1. Accueil
  2. Question et réponse
  3. comment puis-je trouver la valeur dans ce registre al?

comment puis-je trouver la valeur dans ce registre al?

2017-03-13 3 views
0

Je travaille sur une tâche binaire de laboratoire bombe qui traite du langage d'assemblage x86 (à & t je crois). Je courais à travers mon code et arriver à la fin, mais à la fin, je compare une valeur de la mienne qui est de 306 à ce registre% al je ne sais pas comment obtenir la valeur de ce que j'ai essayé x et x/d pour al et $ al et il ne peut pas le trouver, comment puis-je trouver la valeur de cela. C'est à la ligne 327. Merci.comment puis-je trouver la valeur dans ce registre al?

1 2 120 

Breakpoint 1, 0x08048da4 in phase_5() 

Missing separate debuginfos, use: debuginfo-install glibc-2.17-106.el7_2.8.i686 

(gdb) disas 

Dump of assembler code for function phase_5: 

=> 0x08048da4 <+0>: sub $0x3c,%esp 

    0x08048da7 <+3>: lea 0x2c(%esp),%eax 

    0x08048dab <+7>: mov %eax,0x10(%esp) 

    0x08048daf <+11>: lea 0x27(%esp),%eax 

    0x08048db3 <+15>: mov %eax,0xc(%esp) 

    0x08048db7 <+19>: lea 0x28(%esp),%eax 

    0x08048dbb <+23>: mov %eax,0x8(%esp) 

    0x08048dbf <+27>: movl $0x804a54c,0x4(%esp) 

    0x08048dc7 <+35>: mov 0x40(%esp),%eax 

    0x08048dcb <+39>: mov %eax,(%esp) 

    0x08048dce <+42>: call 0x8048900 <[email protected]> 

    0x08048dd3 <+47>: cmp $0x2,%eax 

    0x08048dd6 <+50>: jg  0x8048ddd <phase_5+57> 

    0x08048dd8 <+52>: call 0x8049515 <explode_bomb> 

    0x08048ddd <+57>: cmpl $0x7,0x28(%esp) 

    0x08048de2 <+62>: ja  0x8048ee1 <phase_5+317> 

    0x08048de8 <+68>: mov 0x28(%esp),%eax 

    0x08048dec <+72>: jmp *0x804a5a0(,%eax,4) 

    0x08048df3 <+79>: mov $0x67,%eax 

    0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp) 

    0x08048e00 <+92>: je  0x8048eeb <phase_5+327> 

    0x08048e06 <+98>: call 0x8049515 <explode_bomb> 

    0x08048e0b <+103>: mov $0x67,%eax 

    0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327> 

    0x08048e15 <+113>: mov $0x73,%eax 

    0x08048e1a <+118>: cmpl $0x78,0x2c(%esp) 

---Type <return> to continue, or q <return> to quit---q 

Quit 

(gdb) until *0x08048dd6 

0x08048dd6 in phase_5() 

(gdb) disas 

Dump of assembler code for function phase_5: 

    0x08048da4 <+0>: sub $0x3c,%esp 

    0x08048da7 <+3>: lea 0x2c(%esp),%eax 

    0x08048dab <+7>: mov %eax,0x10(%esp) 

    0x08048daf <+11>: lea 0x27(%esp),%eax 

    0x08048db3 <+15>: mov %eax,0xc(%esp) 

    0x08048db7 <+19>: lea 0x28(%esp),%eax 

    0x08048dbb <+23>: mov %eax,0x8(%esp) 

    0x08048dbf <+27>: movl $0x804a54c,0x4(%esp) 

    0x08048dc7 <+35>: mov 0x40(%esp),%eax 

    0x08048dcb <+39>: mov %eax,(%esp) 

    0x08048dce <+42>: call 0x8048900 <[email protected]> 

    0x08048dd3 <+47>: cmp $0x2,%eax 

=> 0x08048dd6 <+50>: jg  0x8048ddd <phase_5+57> 

    0x08048dd8 <+52>: call 0x8049515 <explode_bomb> 

    0x08048ddd <+57>: cmpl $0x7,0x28(%esp) 

    0x08048de2 <+62>: ja  0x8048ee1 <phase_5+317> 

    0x08048de8 <+68>: mov 0x28(%esp),%eax 

    0x08048dec <+72>: jmp *0x804a5a0(,%eax,4) 

    0x08048df3 <+79>: mov $0x67,%eax 

    0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp) 

    0x08048e00 <+92>: je  0x8048eeb <phase_5+327> 

    0x08048e06 <+98>: call 0x8049515 <explode_bomb> 

    0x08048e0b <+103>: mov $0x67,%eax 

    0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327> 

    0x08048e15 <+113>: mov $0x73,%eax 

    0x08048e1a <+118>: cmpl $0x78,0x2c(%esp) 

