这是别人发我的AT&T汇编语言代码,说是往exe的第一节写MOV eax,80000
答案:1 悬赏:80 手机版
解决时间 2021-03-30 10:00
- 提问者网友:趣果有间
- 2021-03-30 02:38
这是别人发我的AT&T汇编语言代码,说是往exe的第一节写MOV eax,80000
最佳答案
- 五星知识达人网友:一把行者刀
- 2021-03-30 03:41
com版好像不行 exe可以
可以参考: 谈谈MASM与COM格式文件
你说的intel汇编应该是说masm实现,但即便是masm6.0以上模仿也有点麻烦,
如果你装了mingw-gcc,可以先用c模拟了这个汇编
#include
int main(int argc, const char *argv[])
{
FILE *fp;
fp = fopen("test.exe","rb+");
if(!fp)
{
printf("未找到test.exe文件!");
return 0;
}
fprintf(fp, "%d%c", 0xB8000080, 0);
return 0;
}
4. 然后执行 gcc -S test.c -masm=intel -o test.s
就可得到intel语法的汇编代码
.file "test.c"
.intel_syntax noprefix
.def ___main; .scl 2; .type 32; .endef
.section .rdata,"dr"
LC0:
.ascii "rb+"
LC1:
.ascii "test.exe"
LC2:
.ascii "346234252346211276345210260test.exe346226207344273266!"
LC3:
.ascii "%d%c"
.text
.globl _main
.def _main; .scl 2; .type 32; .endef
_main:
LFB6:
.cfi_startproc
push ebp
.cfi_def_cfa_offset 8
.cfi_offset 5, -8
mov ebp, esp
.cfi_def_cfa_register 5
and esp, -16
sub esp, 32
call ___main
mov DWORD PTR [esp+4], OFFSET FLAT:LC0
mov DWORD PTR [esp], OFFSET FLAT:LC1
call _fopen
mov DWORD PTR [esp+28], eax
cmp DWORD PTR [esp+28], 0
jne L2
mov DWORD PTR [esp], OFFSET FLAT:LC2
call _printf
mov eax, 0
jmp L3
L2:
mov DWORD PTR [esp+12], 0
mov DWORD PTR [esp+8], -1207959424
mov DWORD PTR [esp+4], OFFSET FLAT:LC3
mov eax, DWORD PTR [esp+28]
mov DWORD PTR [esp], eax
call _fprintf
mov eax, 0
L3:
leave
.cfi_restore 5
.cfi_def_cfa 4, 4
ret
.cfi_endproc
LFE6:
.ident "GCC: (GNU) 4.8.1"
.def _fopen; .scl 2; .type 32; .endef
.def _printf; .scl 2; .type 32; .endef
.def _fprintf; .scl 2; .type 32; .endef
可以参考: 谈谈MASM与COM格式文件
你说的intel汇编应该是说masm实现,但即便是masm6.0以上模仿也有点麻烦,
如果你装了mingw-gcc,可以先用c模拟了这个汇编
#include
int main(int argc, const char *argv[])
{
FILE *fp;
fp = fopen("test.exe","rb+");
if(!fp)
{
printf("未找到test.exe文件!");
return 0;
}
fprintf(fp, "%d%c", 0xB8000080, 0);
return 0;
}
4. 然后执行 gcc -S test.c -masm=intel -o test.s
就可得到intel语法的汇编代码
.file "test.c"
.intel_syntax noprefix
.def ___main; .scl 2; .type 32; .endef
.section .rdata,"dr"
LC0:
.ascii "rb+"
LC1:
.ascii "test.exe"
LC2:
.ascii "346234252346211276345210260test.exe346226207344273266!"
LC3:
.ascii "%d%c"
.text
.globl _main
.def _main; .scl 2; .type 32; .endef
_main:
LFB6:
.cfi_startproc
push ebp
.cfi_def_cfa_offset 8
.cfi_offset 5, -8
mov ebp, esp
.cfi_def_cfa_register 5
and esp, -16
sub esp, 32
call ___main
mov DWORD PTR [esp+4], OFFSET FLAT:LC0
mov DWORD PTR [esp], OFFSET FLAT:LC1
call _fopen
mov DWORD PTR [esp+28], eax
cmp DWORD PTR [esp+28], 0
jne L2
mov DWORD PTR [esp], OFFSET FLAT:LC2
call _printf
mov eax, 0
jmp L3
L2:
mov DWORD PTR [esp+12], 0
mov DWORD PTR [esp+8], -1207959424
mov DWORD PTR [esp+4], OFFSET FLAT:LC3
mov eax, DWORD PTR [esp+28]
mov DWORD PTR [esp], eax
call _fprintf
mov eax, 0
L3:
leave
.cfi_restore 5
.cfi_def_cfa 4, 4
ret
.cfi_endproc
LFE6:
.ident "GCC: (GNU) 4.8.1"
.def _fopen; .scl 2; .type 32; .endef
.def _printf; .scl 2; .type 32; .endef
.def _fprintf; .scl 2; .type 32; .endef
我要举报
如以上回答内容为低俗、色情、不良、暴力、侵权、涉及违法等信息,可以点下面链接进行举报!
点此我要举报以上问答信息
大家都在看
推荐资讯