其他案例请查看,aes解码,密钥123456789,密文U2FsdGVkX1/Bd4k8ZAij4D8oMKFwS3bBvmalzk3NT7UEJTw7/qemqhDLwG4nl9H9/nO3Xk0Ebmv0W50P9akHkb0F2ubxR31a6lldXh/T1P5UbUFht0mf2SUJwAKMq1bg
其他案例请查看,aes解码,密钥123456789,密文U2FsdGVkX1/Bd4k8ZAij4D8oMKFwS3bBvmalzk3NT7UEJTw7/qemqhDLwG4nl9H9/nO3Xk0Ebmv0W50P9akHkb0F2ubxR31a6lldXh/T1P5UbUFht0mf2SUJwAKMq1bg
x32dbg/x64dbg逆向之反向分析全局变量
1) 逆向之反向分析全局变量介绍
咱们第一个逆向分析的来点简单的,先适应一下,顺便带这各位把C语言简单的过一遍,后面咱们再深入进去。
有之前汇编开发前期基础,这些对咱们来说已经是小儿科,无非就是mov赋值操作, 以及lea获取地址,movsd符号扩展等基本的操作。
咱们记牢以下关键规则哦,因为在后面使用x32/x64dbg进行调试分析时会频繁用到
ds:指向数据段(全局/静态变量)
ss:指向栈段(局部变量)
2)C语言案例代码
咱们在学习逆向分析的同时,同步梳理C和C++基础知识点,一正一反(正向开发,逆向分析)为后续深耕底层技术打好基础哦。
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
// ===================== All Common C Global Data Types =====================
// Basic integer types
char g_char = 0;
unsigned char g_uchar = 0;
short g_short = 0;
unsigned short g_ushort = 0;
int g_int = 0;
unsigned int g_uint = 0;
long g_long = 0;
unsigned long g_ulong = 0;
long long g_llong = 0;
unsigned long long g_ullong = 0;
// Floating-point types
float g_float = 0.0f;
double g_double = 0.0;
long double g_ldouble = 0.0L;
// Boolean type
bool g_bool = false;
// String & character array
// char pointer
char* g_pChar = NULL;
// double char pointer
char** g_ppChar = NULL;
// char array
char g_charArr[100] = { 0 };
// Void pointer
void* g_pVoid = NULL;
// Custom struct
struct Student
{
// Bit-field type
unsigned int age : 8;
unsigned int sex : 1;
int id;
};
struct Student g_stu;
// Union type
union Data
{
int num;
char ch;
float f;
};
union Data g_union;
// Enum type
enum Color
{
BLACK, WHITE, RED, BLUE
};
enum Color g_color;
// Array pointer & function pointer
int g_arr[5] = { 0 };
// pointer to array
int (*g_pArr)[5] = &g_arr;
// function pointer
void (*g_pFunc)(int) = NULL;
// ==========================================================================
// Function pointer
void testFunc(int x)
{
printf("Function pointer call, x = %d\n", x);
}
int main(void)
{
g_char = 'Z';
g_uchar = 255;
g_short = 100;
g_ushort = 200;
g_int = 999;
g_uint = 1024;
g_long = 123456L;
g_ulong = 654321UL;
g_llong = 1122334455LL;
g_ullong = 9988776655ULL;
// float
g_float = 3.14f;
g_double = 6.28;
g_ldouble = 9.99L;
// bool
g_bool = true;
// string
g_pChar = (char*)"Hello All Types";
strcpy(g_charArr, "Char Array Content");
// void pointer point to int
int temp = 888;
g_pVoid = &temp;
// struct
g_stu.age = 20;
g_stu.sex = 1;
g_stu.id = 2025001;
// union
g_union.num = 520;
// enum
g_color = RED;
// call function pointer
g_pFunc = testFunc;
g_pFunc(666);
// Print all for verification
printf("char : %c\n", g_char);
printf("uchar : %u\n", g_uchar);
printf("short : %d\n", g_short);
printf("int : %d\n", g_int);
printf("long long : %lld\n", g_llong);
printf("float : %.2f\n", g_float);
printf("double : %.2lf\n", g_double);
printf("bool : %d\n", g_bool);
printf("str pointer : %s\n", g_pChar);
printf("char array : %s\n", g_charArr);
printf("enum color : %d\n", g_color);
printf("struct age : %d\n", g_stu.age);