---Type <return> to continue, or q <return> to quit---q 

Quit 

(gdb) ni 

0x08048ddd in phase_5() 

(gdb) disas 

Dump of assembler code for function phase_5: 

    0x08048da4 <+0>: sub $0x3c,%esp 

    0x08048da7 <+3>: lea 0x2c(%esp),%eax 

    0x08048dab <+7>: mov %eax,0x10(%esp) 

    0x08048daf <+11>: lea 0x27(%esp),%eax 

    0x08048db3 <+15>: mov %eax,0xc(%esp) 

    0x08048db7 <+19>: lea 0x28(%esp),%eax 

    0x08048dbb <+23>: mov %eax,0x8(%esp) 

    0x08048dbf <+27>: movl $0x804a54c,0x4(%esp) 

    0x08048dc7 <+35>: mov 0x40(%esp),%eax 

    0x08048dcb <+39>: mov %eax,(%esp) 

    0x08048dce <+42>: call 0x8048900 <[email protected]> 

    0x08048dd3 <+47>: cmp $0x2,%eax 

    0x08048dd6 <+50>: jg  0x8048ddd <phase_5+57> 

    0x08048dd8 <+52>: call 0x8049515 <explode_bomb> 

=> 0x08048ddd <+57>: cmpl $0x7,0x28(%esp) 

    0x08048de2 <+62>: ja  0x8048ee1 <phase_5+317> 

    0x08048de8 <+68>: mov 0x28(%esp),%eax 

    0x08048dec <+72>: jmp *0x804a5a0(,%eax,4) 

    0x08048df3 <+79>: mov $0x67,%eax 

    0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp) 

    0x08048e00 <+92>: je  0x8048eeb <phase_5+327> 

    0x08048e06 <+98>: call 0x8049515 <explode_bomb> 

    0x08048e0b <+103>: mov $0x67,%eax 

    0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327> 

    0x08048e15 <+113>: mov $0x73,%eax 

    0x08048e1a <+118>: cmpl $0x78,0x2c(%esp) 

---Type <return> to continue, or q <return> to quit---q 

Quit 

(gdb) ni 

0x08048de2 in phase_5() 

(gdb) ni 

0x08048de8 in phase_5() 

(gdb) disas 

Dump of assembler code for function phase_5: 

    0x08048da4 <+0>: sub $0x3c,%esp 

    0x08048da7 <+3>: lea 0x2c(%esp),%eax 

    0x08048dab <+7>: mov %eax,0x10(%esp) 

    0x08048daf <+11>: lea 0x27(%esp),%eax 

    0x08048db3 <+15>: mov %eax,0xc(%esp) 

    0x08048db7 <+19>: lea 0x28(%esp),%eax 

    0x08048dbb <+23>: mov %eax,0x8(%esp) 

    0x08048dbf <+27>: movl $0x804a54c,0x4(%esp) 

    0x08048dc7 <+35>: mov 0x40(%esp),%eax 

    0x08048dcb <+39>: mov %eax,(%esp) 

    0x08048dce <+42>: call 0x8048900 <[email protected]> 

    0x08048dd3 <+47>: cmp $0x2,%eax 

    0x08048dd6 <+50>: jg  0x8048ddd <phase_5+57> 

    0x08048dd8 <+52>: call 0x8049515 <explode_bomb> 

    0x08048ddd <+57>: cmpl $0x7,0x28(%esp) 

    0x08048de2 <+62>: ja  0x8048ee1 <phase_5+317> 

=> 0x08048de8 <+68>: mov 0x28(%esp),%eax 

    0x08048dec <+72>: jmp *0x804a5a0(,%eax,4) 

    0x08048df3 <+79>: mov $0x67,%eax 

    0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp) 

    0x08048e00 <+92>: je  0x8048eeb <phase_5+327> 

    0x08048e06 <+98>: call 0x8049515 <explode_bomb> 

    0x08048e0b <+103>: mov $0x67,%eax 

    0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327> 

    0x08048e15 <+113>: mov $0x73,%eax 

    0x08048e1a <+118>: cmpl $0x78,0x2c(%esp) 

---Type <return> to continue, or q <return> to quit---q 

Quit 

(gdb) ni 

0x08048dec in phase_5() 

(gdb) ni 

0x08048e15 in phase_5() 

(gdb) disas 

Dump of assembler code for function phase_5: 

    0x08048da4 <+0>: sub $0x3c,%esp 

    0x08048da7 <+3>: lea 0x2c(%esp),%eax 

    0x08048dab <+7>: mov %eax,0x10(%esp) 

