  \.  C3            retn
44
45

WindSound 2010-05-08 16:33 发表评论
]]>汇编跳转指令集http://www.cppblog.com/WindSound/archive/2010/05/08/114851.htmlWindSoundWindSoundSat, 08 May 2010 08:19:00 GMThttp://www.cppblog.com/WindSound/archive/2010/05/08/114851.htmlhttp://www.cppblog.com/WindSound/comments/114851.htmlhttp://www.cppblog.com/WindSound/archive/2010/05/08/114851.html#Feedback0http://www.cppblog.com/WindSound/comments/commentRss/114851.htmlhttp://www.cppblog.com/WindSound/services/trackbacks/114851.html阅读全文

WindSound 2010-05-08 16:19 发表评论
]]>ReadODAsm,L1_2.Chttp://www.cppblog.com/WindSound/archive/2010/05/08/114847.htmlWindSoundWindSoundSat, 08 May 2010 05:58:00 GMThttp://www.cppblog.com/WindSound/archive/2010/05/08/114847.htmlhttp://www.cppblog.com/WindSound/comments/114847.htmlhttp://www.cppblog.com/WindSound/archive/2010/05/08/114847.html#Feedback0http://www.cppblog.com/WindSound/comments/commentRss/114847.htmlhttp://www.cppblog.com/WindSound/services/trackbacks/114847.html 

 100401010 >|> \55            push    ebp
 200401011  |.  8BEC          mov     ebp, esp
 300401013  |.  83EC 4C       sub     esp, 4C
 400401016  |.  53            push    ebx
 500401017  |.  56            push    esi
 600401018  |.  57            push    edi
 700401019  |.  8D7D B4       lea     edi, dword ptr ss:[ebp-4C]
 80040101C  |.  B9 13000000   mov     ecx, 13
 900401021  |.  B8 CCCCCCCC   mov     eax, CCCCCCCC
1000401026  |.  F3:AB         rep     stos dword ptr es:[edi]
1100401028  |.  C745 FC 7B000>mov     dword ptr ss:[ebp-4], 7B
120040102F  |.  C745 F8 C8010>mov     dword ptr ss:[ebp-8], 1C8
1300401036  |.  8B45 FC       mov     eax, dword ptr ss:[ebp-4]
1400401039  |.  0345 F8       add     eax, dword ptr ss:[ebp-8]
150040103C  |.  8945 F4       mov     dword ptr ss:[ebp-C], eax
160040103F  |.  8B4D F4       mov     ecx, dword ptr ss:[ebp-C]
1700401042  |.  51            push    ecx                              ; /<%d>
1800401043  |.  68 1C904200   push    0042901C                         ; |format = "%d",CR,LF,""
1900401048  |.  E8 C3000000   call    printf                           ; \printf
200040104D  |.  83C4 08       add     esp, 8
2100401050  |.  33C0          xor     eax, eax
2200401052  |.  5F            pop     edi
2300401053  |.  5E            pop     esi
2400401054  |.  5B            pop     ebx
2500401055  |.  83C4 4C       add     esp, 4C
2600401058  |.  3BEC          cmp     ebp, esp
270040105A  |.  E8 E1010000   call    _chkesp
280040105F  |.  8BE5          mov     esp, ebp
2900401061  |.  5D            pop     ebp
3000401062  \.  C3            retn
31
32


WindSound 2010-05-08 13:58 发表评论
]]>[复习笔记-面向逆向]Hello World!http://www.cppblog.com/WindSound/archive/2010/05/08/114844.htmlWindSoundWindSoundSat, 08 May 2010 05:33:00 GMThttp://www.cppblog.com/WindSound/archive/2010/05/08/114844.htmlhttp://www.cppblog.com/WindSound/comments/114844.htmlhttp://www.cppblog.com/WindSound/archive/2010/05/08/114844.html#Feedback0http://www.cppblog.com/WindSound/comments/commentRss/114844.htmlhttp://www.cppblog.com/WindSound/services/trackbacks/114844.html1
2#include <stdio.h>
3
4int main( int argc, char *argv[ ], char *envp[ ] )
5{
6    printf("Hello World!");
7    return 0;
8}
#include <===> ctrl+a-> ctrl+c-> ctrl+v

main并不是C语言的真正入口函数, 它是由C语言运行时库调用的。

运行时库在调用main函数之前会做一些初始化工作...

在Debug模式下, 查看Call Stack得到
main(int 1char * * 0x00381040char * * 0x003810d8) line 5
mainCRTStartup() line 206 + 25 bytes
KERNEL32! 7c817077()

main函数其实是被mainCRTStartup()调用的...

而mainCRTStatrup则是被系统调用的。知之有限...希望以后能了解其详细原理。
好,OD载入...

 100401005  //E9 06000000   jmp     main
 20040100A  |  |CC            int3
 30040100B  |  |CC            int3
 40040100C  |  |CC            int3
 50040100D  |  |CC            int3
 60040100E  |  |CC            int3
 70040100F  |  |CC            int3
 800401010 >|> \55            push    ebp
 900401011  |.  8BEC          mov     ebp, esp                     ;  ; 保存寄存器环境
1000401013  |.  83EC 40       sub     esp, 40                      ;  ; 分配局部变量空间
1100401016  |.  53            push    ebx
1200401017  |.  56            push    esi
1300401018  |.  57            push    edi                          ;  ; 以上三个是C语言规范, 必须保存ebx, esi, edi这三个寄存器
1400401019  |.  8D7D C0       lea     edi, dword ptr ss:[ebp-40]   ;  ; 系统自动分配10个4字节的栈空间
150040101C  |.  B9 10000000   mov     ecx, 10                      ;  ; 循环计数器
1600401021  |.  B8 CCCCCCCC   mov     eax, CCCCCCCC                ;  ; 需要初始化的数值
1700401026  |.  F3:AB         rep     stos dword ptr es:[edi]      ;  ; 将edi*eax处的值置0xCCCCCCCC,
1800401028  |.  68 1C204200   push    0042201C                     ; /; 0042201C全局数据区字符串
190040102D  |.  E8 2E000000   call    printf                       ; \printf
2000401032  |.  83C4 04       add     esp, 4                       ;  ; 调用者平衡堆栈
2100401035  |.  33C0          xor     eax, eax                     ;  ; 将main的返回值置0
2200401037  |.  5F            pop     edi
2300401038  |.  5E            pop     esi
2400401039  |.  5B            pop     ebx                          ;  ; 恢复edi, esi, ebx的值
250040103A  |.  83C4 40       add     esp, 40                      ;  ; 恢复栈空间
260040103D  |.  3BEC          cmp     ebp, esp                     ;  ; 比较ebp, esp
270040103F  |.  E8 9C000000   call    _chkesp
2800401044  |.  8BE5          mov     esp, ebp
2900401046  |.  5D            pop     ebp
3000401047  \.  C3            retn
31
32


WindSound 2010-05-08 13:33 发表评论
]]>