printf("union num : %d\n", g_union.num);
return 0;
}
3)汇编反向分析全局变量
咱们就用之前讲过的规则,来一步步分析这段汇编代码,核心就抓一个关键点:只要指令里看到 ds:,那操作的肯定就是全局 / 静态变量;看到 ss:,操作的就是局部变量,照着这个思路看就行。
x64
开头准备部分(没啥实质业务逻辑)
这几步是函数的 标准开场:保存栈底地址,开辟栈空间,然后把栈里刚开辟的这块内存全部填成 0xCCCCCCCC(调试器里常用这个值标记未初始化的栈内存)。这里全是 ss: 栈段操作,跟全局变量没关系,就是搭个运行的基础环境。
00007FF70D7118F0 | 40:55 | push rbp | FileName.cpp:89
00007FF70D7118F2 | 57 | push rdi |
00007FF70D7118F3 | 48:81EC 08010000 | sub rsp,108 |
00007FF70D7118FA | 48:8D6C24 20 | lea rbp,qword ptr ss:[rsp+20] |
00007FF70D7118FF | 48:8D7C24 20 | lea rdi,qword ptr ss:[rsp+20] |
00007FF70D711904 | B9 0A000000 | mov ecx,A | 0A:'\n'
00007FF70D711909 | B8 CCCCCCCC | mov eax,CCCCCCCC |
00007FF70D71190E | F3:AB | rep stosd
这里出现了第一个 ds:读了一个全局值__security_cookie,然后和栈底地址做异或,再存回栈里。这是编译器加的 安全防护后面咱们再说,用来检测栈溢出的,不用纠结细节,知道是读全局值就行。 |
00007FF70D711910 | 48:8B05 29B70000 | mov rax,qword ptr ds:[<__security_cookie>] | rax:__enc$textbss$end+276
00007FF70D711917 | 48:33C5 | xor rax,rbp | rax:__enc$textbss$end+276
00007FF70D71191A | 48:8985 D8000000 | mov qword ptr ss:[rbp+D8],rax | rax:__enc$textbss$end+276
又是ds:,取了个文件名相关的全局字符串地址,调用了个内部函数,还是初始化相关的操作,直接跳过就行。
00007FF70D711921 | 48:8D0D E7060100 | lea rcx,qword ptr ds:[<__14F49BB1_FileName@cpp>] | FileName.cpp:15732480
00007FF70D711928 | E8 48FAFFFF | call project1.7FF70D711375 |
00007FF70D71192D | 90 | nop
咱们的Main赋值正式开始
00007FF70D71192E | C605 DBB80000 5A | mov byte ptr ds:[<char g_char>],5A | 将全局char变量 g_char 赋值为 'Z'(0x5A)
00007FF70D711935 | C605 D5B80000 FF | mov byte ptr ds:[<unsigned char g_uchar>],FF | 将全局unsigned char变量 g_uchar 赋值为255
00007FF70D71193C | B8 64000000 | mov eax,64 | 将100装入EAX
00007FF70D711941 | 66:8905 CCB80000 | mov word ptr ds:[<short g_short>],ax | 将AX中的100写入short变量 g_short
00007FF70D711948 | B8 C8000000 | mov eax,C8 | 将200装入EAX
00007FF70D71194D | 66:8905 C4B80000 | mov word ptr ds:[<unsigned short g_ushort>],ax | 将AX中的200写入unsigned short变量 g_ushort
00007FF70D711954 | C705 BEB80000 E7030000 | mov dword ptr ds:[<int g_int>],3E7 | 将int变量 g_int 赋值为999
00007FF70D71195E | C705 B8B80000 00040000 | mov dword ptr ds:[<unsigned int g_uint>],400 | 将unsigned int变量 g_uint 赋值为1024
00007FF70D711968 | C705 B2B80000 40E20100 | mov dword ptr ds:[<long g_long>],1E240 | 将long变量 g_long 赋值为123456
00007FF70D711972 | C705 ACB80000 F1FB0900 | mov dword ptr ds:[<unsigned long g_ulong>],9FBF1 | 将unsigned long变量 g_ulong 赋值为654321
00007FF70D71197C | 48:C705 A9B80000 F776E54 | mov qword ptr ds:[<__int64 g_llong>],42E576F7 | 将64位整数1234567895写入g_llong
00007FF70D711987 | 48:B8 CFA2605302000000 | mov rax,25360A2CF | 将64位立即数10000000079装入RAX
00007FF70D711991 | 48:8905 A0B80000 | mov qword ptr ds:[<unsigned __int64 g_ullong>],rax | 将RAX写入unsigned long long变量 g_ullong
00007FF70D711998 | F3:0F1005 BC940000 | movss xmm0,dword ptr ds:[<__real@4048f5c3>] | 将float常量加载到XMM0
00007FF70D7119A0 | F3:0F1105 84B80000 | movss dword ptr ds:[<float g_float>],xmm0 | 将float值写入g_float
00007FF70D7119A8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@40191eb851eb851f>] | 将double常量加载到XMM0
