외로운 Nova의 작업실

c언어와 어셈블리어 본문

Computer App Penetesting/System Vulnerability

c언어와 어셈블리어

Nova_ 2023. 1. 23. 14:28

이번 포스팅은 c언어와 어셈블리사이의 관계에대해서 정리하겠습니다. 특히, if문 for문 case문이 어떻게 어셈블리어로 변환되는지 보겠습니다. 실습환경은 윈도우 10 64비트입니다.

 

- if문

#include <stdio.h>
int main() {
	int a = 1;
	int b = 0;
	if (a == 1) {
		a++;
	}
	else {
		b++;
	}

	return 0;
}
#include <stdio.h>
int main() {
00007FF628941750  push        rbp  
00007FF628941752  push        rdi  
00007FF628941753  sub         rsp,128h  
00007FF62894175A  lea         rbp,[rsp+20h]  
00007FF62894175F  lea         rcx,[__F4170C15_test@cpp (07FF628951008h)]  
00007FF628941766  call        __CheckForDebuggerJustMyCode (07FF628941343h)  
	int a = 1;
00007FF62894176B  mov         dword ptr [a],1  
	int b = 0;
00007FF628941772  mov         dword ptr [b],0  
	if (a == 1) {
00007FF628941779  cmp         dword ptr [a],1  
00007FF62894177D  jne         main+39h (07FF628941789h)  
		a++;
00007FF62894177F  mov         eax,dword ptr [a]  
00007FF628941782  inc         eax  
00007FF628941784  mov         dword ptr [a],eax  
	}
00007FF628941787  jmp         main+41h (07FF628941791h)  
	else {
		b++;
00007FF628941789  mov         eax,dword ptr [b]  
00007FF62894178C  inc         eax  
00007FF62894178E  mov         dword ptr [b],eax  
	}

	return 0;
00007FF628941791  xor         eax,eax  
}
00007FF628941793  lea         rsp,[rbp+108h]  
00007FF62894179A  pop         rdi  
00007FF62894179B  pop         rbp  
00007FF62894179C  ret

- for 문

#include <stdio.h>
int main() {
	
	int c = 0;
	int d = 10;
	for (int i = 0; i < 10; i++) {
		c++;
		d--;
	}

	return c + d;
}
#include <stdio.h>
int main() {
00007FF651611B80  push        rbp  
00007FF651611B82  push        rdi  
00007FF651611B83  sub         rsp,148h  
00007FF651611B8A  lea         rbp,[rsp+20h]  
00007FF651611B8F  lea         rcx,[__F4170C15_test@cpp (07FF651621008h)]  
00007FF651611B96  call        __CheckForDebuggerJustMyCode (07FF651611343h)  
	
	int c = 0;
00007FF651611B9B  mov         dword ptr [c],0  
	int d = 10;
00007FF651611BA2  mov         dword ptr [d],0Ah  
	for (int i = 0; i < 10; i++) {
00007FF651611BA9  mov         dword ptr [rbp+44h],0  
00007FF651611BB0  jmp         main+3Ah (07FF651611BBAh)  
00007FF651611BB2  mov         eax,dword ptr [rbp+44h]  
00007FF651611BB5  inc         eax  
00007FF651611BB7  mov         dword ptr [rbp+44h],eax  
00007FF651611BBA  cmp         dword ptr [rbp+44h],0Ah  
00007FF651611BBE  jge         main+52h (07FF651611BD2h)  
		c++;
00007FF651611BC0  mov         eax,dword ptr [c]  
00007FF651611BC3  inc         eax  
00007FF651611BC5  mov         dword ptr [c],eax  
		d--;
00007FF651611BC8  mov         eax,dword ptr [d]  
00007FF651611BCB  dec         eax  
00007FF651611BCD  mov         dword ptr [d],eax  
	}
00007FF651611BD0  jmp         main+32h (07FF651611BB2h)  

	return c + d;
00007FF651611BD2  mov         eax,dword ptr [d]  
00007FF651611BD5  mov         ecx,dword ptr [c]  
00007FF651611BD8  add         ecx,eax  
00007FF651611BDA  mov         eax,ecx  
}
00007FF651611BDC  lea         rsp,[rbp+128h]  
00007FF651611BE3  pop         rdi  
00007FF651611BE4  pop         rbp  
00007FF651611BE5  ret

