1. 함수의 위치 찾기
1.1 소스코드
/*
Name: ex1.c
Desc: 1장 연습문제
*/
#include <stdio.h>
/*
Name: add
Param: a, b
Desc: 두 변수를 더하는 함수
*/
int add(int a, int b)
{
printf("int a: %d\n, int b: %d\n, result: %d\n",a,b,a+b);
return a+b;
}
/*
Name: sub
Param: a, b
Desc: 두 변수를 빼는 함수
*/
int sub(int a, int b)
{
printf("int a: %d\n, int b: %d\n, result: %d\n",a,b,a-b);
return a-b;
}
/*
Name: Main
Param: argv, argc
Desc: 메인 함수
*/
int main(int argv, char* argc[])
{
printf("[+] Start Main Func\n");
add(2,5);
sub(3,1);
return 0;
}
C
복사
1.2 전처리 수행 결과
chp1/ex# gcc -E -P ex1.c
typedef long unsigned int size_t;
typedef unsigned char __u_char;
typedef unsigned short int __u_short;
typedef unsigned int __u_int;
typedef unsigned long int __u_long;
typedef signed char __int8_t;
typedef unsigned char __uint8_t;
typedef signed short int __int16_t;
typedef unsigned short int __uint16_t;
typedef signed int __int32_t;
typedef unsigned int __uint32_t;
typedef signed long int __int64_t;
typedef unsigned long int __uint64_t;
typedef long int __quad_t;
typedef unsigned long int __u_quad_t;
typedef long int __intmax_t;
typedef unsigned long int __uintmax_t;
typedef unsigned long int __dev_t;
typedef unsigned int __uid_t;
typedef unsigned int __gid_t;
typedef unsigned long int __ino_t;
typedef unsigned long int __ino64_t;
typedef unsigned int __mode_t;
typedef unsigned long int __nlink_t;
typedef long int __off_t;
typedef long int __off64_t;
typedef int __pid_t;
typedef struct { int __val[2]; } __fsid_t;
typedef long int __clock_t;
typedef unsigned long int __rlim_t;
typedef unsigned long int __rlim64_t;
typedef unsigned int __id_t;
typedef long int __time_t;
typedef unsigned int __useconds_t;
typedef long int __suseconds_t;
typedef int __daddr_t;
typedef int __key_t;
typedef int __clockid_t;
typedef void * __timer_t;
typedef long int __blksize_t;
typedef long int __blkcnt_t;
typedef long int __blkcnt64_t;
typedef unsigned long int __fsblkcnt_t;
typedef unsigned long int __fsblkcnt64_t;
typedef unsigned long int __fsfilcnt_t;
typedef unsigned long int __fsfilcnt64_t;
typedef long int __fsword_t;
typedef long int __ssize_t;
typedef long int __syscall_slong_t;
typedef unsigned long int __syscall_ulong_t;
typedef __off64_t __loff_t;
typedef char *__caddr_t;
typedef long int __intptr_t;
typedef unsigned int __socklen_t;
typedef int __sig_atomic_t;
struct _IO_FILE;
typedef struct _IO_FILE __FILE;
struct _IO_FILE;
typedef struct _IO_FILE FILE;
typedef struct
{
int __count;
union
{
unsigned int __wch;
char __wchb[4];
} __value;
} __mbstate_t;
typedef struct
{
__off_t __pos;
__mbstate_t __state;
} _G_fpos_t;
typedef struct
{
__off64_t __pos;
__mbstate_t __state;
} _G_fpos64_t;
typedef __builtin_va_list __gnuc_va_list;
struct _IO_jump_t; struct _IO_FILE;
typedef void _IO_lock_t;
struct _IO_marker {
struct _IO_marker *_next;
struct _IO_FILE *_sbuf;
int _pos;
};
enum __codecvt_result
{
__codecvt_ok,
__codecvt_partial,
__codecvt_error,
__codecvt_noconv
};
struct _IO_FILE {
int _flags;
char* _IO_read_ptr;
char* _IO_read_end;
char* _IO_read_base;
char* _IO_write_base;
char* _IO_write_ptr;
char* _IO_write_end;
char* _IO_buf_base;
char* _IO_buf_end;
char *_IO_save_base;
char *_IO_backup_base;
char *_IO_save_end;vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
struct _IO_marker *_markers;
struct _IO_FILE *_chain;
int _fileno;
int _flags2;
__off_t _old_offset;
unsigned short _cur_column;
signed char _vtable_offset;
char _shortbuf[1];
_IO_lock_t *_lock;
__off64_t _offset;
void *__pad1;
void *__pad2;
void *__pad3;
void *__pad4;
size_t __pad5;
int _mode;
char _unused2[15 * sizeof (int) - 4 * sizeof (void *) - sizeof (size_t)];
};
typedef struct _IO_FILE _IO_FILE;
struct _IO_FILE_plus;
extern struct _IO_FILE_plus _IO_2_1_stdin_;
extern struct _IO_FILE_plus _IO_2_1_stdout_;
extern struct _IO_FILE_plus _IO_2_1_stderr_;
typedef __ssize_t __io_read_fn (void *__cookie, char *__buf, size_t __nbytes);