00007FF70D7119B0 | F2:0F1105 88B80000 | movsd qword ptr ds:[<double g_double>],xmm0 | 将double值写入g_double
00007FF70D7119B8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@4023fae147ae147b>] | 将long double对应常量加载到XMM0
00007FF70D7119C0 | F2:0F1105 80B80000 | movsd qword ptr ds:[<long double g_ldouble>],xmm0 | 将值写入g_ldouble
00007FF70D7119C8 | C605 43B80000 01 | mov byte ptr ds:[<bool g_bool>],1 | 将bool变量 g_bool 赋值为true
00007FF70D7119CF | 48:8D05 FA920000 | lea rax,qword ptr ds:[<"Hello All Types"...>] | 获取字符串"Hello All Types"地址
00007FF70D7119D6 | 48:8905 73B80000 | mov qword ptr ds:[<char *g_pChar>],rax | 将字符串地址保存到g_pChar
00007FF70D7119DD | 48:8D15 04930000 | lea rdx,qword ptr ds:[<"Char Array Content"...>] | 获取字符串"Char Array Content"地址
00007FF70D7119E4 | 48:8D0D 75B80000 | lea rcx,qword ptr ds:[<char *g_charArr>] | 获取字符数组g_charArr地址作为目标缓冲区
00007FF70D7119EB | E8 37F7FFFF | call project1.7FF70D711127 | 调用字符串复制函数(类似strcpy)
00007FF70D7119F0 | 90 | nop | 空操作,占位
00007FF70D7119F1 | C745 04 78030000 | mov dword ptr ss:[rbp+4],378 | 局部变量赋值888
00007FF70D7119F8 | 48:8D45 04 | lea rax,qword ptr ss:[rbp+4] | 获取局部变量地址
00007FF70D7119FC | 48:8905 C5B80000 | mov qword ptr ds:[<void *g_pVoid>],rax | 将局部变量地址保存到void指针g_pVoid
00007FF70D711A03 | 8B05 C7B80000 | mov eax,dword ptr ds:[<struct Student g_stu>] | 读取结构体Student内容
00007FF70D711A09 | 25 00FFFFFF | and eax,FFFFFF00 | 清除最低8位(age字段)
00007FF70D711A0E | 83C8 14 | or eax,14 | 将age字段设置为20
00007FF70D711A11 | 8905 B9B80000 | mov dword ptr ds:[<struct Student g_stu>],eax | 写回结构体
00007FF70D711A17 | 8B05 B3B80000 | mov eax,dword ptr ds:[<struct Student g_stu>] | 再次读取结构体
00007FF70D711A1D | 0FBAE8 08 | bts eax,8 | 设置第8位(bit field成员)
00007FF70D711A21 | 8905 A9B80000 | mov dword ptr ds:[<struct Student g_stu>],eax | 写回修改后的结构体
00007FF70D711A27 | C705 A3B80000 29E61E00 | mov dword ptr ds:[7FF70D71D2D4],1EE629 | 设置结构体中其他成员值
00007FF70D711A31 | C705 89B80000 08020000 | mov dword ptr ds:[<union Data g_union>],208 | union变量赋值520
00007FF70D711A3B | C705 93B80000 02000000 | mov dword ptr ds:[<enum Color g_color>],2 | 枚举变量g_color赋值为2
00007FF70D711A45 | 48:8D05 E8F8FFFF | lea rax,qword ptr ds:[7FF70D711334] | 获取函数地址
00007FF70D711A4C | 48:8905 A5B80000 | mov qword ptr ds:[<void (__cdecl *g_pFunc)(int)>],rax | 保存到函数指针g_pFunc
00007FF70D711A53 | B9 9A020000 | mov ecx,29A | 准备函数参数666
00007FF70D711A58 | FF15 9AB80000 | call qword ptr ds:[<void (__cdecl *g_pFunc)(int)>] | 通过函数指针调用目标函数
00007FF70D711A5E | 90 | nop
00007FF70D711A5F | 0FBE05 AAB70000 | movsx eax,byte ptr ds:[<char g_char>] | FileName.cpp:134
00007FF70D711A66 | 8BD0 | mov edx,eax |
00007FF70D711A68 | 48:8D0D 91920000 | lea rcx,qword ptr ds:[<"char : %c\n"...>] | 00007FF70D71AD00:"char : %c\n"
00007FF70D711A6F | E8 26F7FFFF | call project1.7FF70D71119A |
00007FF70D711A74 | 90 | nop |
00007FF70D711A75 | 0FB605 95B70000 | movzx eax,byte ptr ds:[<unsigned char g_uchar>] | FileName.cpp:135
00007FF70D711A7C | 8BD0 | mov edx,eax |