- case 문

#include <stdio.h>
int main() {
	
	char c = 'D';
	int a = 0;

	switch (c) {
		case 'A':
			a = 3;
			break;
		case 'B' :
			a = 4;
			break;
		case 'C' :
			a = 5;
			break;
		case 'D' :
			a = 6;
			break;
	}
	return a;
}
#include <stdio.h>
int main() {
00007FF6A2603990  push        rbp  
00007FF6A2603992  push        rdi  
00007FF6A2603993  sub         rsp,128h  
00007FF6A260399A  lea         rbp,[rsp+20h]  
00007FF6A260399F  lea         rcx,[__F4170C15_test@cpp (07FF6A2611008h)]  
00007FF6A26039A6  call        __CheckForDebuggerJustMyCode (07FF6A2601343h)  
	
	char c = 'D';
00007FF6A26039AB  mov         byte ptr [c],44h  
	int a = 0;
00007FF6A26039AF  mov         dword ptr [a],0  

	switch (c) {
00007FF6A26039B6  movzx       eax,byte ptr [c]  
00007FF6A26039BA  mov         byte ptr [rbp+0F4h],al  
00007FF6A26039C0  cmp         byte ptr [rbp+0F4h],41h  
00007FF6A26039C7  je          main+56h (07FF6A26039E6h)  
00007FF6A26039C9  cmp         byte ptr [rbp+0F4h],42h  
00007FF6A26039D0  je          main+5Fh (07FF6A26039EFh)  
00007FF6A26039D2  cmp         byte ptr [rbp+0F4h],43h  
00007FF6A26039D9  je          main+68h (07FF6A26039F8h)  
00007FF6A26039DB  cmp         byte ptr [rbp+0F4h],44h  
00007FF6A26039E2  je          main+71h (07FF6A2603A01h)  
00007FF6A26039E4  jmp         main+78h (07FF6A2603A08h)  
		case 'A':
			a = 3;
00007FF6A26039E6  mov         dword ptr [a],3  
			break;
00007FF6A26039ED  jmp         main+78h (07FF6A2603A08h)  
		case 'B' :
			a = 4;
00007FF6A26039EF  mov         dword ptr [a],4  
			break;
00007FF6A26039F6  jmp         main+78h (07FF6A2603A08h)  
		case 'C' :
			a = 5;
00007FF6A26039F8  mov         dword ptr [a],5  
			break;
00007FF6A26039FF  jmp         main+78h (07FF6A2603A08h)  
		case 'D' :
			a = 6;
00007FF6A2603A01  mov         dword ptr [a],6  
			break;
	}
	return a;
00007FF6A2603A08  mov         eax,dword ptr [a]  
}
00007FF6A2603A0B  lea         rsp,[rbp+108h]  
00007FF6A2603A12  pop         rdi  
00007FF6A2603A13  pop         rbp  
00007FF6A2603A14  ret

'Computer App Penetesting > System Vulnerability' 카테고리의 다른 글

dreamhack 시스템해킹 - 12(ssp_001 문제 풀이)  (0) 2023.02.22
해킹 실습 환경 만들기  (0) 2023.02.13
dreamhack 시스템해킹 - 11(Return to Shellcode 문제 풀이)  (0) 2023.01.19
dreamhack 시스템해킹 - 10(Canary)  (0) 2023.01.18
dreamhack 시스템해킹 - 9(basic_exploitation_001 문제풀이)  (0) 2023.01.17
'Computer App Penetesting/System Vulnerability' Related Articles more
Comments