push mov sub mov add mov push lea

  • Slides: 20
Download presentation
push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 RET <- ESP argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 <- ESP RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 RET argc argv <- ESP, EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 argv[1] <- ESP buffer 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 argv[1] <- ESP buffer 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 &buffer <- ESP argv[1] buffer 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 &buffer <- ESP argv[1] buffer (argv[1]) 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer (argv[1]) <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer (argv[1]) <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 &buffer <- ESP buffer (argv[1]) 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 0 x 8048410 format string <- ESP &buffer (argv[1]) 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 0 x 8048410 format string <- ESP &buffer (argv[1]) 0 x 8000 RET argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] mov esp, ebp pop ebp 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 buffer (argv[1]) <- ESP 0 x 8000 <- EBP RET argc argv

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] mov esp, ebp pop ebp 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 RET argc argv <- EBP, ESP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy> %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 RET <- ESP argc argv <- EBP

push mov sub mov add mov push lea push call add xor jmp leave

push mov sub mov add mov push lea push call add xor jmp leave ret %ebp, %esp, 0 x 100 %eax, DWORD PTR [%ebp+12] %eax, 4 %edx, DWORD PTR [%eax] %edx %eax, [%ebp-256] %eax 0 x 8048340 <strcpy > %esp, 8 %eax, [%ebp-256] %eax 0 x 80484 a 0 0 x 8048330 <printf> %esp, 8 %eax, %eax 0 x 8048440 <main+64> %esi, [%esi*1] 0 x 7 EEC 0 x 7 EF 0 0 x 7 EF 4 0 x 7 FF 8 0 x 7 FFC 0 x 8000 argc <- ESP argv <- EBP