typedef __ssize_t __io_write_fn (void *__cookie, const char *__buf,
size_t __n);
typedef int __io_seek_fn (void *__cookie, __off64_t *__pos, int __w);
typedef int __io_close_fn (void *__cookie);
extern int __underflow (_IO_FILE *);
extern int __uflow (_IO_FILE *);
extern int __overflow (_IO_FILE *, int);
extern int _IO_getc (_IO_FILE *__fp);
extern int _IO_putc (int __c, _IO_FILE *__fp);
extern int _IO_feof (_IO_FILE *__fp) __attribute__ ((__nothrow__ , __leaf__));
extern int _IO_ferror (_IO_FILE *__fp) __attribute__ ((__nothrow__ , __leaf__));
extern int _IO_peekc_locked (_IO_FILE *__fp);
extern void _IO_flockfile (_IO_FILE *) __attribute__ ((__nothrow__ , __leaf__));
extern void _IO_funlockfile (_IO_FILE *) __attribute__ ((__nothrow__ , __leaf__));
extern int _IO_ftrylockfile (_IO_FILE *) __attribute__ ((__nothrow__ , __leaf__));
extern int _IO_vfscanf (_IO_FILE * __restrict, const char * __restrict,
__gnuc_va_list, int *__restrict);
extern int _IO_vfprintf (_IO_FILE *__restrict, const char *__restrict,
__gnuc_va_list);
extern __ssize_t _IO_padn (_IO_FILE *, int, __ssize_t);
extern size_t _IO_sgetn (_IO_FILE *, void *, size_t);
extern __off64_t _IO_seekoff (_IO_FILE *, __off64_t, int, int);
extern __off64_t _IO_seekpos (_IO_FILE *, __off64_t, int);
extern void _IO_free_backup_area (_IO_FILE *) __attribute__ ((__nothrow__ , __leaf__));
typedef __gnuc_va_list va_list;
typedef __off_t off_t;
typedef __ssize_t ssize_t;
typedef _G_fpos_t fpos_t;
extern struct _IO_FILE *stdin;
extern struct _IO_FILE *stdout;
extern struct _IO_FILE *stderr;
extern int remove (const char *__filename) __attribute__ ((__nothrow__ , __leaf__));
extern int rename (const char *__old, const char *__new) __attribute__ ((__nothrow__ , __leaf__));
extern int renameat (int __oldfd, const char *__old, int __newfd,
const char *__new) __attribute__ ((__nothrow__ , __leaf__));
extern FILE *tmpfile (void) ;
extern char *tmpnam (char *__s) __attribute__ ((__nothrow__ , __leaf__)) ;
extern char *tmpnam_r (char *__s) __attribute__ ((__nothrow__ , __leaf__)) ;
extern char *tempnam (const char *__dir, const char *__pfx)
__attribute__ ((__nothrow__ , __leaf__)) __attribute__ ((__malloc__)) ;
extern int fclose (FILE *__stream);
extern int fflush (FILE *__stream);
extern int fflush_unlocked (FILE *__stream);
extern FILE *fopen (const char *__restrict __filename,
const char *__restrict __modes) ;
extern FILE *freopen (const char *__restrict __filename,
const char *__restrict __modes,
FILE *__restrict __stream) ;
extern FILE *fdopen (int __fd, const char *__modes) __attribute__ ((__nothrow__ , __leaf__)) ;
extern FILE *fmemopen (void *__s, size_t __len, const char *__modes)
__attribute__ ((__nothrow__ , __leaf__)) ;
extern FILE *open_memstream (char **__bufloc, size_t *__sizeloc) __attribute__ ((__nothrow__ , __leaf__)) ;
extern void setbuf (FILE *__restrict __stream, char *__restrict __buf) __attribute__ ((__nothrow__ , __leaf__));
extern int setvbuf (FILE *__restrict __stream, char *__restrict __buf,
int __modes, size_t __n) __attribute__ ((__nothrow__ , __leaf__));
extern void setbuffer (FILE *__restrict __stream, char *__restrict __buf,
size_t __size) __attribute__ ((__nothrow__ , __leaf__));
extern void setlinebuf (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__));
extern int fprintf (FILE *__restrict __stream,
const char *__restrict __format, ...);
extern int printf (const char *__restrict __format, ...);
extern int sprintf (char *__restrict __s,
const char *__restrict __format, ...) __attribute__ ((__nothrow__));
extern int vfprintf (FILE *__restrict __s, const char *__restrict __format,
__gnuc_va_list __arg);
extern int vprintf (const char *__restrict __format, __gnuc_va_list __arg);
extern int vsprintf (char *__restrict __s, const char *__restrict __format,
__gnuc_va_list __arg) __attribute__ ((__nothrow__));
extern int snprintf (char *__restrict __s, size_t __maxlen,
const char *__restrict __format, ...)