00007FF70D711A7E | 48:8D0D 93920000 | lea rcx,qword ptr ds:[<"uchar : %u\n"...>] | 00007FF70D71AD18:"uchar : %u\n"
00007FF70D711A85 | E8 10F7FFFF | call project1.7FF70D71119A |
00007FF70D711A8A | 90 | nop |
00007FF70D711A8B | 0FBF05 82B70000 | movsx eax,word ptr ds:[<short g_short>] | FileName.cpp:136
00007FF70D711A92 | 8BD0 | mov edx,eax |
00007FF70D711A94 | 48:8D0D 95920000 | lea rcx,qword ptr ds:[<"short : %d\n"...>] | 00007FF70D71AD30:"short : %d\n"
00007FF70D711A9B | E8 FAF6FFFF | call project1.7FF70D71119A |
00007FF70D711AA0 | 90 | nop |
00007FF70D711AA1 | 8B15 75B70000 | mov edx,dword ptr ds:[<int g_int>] | FileName.cpp:137
00007FF70D711AA7 | 48:8D0D 9A920000 | lea rcx,qword ptr ds:[<"int : %d\n"...>] | 00007FF70D71AD48:"int : %d\n"
00007FF70D711AAE | E8 E7F6FFFF | call project1.7FF70D71119A |
00007FF70D711AB3 | 90 | nop |
00007FF70D711AB4 | 48:8B15 75B70000 | mov rdx,qword ptr ds:[<__int64 g_llong>] | FileName.cpp:138, rdx:__enc$textbss$end+276
00007FF70D711ABB | 48:8D0D 9E920000 | lea rcx,qword ptr ds:[<"long long : %lld\n"...>] | 00007FF70D71AD60:"long long : %lld\n"
00007FF70D711AC2 | E8 D3F6FFFF | call project1.7FF70D71119A |
00007FF70D711AC7 | 90 | nop |
00007FF70D711AC8 | F3:0F5A05 5CB70000 | cvtss2sd xmm0,dword ptr ds:[<float g_float>] | FileName.cpp:139
00007FF70D711AD0 | 0F28C8 | movaps xmm1,xmm0 |
00007FF70D711AD3 | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276
00007FF70D711AD8 | 48:8D0D 99920000 | lea rcx,qword ptr ds:[<"float : %.2f\n"...>] | 00007FF70D71AD78:"float : %.2f\n"
00007FF70D711ADF | E8 B6F6FFFF | call project1.7FF70D71119A |
00007FF70D711AE4 | 90 | nop |
00007FF70D711AE5 | F2:0F100D 53B70000 | movsd xmm1,qword ptr ds:[<double g_double>] | FileName.cpp:140
00007FF70D711AED | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276
00007FF70D711AF2 | 48:8D0D 97920000 | lea rcx,qword ptr ds:[<"double : %.2lf\n"...>] | 00007FF70D71AD90:"double : %.2lf\n"
00007FF70D711AF9 | E8 9CF6FFFF | call project1.7FF70D71119A |
00007FF70D711AFE | 90 | nop |
00007FF70D711AFF | 0FB605 0CB70000 | movzx eax,byte ptr ds:[<bool g_bool>] | FileName.cpp:141
00007FF70D711B06 | 8BD0 | mov edx,eax |
00007FF70D711B08 | 48:8D0D A1920000 | lea rcx,qword ptr ds:[<"bool : %d\n"...>] | 00007FF70D71ADB0:"bool : %d\n"
00007FF70D711B0F | E8 86F6FFFF | call project1.7FF70D71119A |
00007FF70D711B14 | 90 | nop |
00007FF70D711B15 | 48:8B15 34B70000 | mov rdx,qword ptr ds:[<char *g_pChar>] | FileName.cpp:142, rdx:__enc$textbss$end+276
00007FF70D711B1C | 48:8D0D A5920000 | lea rcx,qword ptr ds:[<"str pointer : %s\n"...>] | 00007FF70D71ADC8:"str pointer : %s\n"
00007FF70D711B23 | E8 72F6FFFF | call project1.7FF70D71119A |
00007FF70D711B28 | 90 | nop |
00007FF70D711B29 | 48:8D15 30B70000 | lea rdx,qword ptr ds:[<char *g_charArr>] | FileName.cpp:143, rdx:__enc$textbss$end+276
00007FF70D711B30 | 48:8D0D A9920000 | lea rcx,qword ptr ds:[<"char array : %s\n"...>] | 00007FF70D71ADE0:"char array : %s\n"
00007FF70D711B37 | E8 5EF6FFFF | call project1.7FF70D71119A |
