-
-
[原创]第二阶段◇第一题
-
发表于: 2007-8-30 20:43
-
前面的分析过程和大家一样,可惜没有考虑那么多的组合,直接用了128字节的结果,构造的代码自己感觉比较简练一点(浪费了好多的0字节哦
)
修改过的构造代码:
00AE0008 B8 4F4B2100 MOV EAX, 214B4F
00AE000D A3 68024000 MOV DWORD PTR [400268], EAX
00AE0012 A3 60024000 MOV DWORD PTR [400260], EAX
00AE0017 8BEC MOV EBP, ESP
00AE0019 83C5 1C ADD EBP, 1C
00AE001C 56 PUSH ESI
00AE001D 68 83034000 PUSH 400383
00AE0022 C3 RET
或者
00AE0008 B8 4F4B2100 MOV EAX, 214B4F
00AE000D 6A 03 PUSH 3
00AE000F 59 POP ECX
00AE0010 BF 60024000 MOV EDI, 400260 ; ASCII "OK!"
00AE0015 F3:AB REP STOS DWORD PTR ES:[EDI]
00AE0017 8BEC MOV EBP, ESP
00AE0019 83C5 1C ADD EBP, 1C
00AE001C 56 PUSH ESI
00AE001D 68 83034000 PUSH 400383
00AE0022 C3 RET
字节数居然一样多
)修改过的构造代码:
00AE0008 B8 4F4B2100 MOV EAX, 214B4F
00AE000D A3 68024000 MOV DWORD PTR [400268], EAX
00AE0012 A3 60024000 MOV DWORD PTR [400260], EAX
00AE0017 8BEC MOV EBP, ESP
00AE0019 83C5 1C ADD EBP, 1C
00AE001C 56 PUSH ESI
00AE001D 68 83034000 PUSH 400383
00AE0022 C3 RET
或者
00AE0008 B8 4F4B2100 MOV EAX, 214B4F
00AE000D 6A 03 PUSH 3
00AE000F 59 POP ECX
00AE0010 BF 60024000 MOV EDI, 400260 ; ASCII "OK!"
00AE0015 F3:AB REP STOS DWORD PTR ES:[EDI]
00AE0017 8BEC MOV EBP, ESP
00AE0019 83C5 1C ADD EBP, 1C
00AE001C 56 PUSH ESI
00AE001D 68 83034000 PUSH 400383
00AE0022 C3 RET
字节数居然一样多
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