__attribute__ ((__nothrow__)) __attribute__ ((__format__ (__printf__, 3, 4)));
extern int vsnprintf (char *__restrict __s, size_t __maxlen,
const char *__restrict __format, __gnuc_va_list __arg)
__attribute__ ((__nothrow__)) __attribute__ ((__format__ (__printf__, 3, 0)));
extern int vdprintf (int __fd, const char *__restrict __fmt,
__gnuc_va_list __arg)
__attribute__ ((__format__ (__printf__, 2, 0)));
extern int dprintf (int __fd, const char *__restrict __fmt, ...)
__attribute__ ((__format__ (__printf__, 2, 3)));
extern int fscanf (FILE *__restrict __stream,
const char *__restrict __format, ...) ;
extern int scanf (const char *__restrict __format, ...) ;
extern int sscanf (const char *__restrict __s,
const char *__restrict __format, ...) __attribute__ ((__nothrow__ , __leaf__));
extern int fscanf (FILE *__restrict __stream, const char *__restrict __format, ...) __asm__ ("" "__isoc99_fscanf") ;
extern int scanf (const char *__restrict __format, ...) __asm__ ("" "__isoc99_scanf") ;
extern int sscanf (const char *__restrict __s, const char *__restrict __format, ...) __asm__ ("" "__isoc99_sscanf") __attribute__ ((__nothrow__ , __leaf__));
extern int vfscanf (FILE *__restrict __s, const char *__restrict __format,
__gnuc_va_list __arg)
__attribute__ ((__format__ (__scanf__, 2, 0))) ;
extern int vscanf (const char *__restrict __format, __gnuc_va_list __arg)
__attribute__ ((__format__ (__scanf__, 1, 0))) ;
extern int vsscanf (const char *__restrict __s,
const char *__restrict __format, __gnuc_va_list __arg)
__attribute__ ((__nothrow__ , __leaf__)) __attribute__ ((__format__ (__scanf__, 2, 0)));
extern int vfscanf (FILE *__restrict __s, const char *__restrict __format, __gnuc_va_list __arg) __asm__ ("" "__isoc99_vfscanf")
__attribute__ ((__format__ (__scanf__, 2, 0))) ;
extern int vscanf (const char *__restrict __format, __gnuc_va_list __arg) __asm__ ("" "__isoc99_vscanf")
__attribute__ ((__format__ (__scanf__, 1, 0))) ;
extern int vsscanf (const char *__restrict __s, const char *__restrict __format, __gnuc_va_list __arg) __asm__ ("" "__isoc99_vsscanf") __attribute__ ((__nothrow__ , __leaf__))
__attribute__ ((__format__ (__scanf__, 2, 0)));
extern int fgetc (FILE *__stream);
extern int getc (FILE *__stream);
extern int getchar (void);
extern int getc_unlocked (FILE *__stream);
extern int getchar_unlocked (void);
extern int fgetc_unlocked (FILE *__stream);
extern int fputc (int __c, FILE *__stream);
extern int putc (int __c, FILE *__stream);
extern int putchar (int __c);
extern int fputc_unlocked (int __c, FILE *__stream);
extern int putc_unlocked (int __c, FILE *__stream);
extern int putchar_unlocked (int __c);
extern int getw (FILE *__stream);
extern int putw (int __w, FILE *__stream);
extern char *fgets (char *__restrict __s, int __n, FILE *__restrict __stream)
;
extern __ssize_t __getdelim (char **__restrict __lineptr,
size_t *__restrict __n, int __delimiter,
FILE *__restrict __stream) ;
extern __ssize_t getdelim (char **__restrict __lineptr,
size_t *__restrict __n, int __delimiter,
FILE *__restrict __stream) ;
extern __ssize_t getline (char **__restrict __lineptr,
size_t *__restrict __n,
FILE *__restrict __stream) ;
extern int fputs (const char *__restrict __s, FILE *__restrict __stream);
extern int puts (const char *__s);
extern int ungetc (int __c, FILE *__stream);
extern size_t fread (void *__restrict __ptr, size_t __size,
size_t __n, FILE *__restrict __stream) ;
extern size_t fwrite (const void *__restrict __ptr, size_t __size,
size_t __n, FILE *__restrict __s);
extern size_t fread_unlocked (void *__restrict __ptr, size_t __size,
size_t __n, FILE *__restrict __stream) ;
extern size_t fwrite_unlocked (const void *__restrict __ptr, size_t __size,
size_t __n, FILE *__restrict __stream);
extern int fseek (FILE *__stream, long int __off, int __whence);
extern long int ftell (FILE *__stream) ;
extern void rewind (FILE *__stream);
extern int fseeko (FILE *__stream, __off_t __off, int __whence);
extern __off_t ftello (FILE *__stream) ;
extern int fgetpos (FILE *__restrict __stream, fpos_t *__restrict __pos);
extern int fsetpos (FILE *__stream, const fpos_t *__pos);
extern void clearerr (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__));
extern int feof (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern int ferror (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern void clearerr_unlocked (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__));
extern int feof_unlocked (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern int ferror_unlocked (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern void perror (const char *__s);
extern int sys_nerr;
extern const char *const sys_errlist[];
extern int fileno (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern int fileno_unlocked (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern FILE *popen (const char *__command, const char *__modes) ;
extern int pclose (FILE *__stream);
extern char *ctermid (char *__s) __attribute__ ((__nothrow__ , __leaf__));
extern void flockfile (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__));
extern int ftrylockfile (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__)) ;
extern void funlockfile (FILE *__stream) __attribute__ ((__nothrow__ , __leaf__));
int add(int a, int b)
{
printf("int a: %d\n, int b: %d\n, result: %d\n",a,b,a+b);
return a+b;
}
int sub(int a, int b)
{
printf("int a: %d\n, int b: %d\n, result: %d\n",a,b,a-b);
return a-b;
}
int main(int argv, char* argc[])
{
printf("[+] Start Main Func\n");
add(2,5);
sub(3,1);
return 0;
}
C
복사
1.