00007FF70D711B3C | 90 | nop |
00007FF70D711B3D | 8B15 95B70000 | mov edx,dword ptr ds:[<enum Color g_color>] | FileName.cpp:144
00007FF70D711B43 | 48:8D0D AE920000 | lea rcx,qword ptr ds:[<"enum color : %d\n"...>] | 00007FF70D71ADF8:"enum color : %d\n"
00007FF70D711B4A | E8 4BF6FFFF | call project1.7FF70D71119A |
00007FF70D711B4F | 90 | nop |
00007FF70D711B50 | 8B05 7AB70000 | mov eax,dword ptr ds:[<struct Student g_stu>] | FileName.cpp:145
00007FF70D711B56 | 25 FF000000 | and eax,FF |
00007FF70D711B5B | 8BD0 | mov edx,eax |
00007FF70D711B5D | 48:8D0D AC920000 | lea rcx,qword ptr ds:[<"struct age : %d\n"...>] | 00007FF70D71AE10:"struct age : %d\n"
00007FF70D711B64 | E8 31F6FFFF | call project1.7FF70D71119A |
00007FF70D711B69 | 90 | nop |
00007FF70D711B6A | 8B15 54B70000 | mov edx,dword ptr ds:[<union Data g_union>] | FileName.cpp:146
00007FF70D711B70 | 48:8D0D B1920000 | lea rcx,qword ptr ds:[<"union num : %d\n"...>] | 00007FF70D71AE28:"union num : %d\n"
00007FF70D711B77 | E8 1EF6FFFF | call project1.7FF70D71119A |
00007FF70D711B7C | 90 | nop |
00007FF70D711B7D | 33C0 | xor eax,eax | FileName.cpp:148
00007FF70D711B7F | 8BF8 | mov edi,eax | FileName.cpp:151
main函数结束
00007FF70D711B81 | 48:8D4D E0 | lea rcx,qword ptr ss:[rbp-20] |
00007FF70D711B85 | 48:8D15 F4900000 | lea rdx,qword ptr ds:[7FF70D71AC80] | rdx:__enc$textbss$end+276
00007FF70D711B8C | E8 7BF7FFFF | call project1.7FF70D71130C |
00007FF70D711B91 | 8BC7 | mov eax,edi |
00007FF70D711B93 | 48:8B8D D8000000 | mov rcx,qword ptr ss:[rbp+D8] |
00007FF70D711B9A | 48:33CD | xor rcx,rbp |
00007FF70D711B9D | E8 11F6FFFF | call project1.7FF70D7111B3 |
00007FF70D711BA2 | 48:8DA5 E8000000 | lea rsp,qword ptr ss:[rbp+E8] |
00007FF70D711BA9 | 5F | pop rdi |
00007FF70D711BAA | 5D | pop rbp |
00007FF70D711BAB | C3 | ret |
x32
00007FF7B17E18F0 | 40:55 | push rbp | FileName.cpp:89
00007FF7B17E18F2 | 57 | push rdi |
00007FF7B17E18F3 | 48:81EC 08010000 | sub rsp,108 |
00007FF7B17E18FA | 48:8D6C24 20 | lea rbp,qword ptr ss:[rsp+20] |
00007FF7B17E18FF | 48:8D7C24 20 | lea rdi,qword ptr ss:[rsp+20] |
00007FF7B17E1904 | B9 0A000000 | mov ecx,A | 0A:'\n'
00007FF7B17E1909 | B8 CCCCCCCC | mov eax,CCCCCCCC |
00007FF7B17E190E | F3:AB | rep stosd |
00007FF7B17E1910 | 48:8B05 29B70000 | mov rax,qword ptr ds:[<__security_cooki | rax:__enc$textbss$end+276
00007FF7B17E1917 | 48:33C5 | xor rax,rbp | rax:__enc$textbss$end+276
00007FF7B17E191A | 48:8985 D8000000 | mov qword ptr ss:[rbp+D8],rax | rax:__enc$textbss$end+276
00007FF7B17E1921 | 48:8D0D E7060100 | lea rcx,qword ptr ds:[<__14F49BB1_FileN | FileName.cpp:15732480
00007FF7B17E1928 | E8 48FAFFFF | call project1.7FF7B17E1375 |
00007FF7B17E192D | 90 | nop |
00007FF7B17E192E | C605 DBB80000 5A | mov byte ptr ds:[<char g_char>],5A | FileName.cpp:90, 5A:'Z'
00007FF7B17E1935 | C605 D5B80000 FF | mov byte ptr ds:[<unsigned char g_uchar | FileName.cpp:91
00007FF7B17E193C | B8 64000000 | mov eax,64 | FileName.cpp:92, 64:'d'
00007FF7B17E1941 | 66:8905 CCB80000 | mov word ptr ds:[<short g_short>],ax |
