Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.






Lost Password?
No account yet? Register
Who's Online
We have 38 guests and 1 member online
 
Free Business and Tech Magazines and eBooks

You are here: Home
EH-Net
May 23, 2013, 04:06:40 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1]
1  Columns / Heffner / Re: [Article]-Intro to Reverse Engineering - No Assembly Required on: August 13, 2007, 08:12:47 AM
Hey Paul,

Code:
lea 0x4(%esp),%ecx
pushl 0xfffffffc(%ecx)

These instructions serve to save the stack pointer on the stack. Notice that at main+42, this value is loaded back into ESP in order to restore the stack pointer before returning.

Code:
and $0xfffffff0,%esp

This instruction zeros out the last byte in the ESP register. This is done to ensure that the stack pointer is aligned on a 16-byte boundary (the default stack boundary is 16) in order to increase CPU execution time. There's a short semi-discussion on it at the Kernel Trap forums: http://kerneltrap.org/node/8236 .

As far as puts() goes, it's not much different from printf() when just printing out a string. You should see the memory address where the string is located pushed onto the stack just before the call to puts(). It will place a positive number in the EAX register if successful (probably 1), and a -1 in EAX if it fails.
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!
Page created in 0.058 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.