전처리 구문 위치에 헤더파일 소스코드가 복사되었습니다.
1.3 컴파일 단계 결과물 (Assembly)
# cat ex1.s
.file "ex1.c"
.intel_syntax noprefix
.text
.section .rodata
.align 8
.LC0:
.string "int a: %d\n, int b: %d\n, result: %d\n"
.text
.globl add
.type add, @function
add:
.LFB0:
.cfi_startproc
push rbp
.cfi_def_cfa_offset 16
.cfi_offset 6, -16
mov rbp, rsp
.cfi_def_cfa_register 6
sub rsp, 16
mov DWORD PTR -4[rbp], edi
mov DWORD PTR -8[rbp], esi
mov edx, DWORD PTR -4[rbp]
mov eax, DWORD PTR -8[rbp]
lea ecx, [rdx+rax]
mov edx, DWORD PTR -8[rbp]
mov eax, DWORD PTR -4[rbp]
mov esi, eax
lea rdi, .LC0[rip]
mov eax, 0
call printf@PLT
mov edx, DWORD PTR -4[rbp]
mov eax, DWORD PTR -8[rbp]
add eax, edx
leave
.cfi_def_cfa 7, 8
ret
.cfi_endproc
.LFE0:
.size add, .-add
.globl sub
.type sub, @function
sub:
.LFB1:
.cfi_startproc
push rbp
.cfi_def_cfa_offset 16
.cfi_offset 6, -16
mov rbp, rsp
.cfi_def_cfa_register 6
sub rsp, 16
mov DWORD PTR -4[rbp], edi
mov DWORD PTR -8[rbp], esi
mov eax, DWORD PTR -4[rbp]
sub eax, DWORD PTR -8[rbp]
mov ecx, eax
mov edx, DWORD PTR -8[rbp]
mov eax, DWORD PTR -4[rbp]
mov esi, eax
lea rdi, .LC0[rip]
mov eax, 0
call printf@PLT
mov eax, DWORD PTR -4[rbp]
sub eax, DWORD PTR -8[rbp]
leave
.cfi_def_cfa 7, 8
ret
.cfi_endproc
.LFE1:
.size sub, .-sub
.section .rodata
.LC1:
.string "[+] Start Main Func"
.text
.globl main
.type main, @function
main:
.LFB2:
.cfi_startproc
push rbp
.cfi_def_cfa_offset 16
.cfi_offset 6, -16
mov rbp, rsp
.cfi_def_cfa_register 6
sub rsp, 16
mov DWORD PTR -4[rbp], edi
mov QWORD PTR -16[rbp], rsi
lea rdi, .LC1[rip]
call puts@PLT
mov esi, 5
mov edi, 2
call add
mov esi, 1
mov edi, 3
call sub
mov eax, 0
leave
.cfi_def_cfa 7, 8
ret
.cfi_endproc
.LFE2:
.size main, .-main
.ident "GCC: (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0"
.section .note.GNU-stack,"",@progbits
C
복사
1.
함수별로 나뉘어서 정리되어 있습니다.
2.
문자열의 경우 다른 함수에서 사용하더라도 같을 경우 하나의 변수로 저장하고 있습니다.
1.4 Object File Disassemble
# objdump -sj .rodata ex1.o
ex1.o: file format elf64-x86-64
Contents of section .rodata:
0000 696e7420 613a2025 640a2c20 696e7420 int a: %d., int
0010 623a2025 640a2c20 72657375 6c743a20 b: %d., result:
0020 25640a00 5b2b5d20 53746172 74204d61 %d..[+] Start Ma
0030 696e2046 756e6300 in Func.
root@DESKTOP-2HBCL3H:~/chp1/ex#
C
복사
1.