00007FF7B17E1948 | B8 C8000000 | mov eax,C8 | FileName.cpp:93
00007FF7B17E194D | 66:8905 C4B80000 | mov word ptr ds:[<unsigned short g_usho |
00007FF7B17E1954 | C705 BEB80000 E7030000 | mov dword ptr ds:[<int g_int>],3E7 | FileName.cpp:94
00007FF7B17E195E | C705 B8B80000 00040000 | mov dword ptr ds:[<unsigned int g_uint> | FileName.cpp:95
00007FF7B17E1968 | C705 B2B80000 40E20100 | mov dword ptr ds:[<long g_long>],1E240 | FileName.cpp:96
00007FF7B17E1972 | C705 ACB80000 F1FB0900 | mov dword ptr ds:[<unsigned long g_ulon | FileName.cpp:97
00007FF7B17E197C | 48:C705 A9B80000 F776E54 | mov qword ptr ds:[<__int64 g_llong>],42 | FileName.cpp:98
00007FF7B17E1987 | 48:B8 CFA2605302000000 | mov rax,25360A2CF | FileName.cpp:99, rax:__enc$textbss$end+276
00007FF7B17E1991 | 48:8905 A0B80000 | mov qword ptr ds:[<unsigned __int64 g_u | rax:__enc$textbss$end+276
00007FF7B17E1998 | F3:0F1005 BC940000 | movss xmm0,dword ptr ds:[<__real@4048f5 | FileName.cpp:102
00007FF7B17E19A0 | F3:0F1105 84B80000 | movss dword ptr ds:[<float g_float>],xm |
00007FF7B17E19A8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@40191e | FileName.cpp:103
00007FF7B17E19B0 | F2:0F1105 88B80000 | movsd qword ptr ds:[<double g_double>], |
00007FF7B17E19B8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@4023fa | FileName.cpp:104
00007FF7B17E19C0 | F2:0F1105 80B80000 | movsd qword ptr ds:[<long double g_ldou |
00007FF7B17E19C8 | C605 43B80000 01 | mov byte ptr ds:[<bool g_bool>],1 | FileName.cpp:107
00007FF7B17E19CF | 48:8D05 FA920000 | lea rax,qword ptr ds:[<"Hello All Types | FileName.cpp:110, rax:__enc$textbss$end+276, 00007FF7B17EACD0:"Hello All Types"
00007FF7B17E19D6 | 48:8905 73B80000 | mov qword ptr ds:[<char *g_pChar>],rax | rax:__enc$textbss$end+276
00007FF7B17E19DD | 48:8D15 04930000 | lea rdx,qword ptr ds:[<"Char Array Cont | FileName.cpp:111, rdx:__enc$textbss$end+276, 00007FF7B17EACE8:"Char Array Content"
00007FF7B17E19E4 | 48:8D0D 75B80000 | lea rcx,qword ptr ds:[<char *g_charArr> |
00007FF7B17E19EB | E8 37F7FFFF | call project1.7FF7B17E1127 |
00007FF7B17E19F0 | 90 | nop |
00007FF7B17E19F1 | C745 04 78030000 | mov dword ptr ss:[rbp+4],378 | FileName.cpp:114
00007FF7B17E19F8 | 48:8D45 04 | lea rax,qword ptr ss:[rbp+4] | FileName.cpp:115, rax:__enc$textbss$end+276
00007FF7B17E19FC | 48:8905 C5B80000 | mov qword ptr ds:[<void *g_pVoid>],rax | rax:__enc$textbss$end+276
00007FF7B17E1A03 | 8B05 C7B80000 | mov eax,dword ptr ds:[<struct Student g | FileName.cpp:118
00007FF7B17E1A09 | 25 00FFFFFF | and eax,FFFFFF00 |
00007FF7B17E1A0E | 83C8 14 | or eax,14 |
00007FF7B17E1A11 | 8905 B9B80000 | mov dword ptr ds:[<struct Student g_stu |
00007FF7B17E1A17 | 8B05 B3B80000 | mov eax,dword ptr ds:[<struct Student g | FileName.cpp:119
00007FF7B17E1A1D | 0FBAE8 08 | bts eax,8 |
00007FF7B17E1A21 | 8905 A9B80000 | mov dword ptr ds:[<struct Student g_stu |
00007FF7B17E1A27 | C705 A3B80000 29E61E00 | mov dword ptr ds:[7FF7B17ED2D4],1EE629 | FileName.cpp:120