    0x08048daf <+11>: lea 0x27(%esp),%eax 

    0x08048db3 <+15>: mov %eax,0xc(%esp) 

    0x08048db7 <+19>: lea 0x28(%esp),%eax 

    0x08048dbb <+23>: mov %eax,0x8(%esp) 

    0x08048dbf <+27>: movl $0x804a54c,0x4(%esp) 

    0x08048dc7 <+35>: mov 0x40(%esp),%eax 

    0x08048dcb <+39>: mov %eax,(%esp) 

    0x08048dce <+42>: call 0x8048900 <[email protected]> 

    0x08048dd3 <+47>: cmp $0x2,%eax 

    0x08048dd6 <+50>: jg  0x8048ddd <phase_5+57> 

    0x08048dd8 <+52>: call 0x8049515 <explode_bomb> 

    0x08048ddd <+57>: cmpl $0x7,0x28(%esp) 

    0x08048de2 <+62>: ja  0x8048ee1 <phase_5+317> 

    0x08048de8 <+68>: mov 0x28(%esp),%eax 

    0x08048dec <+72>: jmp *0x804a5a0(,%eax,4) 

    0x08048df3 <+79>: mov $0x67,%eax 

    0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp) 

    0x08048e00 <+92>: je  0x8048eeb <phase_5+327> 

    0x08048e06 <+98>: call 0x8049515 <explode_bomb> 

    0x08048e0b <+103>: mov $0x67,%eax 

    0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327> 

=> 0x08048e15 <+113>: mov $0x73,%eax 

    0x08048e1a <+118>: cmpl $0x78,0x2c(%esp) 

---Type <return> to continue, or q <return> to quit---q 

Quit 

(gdb) ni 

0x08048e1a in phase_5() 

(gdb) x/d $esp+0x2c 

0xffffce9c: 120 

(gdb) ni 

0x08048e1f in phase_5() 

(gdb) ni 

0x08048eeb in phase_5() 

(gdb) disas 

Dump of assembler code for function phase_5: 

    0x08048da4 <+0>: sub $0x3c,%esp 

    0x08048da7 <+3>: lea 0x2c(%esp),%eax 

    0x08048dab <+7>: mov %eax,0x10(%esp) 

    0x08048daf <+11>: lea 0x27(%esp),%eax 

    0x08048db3 <+15>: mov %eax,0xc(%esp) 

    0x08048db7 <+19>: lea 0x28(%esp),%eax 

    0x08048dbb <+23>: mov %eax,0x8(%esp) 

    0x08048dbf <+27>: movl $0x804a54c,0x4(%esp) 

    0x08048dc7 <+35>: mov 0x40(%esp),%eax 

    0x08048dcb <+39>: mov %eax,(%esp) 

    0x08048dce <+42>: call 0x8048900 <[email protected]> 

    0x08048dd3 <+47>: cmp $0x2,%eax 

    0x08048dd6 <+50>: jg  0x8048ddd <phase_5+57> 

    0x08048dd8 <+52>: call 0x8049515 <explode_bomb> 

    0x08048ddd <+57>: cmpl $0x7,0x28(%esp) 

    0x08048de2 <+62>: ja  0x8048ee1 <phase_5+317> 

    0x08048de8 <+68>: mov 0x28(%esp),%eax 

    0x08048dec <+72>: jmp *0x804a5a0(,%eax,4) 

    0x08048df3 <+79>: mov $0x67,%eax 

    0x08048df8 <+84>: cmpl $0x2c5,0x2c(%esp) 

    0x08048e00 <+92>: je  0x8048eeb <phase_5+327> 

    0x08048e06 <+98>: call 0x8049515 <explode_bomb> 

    0x08048e0b <+103>: mov $0x67,%eax 

    0x08048e10 <+108>: jmp 0x8048eeb <phase_5+327> 

    0x08048e15 <+113>: mov $0x73,%eax 

    0x08048e1a <+118>: cmpl $0x78,0x2c(%esp) 

---Type <return> to continue, or q <return> to quit--- 

    0x08048e1f <+123>: je  0x8048eeb <phase_5+327> 

    0x08048e25 <+129>: call 0x8049515 <explode_bomb> 

    0x08048e2a <+134>: mov $0x73,%eax 

    0x08048e2f <+139>: jmp 0x8048eeb <phase_5+327> 

    0x08048e34 <+144>: mov $0x64,%eax 

    0x08048e39 <+149>: cmpl $0x1fd,0x2c(%esp) 