.rodata Section에는 사용하는 문자열이 저장되어 있습니다.
# objdump -M intel -d ex1.o
ex1.o: file format elf64-x86-64
Disassembly of section .text:
0000000000000000 <add>:
0: 55 push rbp
1: 48 89 e5 mov rbp,rsp
4: 48 83 ec 10 sub rsp,0x10
8: 89 7d fc mov DWORD PTR [rbp-0x4],edi
b: 89 75 f8 mov DWORD PTR [rbp-0x8],esi
e: 8b 55 fc mov edx,DWORD PTR [rbp-0x4]
11: 8b 45 f8 mov eax,DWORD PTR [rbp-0x8]
14: 8d 0c 02 lea ecx,[rdx+rax*1]
17: 8b 55 f8 mov edx,DWORD PTR [rbp-0x8]
1a: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
1d: 89 c6 mov esi,eax
1f: 48 8d 3d 00 00 00 00 lea rdi,[rip+0x0] # 26 <add+0x26>
26: b8 00 00 00 00 mov eax,0x0
2b: e8 00 00 00 00 call 30 <add+0x30>
30: 8b 55 fc mov edx,DWORD PTR [rbp-0x4]
33: 8b 45 f8 mov eax,DWORD PTR [rbp-0x8]
36: 01 d0 add eax,edx
38: c9 leave
39: c3 ret
000000000000003a <sub>:
3a: 55 push rbp
3b: 48 89 e5 mov rbp,rsp
3e: 48 83 ec 10 sub rsp,0x10
42: 89 7d fc mov DWORD PTR [rbp-0x4],edi
45: 89 75 f8 mov DWORD PTR [rbp-0x8],esi
48: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
4b: 2b 45 f8 sub eax,DWORD PTR [rbp-0x8]
4e: 89 c1 mov ecx,eax
50: 8b 55 f8 mov edx,DWORD PTR [rbp-0x8]
53: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
56: 89 c6 mov esi,eax
58: 48 8d 3d 00 00 00 00 lea rdi,[rip+0x0] # 5f <sub+0x25>
5f: b8 00 00 00 00 mov eax,0x0
64: e8 00 00 00 00 call 69 <sub+0x2f>
69: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6c: 2b 45 f8 sub eax,DWORD PTR [rbp-0x8]
6f: c9 leave
70: c3 ret
0000000000000071 <main>:
71: 55 push rbp
72: 48 89 e5 mov rbp,rsp
75: 48 83 ec 10 sub rsp,0x10
79: 89 7d fc mov DWORD PTR [rbp-0x4],edi
7c: 48 89 75 f0 mov QWORD PTR [rbp-0x10],rsi
80: 48 8d 3d 00 00 00 00 lea rdi,[rip+0x0] # 87 <main+0x16>
87: e8 00 00 00 00 call 8c <main+0x1b>
8c: be 05 00 00 00 mov esi,0x5
91: bf 02 00 00 00 mov edi,0x2
96: e8 00 00 00 00 call 9b <main+0x2a>
9b: be 01 00 00 00 mov esi,0x1
a0: bf 03 00 00 00 mov edi,0x3
a5: e8 00 00 00 00 call aa <main+0x39>
aa: b8 00 00 00 00 mov eax,0x0
af: c9 leave
b0: c3 ret
C
복사
1.
함수별로 나뉘어서 보여줍니다.
2.
링킹되지 않아 변수들의 주소값이 비어있습니다.