00007FF7B17E1A31 | C705 89B80000 08020000 | mov dword ptr ds:[<union Data g_union>] | FileName.cpp:123
00007FF7B17E1A3B | C705 93B80000 02000000 | mov dword ptr ds:[<enum Color g_color>] | FileName.cpp:126
00007FF7B17E1A45 | 48:8D05 E8F8FFFF | lea rax,qword ptr ds:[7FF7B17E1334] | FileName.cpp:129, rax:__enc$textbss$end+276
00007FF7B17E1A4C | 48:8905 A5B80000 | mov qword ptr ds:[<void (__cdecl *g_pFu | rax:__enc$textbss$end+276
00007FF7B17E1A53 | B9 9A020000 | mov ecx,29A | FileName.cpp:130
00007FF7B17E1A58 | FF15 9AB80000 | call qword ptr ds:[<void (__cdecl *g_pF |
00007FF7B17E1A5E | 90 | nop |
00007FF7B17E1A5F | 0FBE05 AAB70000 | movsx eax,byte ptr ds:[<char g_char>] | FileName.cpp:134
00007FF7B17E1A66 | 8BD0 | mov edx,eax |
00007FF7B17E1A68 | 48:8D0D 91920000 | lea rcx,qword ptr ds:[<"char : % | 00007FF7B17EAD00:"char : %c\n"
00007FF7B17E1A6F | E8 26F7FFFF | call project1.7FF7B17E119A |
00007FF7B17E1A74 | 90 | nop |
00007FF7B17E1A75 | 0FB605 95B70000 | movzx eax,byte ptr ds:[<unsigned char g | FileName.cpp:135
00007FF7B17E1A7C | 8BD0 | mov edx,eax |
00007FF7B17E1A7E | 48:8D0D 93920000 | lea rcx,qword ptr ds:[<"uchar : % | 00007FF7B17EAD18:"uchar : %u\n"
00007FF7B17E1A85 | E8 10F7FFFF | call project1.7FF7B17E119A |
00007FF7B17E1A8A | 90 | nop |
00007FF7B17E1A8B | 0FBF05 82B70000 | movsx eax,word ptr ds:[<short g_short>] | FileName.cpp:136
00007FF7B17E1A92 | 8BD0 | mov edx,eax |
00007FF7B17E1A94 | 48:8D0D 95920000 | lea rcx,qword ptr ds:[<"short : % | 00007FF7B17EAD30:"short : %d\n"
00007FF7B17E1A9B | E8 FAF6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1AA0 | 90 | nop |
00007FF7B17E1AA1 | 8B15 75B70000 | mov edx,dword ptr ds:[<int g_int>] | FileName.cpp:137
00007FF7B17E1AA7 | 48:8D0D 9A920000 | lea rcx,qword ptr ds:[<"int : % | 00007FF7B17EAD48:"int : %d\n"
00007FF7B17E1AAE | E8 E7F6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1AB3 | 90 | nop |
00007FF7B17E1AB4 | 48:8B15 75B70000 | mov rdx,qword ptr ds:[<__int64 g_llong> | FileName.cpp:138, rdx:__enc$textbss$end+276
00007FF7B17E1ABB | 48:8D0D 9E920000 | lea rcx,qword ptr ds:[<"long long : % | 00007FF7B17EAD60:"long long : %lld\n"
00007FF7B17E1AC2 | E8 D3F6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1AC7 | 90 | nop |
00007FF7B17E1AC8 | F3:0F5A05 5CB70000 | cvtss2sd xmm0,dword ptr ds:[<float g_fl | FileName.cpp:139
00007FF7B17E1AD0 | 0F28C8 | movaps xmm1,xmm0 |
00007FF7B17E1AD3 | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276
00007FF7B17E1AD8 | 48:8D0D 99920000 | lea rcx,qword ptr ds:[<"float : % | 00007FF7B17EAD78:"float : %.2f\n"
00007FF7B17E1ADF | E8 B6F6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1AE4 | 90 | nop |
00007FF7B17E1AE5 | F2:0F100D 53B70000 | movsd xmm1,qword ptr ds:[<double g_doub | FileName.cpp:140
00007FF7B17E1AED | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276
00007FF7B17E1AF2 | 48:8D0D 97920000 | lea rcx,qword ptr ds:[<"double : % | 00007FF7B17EAD90:"double : %.2lf\n"
00007FF7B17E1AF9 | E8 9CF6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1AFE | 90 | nop |