    0x08048e41 <+157>: je  0x8048eeb <phase_5+327> 

    0x08048e47 <+163>: call 0x8049515 <explode_bomb> 

    0x08048e4c <+168>: mov $0x64,%eax 

    0x08048e51 <+173>: jmp 0x8048eeb <phase_5+327> 

    0x08048e56 <+178>: mov $0x66,%eax 

    0x08048e5b <+183>: cmpl $0x363,0x2c(%esp) 

    0x08048e63 <+191>: je  0x8048eeb <phase_5+327> 

    0x08048e69 <+197>: call 0x8049515 <explode_bomb> 

    0x08048e6e <+202>: mov $0x66,%eax 

    0x08048e73 <+207>: jmp 0x8048eeb <phase_5+327> 

    0x08048e75 <+209>: mov $0x70,%eax 

    0x08048e7a <+214>: cmpl $0x161,0x2c(%esp) 

    0x08048e82 <+222>: je  0x8048eeb <phase_5+327> 

    0x08048e84 <+224>: call 0x8049515 <explode_bomb> 

    0x08048e89 <+229>: mov $0x70,%eax 

    0x08048e8e <+234>: jmp 0x8048eeb <phase_5+327> 

    0x08048e90 <+236>: mov $0x6f,%eax 

    0x08048e95 <+241>: cmpl $0x329,0x2c(%esp) 

    0x08048e9d <+249>: je  0x8048eeb <phase_5+327> 

    0x08048e9f <+251>: call 0x8049515 <explode_bomb> 

    0x08048ea4 <+256>: mov $0x6f,%eax 

---Type <return> to continue, or q <return> to quit--- 

    0x08048ea9 <+261>: jmp 0x8048eeb <phase_5+327> 

    0x08048eab <+263>: mov $0x64,%eax 

    0x08048eb0 <+268>: cmpl $0x273,0x2c(%esp) 

    0x08048eb8 <+276>: je  0x8048eeb <phase_5+327> 

    0x08048eba <+278>: call 0x8049515 <explode_bomb> 

    0x08048ebf <+283>: mov $0x64,%eax 

    0x08048ec4 <+288>: jmp 0x8048eeb <phase_5+327> 

    0x08048ec6 <+290>: mov $0x62,%eax 

    0x08048ecb <+295>: cmpl $0x2b8,0x2c(%esp) 

    0x08048ed3 <+303>: je  0x8048eeb <phase_5+327> 

    0x08048ed5 <+305>: call 0x8049515 <explode_bomb> 

    0x08048eda <+310>: mov $0x62,%eax 

    0x08048edf <+315>: jmp 0x8048eeb <phase_5+327> 

    0x08048ee1 <+317>: call 0x8049515 <explode_bomb> 

    0x08048ee6 <+322>: mov $0x67,%eax 

=> 0x08048eeb <+327>: cmp 0x27(%esp),%al 

    0x08048eef <+331>: je  0x8048ef6 <phase_5+338> 

    0x08048ef1 <+333>: call 0x8049515 <explode_bomb> 

    0x08048ef6 <+338>: add $0x3c,%esp 

    0x08048ef9 <+341>: ret  

End of assembler dump. 

(gdb) x/d $esp+0x27 

0xffffce97: 306

Source

2017-03-13 nrf

+1

Eh bien, je peux vous faire économiser quelques problèmes ... Il n'y a aucun moyen que 'al' peut contenir 306. –

+0

Pour aider à clarifier:' cmp 0x27 (% esp),% al' est un 8 bits comparaison, donc il fait une charge de taille octet de la mémoire '0x27 (% esp)'. 'x/d' utilise la taille précédemment utilisée, probablement dword. Pour obtenir un octet, ajoutez 'b' au spécificateur de format. – ephemient

+0

merci cela a fonctionné – nrf

Répondre

1

print $al (ou p $al) fonctionnera. x ne fonctionne pas car il ne montre pas la valeur, il montre le contenu à cette adresse (et $al n'est pas un pointeur valide). Vous pouvez également afficher tous les registres en même temps, voir info gdb Registers.

info registers

imprimer les noms et les valeurs de tous les registres, à l'exception des registres à virgule flottante et de vecteurs (dans le cadre de pile sélectionnée).

info all-registers

imprimer les noms et les valeurs de tous les registres, y compris en virgule flottante et registres vectoriels (dans le cadre de pile sélectionnée).

info registersregname & hellip;

Imprimer la relativisée valeur de chaque registre spécifié regname. Comme discuté en détail ci-dessous, les valeurs de registre sont normalement relatives à la trame de pile sélectionnée. Le regname peut être n'importe quel nom de registre valide sur la machine que vous utilisez, avec ou sans l'initiale '$'.

Source

2017-03-13 05:27:42 ephemient

+0

merci cela a fonctionné – nrf

 Questions connexes

  • Aucun problème connexe^_^