1.5 Binary Disassemble
Not Stripped
# objdump -M intel -d a.out
a.out: file format elf64-x86-64
Disassembly of section .init:
0000000000000528 <_init>:
528: 48 83 ec 08 sub rsp,0x8
52c: 48 8b 05 b5 0a 20 00 mov rax,QWORD PTR [rip+0x200ab5] # 200fe8 <__gmon_start__>
533: 48 85 c0 test rax,rax
536: 74 02 je 53a <_init+0x12>
538: ff d0 call rax
53a: 48 83 c4 08 add rsp,0x8
53e: c3 ret
Disassembly of section .plt:
0000000000000540 <.plt>:
540: ff 35 72 0a 20 00 push QWORD PTR [rip+0x200a72] # 200fb8 <_GLOBAL_OFFSET_TABLE_+0x8>
546: ff 25 74 0a 20 00 jmp QWORD PTR [rip+0x200a74] # 200fc0 <_GLOBAL_OFFSET_TABLE_+0x10>
54c: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
0000000000000550 <puts@plt>:
550: ff 25 72 0a 20 00 jmp QWORD PTR [rip+0x200a72] # 200fc8 <puts@GLIBC_2.2.5>
556: 68 00 00 00 00 push 0x0
55b: e9 e0 ff ff ff jmp 540 <.plt>
0000000000000560 <printf@plt>:
560: ff 25 6a 0a 20 00 jmp QWORD PTR [rip+0x200a6a] # 200fd0 <printf@GLIBC_2.2.5>
566: 68 01 00 00 00 push 0x1
56b: e9 d0 ff ff ff jmp 540 <.plt>
Disassembly of section .plt.got:
0000000000000570 <__cxa_finalize@plt>:
570: ff 25 82 0a 20 00 jmp QWORD PTR [rip+0x200a82] # 200ff8 <__cxa_finalize@GLIBC_2.2.5>
576: 66 90 xchg ax,ax
Disassembly of section .text:
0000000000000580 <_start>:
580: 31 ed xor ebp,ebp
582: 49 89 d1 mov r9,rdx
585: 5e pop rsi
586: 48 89 e2 mov rdx,rsp
589: 48 83 e4 f0 and rsp,0xfffffffffffffff0
58d: 50 push rax
58e: 54 push rsp
58f: 4c 8d 05 1a 02 00 00 lea r8,[rip+0x21a] # 7b0 <__libc_csu_fini>
596: 48 8d 0d a3 01 00 00 lea rcx,[rip+0x1a3] # 740 <__libc_csu_init>
59d: 48 8d 3d 57 01 00 00 lea rdi,[rip+0x157] # 6fb <main>
5a4: ff 15 36 0a 20 00 call QWORD PTR [rip+0x200a36] # 200fe0 <__libc_start_main@GLIBC_2.2.5>
5aa: f4 hlt
5ab: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
00000000000005b0 <deregister_tm_clones>:
5b0: 48 8d 3d 59 0a 20 00 lea rdi,[rip+0x200a59] # 201010 <__TMC_END__>
5b7: 55 push rbp
5b8: 48 8d 05 51 0a 20 00 lea rax,[rip+0x200a51] # 201010 <__TMC_END__>
5bf: 48 39 f8 cmp rax,rdi
5c2: 48 89 e5 mov rbp,rsp
5c5: 74 19 je 5e0 <deregister_tm_clones+0x30>
5c7: 48 8b 05 0a 0a 20 00 mov rax,QWORD PTR [rip+0x200a0a] # 200fd8 <_ITM_deregisterTMCloneTable>
5ce: 48 85 c0 test rax,rax
5d1: 74 0d je 5e0 <deregister_tm_clones+0x30>
5d3: 5d pop rbp
5d4: ff e0 jmp rax
5d6: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
5dd: 00 00 00
5e0: 5d pop rbp
5e1: c3 ret
5e2: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
5e6: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
5ed: 00 00 00
00000000000005f0 <register_tm_clones>:
5f0: 48 8d 3d 19 0a 20 00 lea rdi,[rip+0x200a19] # 201010 <__TMC_END__>
5f7: 48 8d 35 12 0a 20 00 lea rsi,[rip+0x200a12] # 201010 <__TMC_END__>
5fe: 55 push rbp
5ff: 48 29 fe sub rsi,rdi
602: 48 89 e5 mov rbp,rsp
605: 48 c1 fe 03 sar rsi,0x3
609: 48 89 f0 mov rax,rsi
60c: 48 c1 e8 3f shr rax,0x3f
610: 48 01 c6 add rsi,rax
613: 48 d1 fe sar rsi,1
616: 74 18 je 630 <register_tm_clones+0x40>
618: 48 8b 05 d1 09 20 00 mov rax,QWORD PTR [rip+0x2009d1] # 200ff0 <_ITM_registerTMCloneTable>
61f: 48 85 c0 test rax,rax
622: 74 0c je 630 <register_tm_clones+0x40>
624: 5d pop rbp
625: ff e0 jmp rax
627: 66 0f 1f 84 00 00 00 nop WORD PTR [rax+rax*1+0x0]
62e: 00 00
630: 5d pop rbp
631: c3 ret
632: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