00007FF7B17E1AFF | 0FB605 0CB70000 | movzx eax,byte ptr ds:[<bool g_bool>] | FileName.cpp:141
00007FF7B17E1B06 | 8BD0 | mov edx,eax |
00007FF7B17E1B08 | 48:8D0D A1920000 | lea rcx,qword ptr ds:[<"bool : % | 00007FF7B17EADB0:"bool : %d\n"
00007FF7B17E1B0F | E8 86F6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1B14 | 90 | nop |
00007FF7B17E1B15 | 48:8B15 34B70000 | mov rdx,qword ptr ds:[<char *g_pChar>] | FileName.cpp:142, rdx:__enc$textbss$end+276
00007FF7B17E1B1C | 48:8D0D A5920000 | lea rcx,qword ptr ds:[<"str pointer : % | 00007FF7B17EADC8:"str pointer : %s\n"
00007FF7B17E1B23 | E8 72F6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1B28 | 90 | nop |
00007FF7B17E1B29 | 48:8D15 30B70000 | lea rdx,qword ptr ds:[<char *g_charArr> | FileName.cpp:143, rdx:__enc$textbss$end+276
00007FF7B17E1B30 | 48:8D0D A9920000 | lea rcx,qword ptr ds:[<"char array : % | 00007FF7B17EADE0:"char array : %s\n"
00007FF7B17E1B37 | E8 5EF6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1B3C | 90 | nop |
00007FF7B17E1B3D | 8B15 95B70000 | mov edx,dword ptr ds:[<enum Color g_col | FileName.cpp:144
00007FF7B17E1B43 | 48:8D0D AE920000 | lea rcx,qword ptr ds:[<"enum color : % | 00007FF7B17EADF8:"enum color : %d\n"
00007FF7B17E1B4A | E8 4BF6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1B4F | 90 | nop |
00007FF7B17E1B50 | 8B05 7AB70000 | mov eax,dword ptr ds:[<struct Student g | FileName.cpp:145
00007FF7B17E1B56 | 25 FF000000 | and eax,FF |
00007FF7B17E1B5B | 8BD0 | mov edx,eax |
00007FF7B17E1B5D | 48:8D0D AC920000 | lea rcx,qword ptr ds:[<"struct age : % | 00007FF7B17EAE10:"struct age : %d\n"
00007FF7B17E1B64 | E8 31F6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1B69 | 90 | nop |
00007FF7B17E1B6A | 8B15 54B70000 | mov edx,dword ptr ds:[<union Data g_uni | FileName.cpp:146
00007FF7B17E1B70 | 48:8D0D B1920000 | lea rcx,qword ptr ds:[<"union num : % | 00007FF7B17EAE28:"union num : %d\n"
00007FF7B17E1B77 | E8 1EF6FFFF | call project1.7FF7B17E119A |
00007FF7B17E1B7C | 90 | nop |
00007FF7B17E1B7D | 33C0 | xor eax,eax | FileName.cpp:148
00007FF7B17E1B7F | 8BF8 | mov edi,eax | FileName.cpp:151
00007FF7B17E1B81 | 48:8D4D E0 | lea rcx,qword ptr ss:[rbp-20] |
00007FF7B17E1B85 | 48:8D15 F4900000 | lea rdx,qword ptr ds:[7FF7B17EAC80] | rdx:__enc$textbss$end+276
00007FF7B17E1B8C | E8 7BF7FFFF | call project1.7FF7B17E130C |
00007FF7B17E1B91 | 8BC7 | mov eax,edi |
00007FF7B17E1B93 | 48:8B8D D8000000 | mov rcx,qword ptr ss:[rbp+D8] |
00007FF7B17E1B9A | 48:33CD | xor rcx,rbp |
00007FF7B17E1B9D | E8 11F6FFFF | call project1.7FF7B17E11B3 |
00007FF7B17E1BA2 | 48:8DA5 E8000000 | lea rsp,qword ptr ss:[rbp+E8] |
00007FF7B17E1BA9 | 5F | pop rdi |
00007FF7B17E1BAA | 5D | pop rbp |
00007FF7B17E1BAB | C3 | ret |
其他案例请查看,aes解码,密钥123456789,密文U2FsdGVkX1/Bd4k8ZAij4D8oMKFwS3bBvmalzk3NT7UEJTw7/qemqhDLwG4nl9H9/nO3Xk0Ebmv0W50P9akHkb0F2ubxR31a6lldXh/T1P5UbUFht0mf2SUJwAKMq1bg
扫一扫
913
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
