-
-
[旧帖] [求助] 输入一段buffer 如何进行反汇编输出 0.00雪花
-
发表于: 2010-7-3 09:11
-
输入这个buffer
43 00 6F 00 6D 00 6D 00 6F 00 6E 00 50 00 72 00 6F 00 67 00 72 00 61 00 6D 00 46 00 69 00 6C 00 4C
==================================================
反汇编结果:
00100000 INC EBX
00100001 ADD [EDI],CH
00100004 INS DWORD PTR ES:[EDI],DX
00100005 ADD [EBP],CH
00100008 OUTS DX,DWORD PTR ES:[EDI]
00100009 ADD [ESI],CH
0010000c PUSH EAX
0010000d ADD [EDX],DH
00100010 OUTS DX,DWORD PTR ES:[EDI]
00100011 ADD [EDI],AH
00100014 JB SHORT 00100016
00100016 POPAD
00100017 ADD [EBP],CH
0010001a INC ESI
0010001b ADD [ECX],CH
0010001e INS BYTE PTR ES:[EDI],DX
0010001f DB 00
=========================
怎样实现这样得功能unsigned char *Disassemble(unsigned int LinearAddress, unsigned char *Code, PINSTRUCTION Instruction, char *InstructionStr)
这个太复杂了函数参数
43 00 6F 00 6D 00 6D 00 6F 00 6E 00 50 00 72 00 6F 00 67 00 72 00 61 00 6D 00 46 00 69 00 6C 00 4C
==================================================
反汇编结果:
00100000 INC EBX
00100001 ADD [EDI],CH
00100004 INS DWORD PTR ES:[EDI],DX
00100005 ADD [EBP],CH
00100008 OUTS DX,DWORD PTR ES:[EDI]
00100009 ADD [ESI],CH
0010000c PUSH EAX
0010000d ADD [EDX],DH
00100010 OUTS DX,DWORD PTR ES:[EDI]
00100011 ADD [EDI],AH
00100014 JB SHORT 00100016
00100016 POPAD
00100017 ADD [EBP],CH
0010001a INC ESI
0010001b ADD [ECX],CH
0010001e INS BYTE PTR ES:[EDI],DX
0010001f DB 00
=========================
怎样实现这样得功能unsigned char *Disassemble(unsigned int LinearAddress, unsigned char *Code, PINSTRUCTION Instruction, char *InstructionStr)
这个太复杂了函数参数
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