636: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
63d: 00 00 00
0000000000000640 <__do_global_dtors_aux>:
640: 80 3d c9 09 20 00 00 cmp BYTE PTR [rip+0x2009c9],0x0 # 201010 <__TMC_END__>
647: 75 2f jne 678 <__do_global_dtors_aux+0x38>
649: 48 83 3d a7 09 20 00 cmp QWORD PTR [rip+0x2009a7],0x0 # 200ff8 <__cxa_finalize@GLIBC_2.2.5>
650: 00
651: 55 push rbp
652: 48 89 e5 mov rbp,rsp
655: 74 0c je 663 <__do_global_dtors_aux+0x23>
657: 48 8b 3d aa 09 20 00 mov rdi,QWORD PTR [rip+0x2009aa] # 201008 <__dso_handle>
65e: e8 0d ff ff ff call 570 <__cxa_finalize@plt>
663: e8 48 ff ff ff call 5b0 <deregister_tm_clones>
668: c6 05 a1 09 20 00 01 mov BYTE PTR [rip+0x2009a1],0x1 # 201010 <__TMC_END__>
66f: 5d pop rbp
670: c3 ret
671: 0f 1f 80 00 00 00 00 nop DWORD PTR [rax+0x0]
678: f3 c3 repz ret
67a: 66 0f 1f 44 00 00 nop WORD PTR [rax+rax*1+0x0]
0000000000000680 <frame_dummy>:
680: 55 push rbp
681: 48 89 e5 mov rbp,rsp
684: 5d pop rbp
685: e9 66 ff ff ff jmp 5f0 <register_tm_clones>
000000000000068a <add>:
68a: 55 push rbp
68b: 48 89 e5 mov rbp,rsp
68e: 48 83 ec 10 sub rsp,0x10
692: 89 7d fc mov DWORD PTR [rbp-0x4],edi
695: 89 75 f8 mov DWORD PTR [rbp-0x8],esi
698: 8b 55 fc mov edx,DWORD PTR [rbp-0x4]
69b: 8b 45 f8 mov eax,DWORD PTR [rbp-0x8]
69e: 8d 0c 02 lea ecx,[rdx+rax*1]
6a1: 8b 55 f8 mov edx,DWORD PTR [rbp-0x8]
6a4: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6a7: 89 c6 mov esi,eax
6a9: 48 8d 3d 18 01 00 00 lea rdi,[rip+0x118] # 7c8 <_IO_stdin_used+0x8>
6b0: b8 00 00 00 00 mov eax,0x0
6b5: e8 a6 fe ff ff call 560 <printf@plt>
6ba: 8b 55 fc mov edx,DWORD PTR [rbp-0x4]
6bd: 8b 45 f8 mov eax,DWORD PTR [rbp-0x8]
6c0: 01 d0 add eax,edx
6c2: c9 leave
6c3: c3 ret
00000000000006c4 <sub>:
6c4: 55 push rbp
6c5: 48 89 e5 mov rbp,rsp
6c8: 48 83 ec 10 sub rsp,0x10
6cc: 89 7d fc mov DWORD PTR [rbp-0x4],edi
6cf: 89 75 f8 mov DWORD PTR [rbp-0x8],esi
6d2: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6d5: 2b 45 f8 sub eax,DWORD PTR [rbp-0x8]
6d8: 89 c1 mov ecx,eax
6da: 8b 55 f8 mov edx,DWORD PTR [rbp-0x8]
6dd: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6e0: 89 c6 mov esi,eax
6e2: 48 8d 3d df 00 00 00 lea rdi,[rip+0xdf] # 7c8 <_IO_stdin_used+0x8>
6e9: b8 00 00 00 00 mov eax,0x0
6ee: e8 6d fe ff ff call 560 <printf@plt>
6f3: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6f6: 2b 45 f8 sub eax,DWORD PTR [rbp-0x8]
6f9: c9 leave
6fa: c3 ret
00000000000006fb <main>:
6fb: 55 push rbp
6fc: 48 89 e5 mov rbp,rsp
6ff: 48 83 ec 10 sub rsp,0x10
703: 89 7d fc mov DWORD PTR [rbp-0x4],edi
706: 48 89 75 f0 mov QWORD PTR [rbp-0x10],rsi
70a: 48 8d 3d db 00 00 00 lea rdi,[rip+0xdb] # 7ec <_IO_stdin_used+0x2c>
711: e8 3a fe ff ff call 550 <puts@plt>
716: be 05 00 00 00 mov esi,0x5
71b: bf 02 00 00 00 mov edi,0x2
720: e8 65 ff ff ff call 68a <add>
725: be 01 00 00 00 mov esi,0x1
72a: bf 03 00 00 00 mov edi,0x3
72f: e8 90 ff ff ff call 6c4 <sub>
734: b8 00 00 00 00 mov eax,0x0
739: c9 leave
73a: c3 ret
73b: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
0000000000000740 <__libc_csu_init>:
740: 41 57 push r15
742: 41 56 push r14
744: 49 89 d7 mov r15,rdx
747: 41 55 push r13
749: 41 54 push r12
74b: 4c 8d 25 5e 06 20 00 lea r12,[rip+0x20065e] # 200db0 <__frame_dummy_init_array_entry>
752: 55 push rbp
753: 48 8d 2d 5e 06 20 00 lea rbp,[rip+0x20065e] # 200db8 <__init_array_end>
75a: 53 push rbx
75b: 41 89 fd mov r13d,edi
75e: 49 89 f6 mov r14,rsi
761: 4c 29 e5 sub rbp,r12
764: 48 83 ec 08 sub rsp,0x8
768: 48 c1 fd 03 sar rbp,0x3
76c: e8 b7 fd ff ff call 528 <_init>
771: 48 85 ed test rbp,rbp
774: 74 20 je 796 <__libc_csu_init+0x56>
776: 31 db xor ebx,ebx
778: 0f 1f 84 00 00 00 00 nop DWORD PTR [rax+rax*1+0x0]
77f: 00
780: 4c 89 fa mov rdx,r15
783: 4c 89 f6 mov rsi,r14
786: 44 89 ef mov edi,r13d
789: 41 ff 14 dc call QWORD PTR [r12+rbx*8]
78d: 48 83 c3 01 add rbx,0x1
791: 48 39 dd cmp rbp,rbx
794: 75 ea jne 780 <__libc_csu_init+0x40>
796: 48 83 c4 08 add rsp,0x8
79a: 5b pop rbx
79b: 5d pop rbp
79c: 41 5c pop r12
79e: 41 5d pop r13
7a0: 41 5e pop r14
7a2: 41 5f pop r15
7a4: c3 ret
7a5: 90 nop
7a6: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
7ad: 00 00 00
00000000000007b0 <__libc_csu_fini>:
7b0: f3 c3 repz ret
Disassembly of section .fini:
00000000000007b4 <_fini>:
7b4: 48 83 ec 08 sub rsp,0x8
7b8: 48 83 c4 08 add rsp,0x8
7bc: c3 ret
root@DESKTOP-2HBCL3H:~/chp1/ex#
C
복사
Stripped
# objdump -M intel -d a.out.stripped
a.out.stripped: file format elf64-x86-64
Disassembly of section .init:
0000000000000528 <.init>:
528: 48 83 ec 08 sub rsp,0x8
52c: 48 8b 05 b5 0a 20 00 mov rax,QWORD PTR [rip+0x200ab5] # 200fe8 <__cxa_finalize@plt+0x200a78>
533: 48 85 c0 test rax,rax
536: 74 02 je 53a <puts@plt-0x16>
538: ff d0 call rax
53a: 48 83 c4 08 add rsp,0x8
53e: c3 ret
Disassembly of section .plt:
0000000000000540 <puts@plt-0x10>:
540: ff 35 72 0a 20 00 push QWORD PTR [rip+0x200a72] # 200fb8 <__cxa_finalize@plt+0x200a48>
546: ff 25 74 0a 20 00 jmp QWORD PTR [rip+0x200a74] # 200fc0 <__cxa_finalize@plt+0x200a50>
54c: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
0000000000000550 <puts@plt>:
550: ff 25 72 0a 20 00 jmp QWORD PTR [rip+0x200a72] # 200fc8 <__cxa_finalize@plt+0x200a58>
556: 68 00 00 00 00 push 0x0
55b: e9 e0 ff ff ff jmp 540 <puts@plt-0x10>
0000000000000560 <printf@plt>:
560: ff 25 6a 0a 20 00 jmp QWORD PTR [rip+0x200a6a] # 200fd0 <__cxa_finalize@plt+0x200a60>
566: 68 01 00 00 00 push 0x1
56b: e9 d0 ff ff ff jmp 540 <puts@plt-0x10>
Disassembly of section .plt.got:
0000000000000570 <__cxa_finalize@plt>:
570: ff 25 82 0a 20 00 jmp QWORD PTR [rip+0x200a82] # 200ff8 <__cxa_finalize@plt+0x200a88>
576: 66 90 xchg ax,ax
Disassembly of section .text:
0000000000000580 <.text>:
580: 31 ed xor ebp,ebp
582: 49 89 d1 mov r9,rdx
585: 5e pop rsi
586: 48 89 e2 mov rdx,rsp
589: 48 83 e4 f0 and rsp,0xfffffffffffffff0
58d: 50 push rax
58e: 54 push rsp
58f: 4c 8d 05 1a 02 00 00 lea r8,[rip+0x21a] # 7b0 <__cxa_finalize@plt+0x240>
596: 48 8d 0d a3 01 00 00 lea rcx,[rip+0x1a3] # 740 <__cxa_finalize@plt+0x1d0>
59d: 48 8d 3d 57 01 00 00 lea rdi,[rip+0x157] # 6fb <__cxa_finalize@plt+0x18b>
5a4: ff 15 36 0a 20 00 call QWORD PTR [rip+0x200a36] # 200fe0 <__cxa_finalize@plt+0x200a70>
5aa: f4 hlt
5ab: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
5b0: 48 8d 3d 59 0a 20 00 lea rdi,[rip+0x200a59] # 201010 <__cxa_finalize@plt+0x200aa0>
5b7: 55 push rbp
5b8: 48 8d 05 51 0a 20 00 lea rax,[rip+0x200a51] # 201010 <__cxa_finalize@plt+0x200aa0>
5bf: 48 39 f8 cmp rax,rdi
5c2: 48 89 e5 mov rbp,rsp
5c5: 74 19 je 5e0 <__cxa_finalize@plt+0x70>
5c7: 48 8b 05 0a 0a 20 00 mov rax,QWORD PTR [rip+0x200a0a] # 200fd8 <__cxa_finalize@plt+0x200a68>
5ce: 48 85 c0 test rax,rax
5d1: 74 0d je 5e0 <__cxa_finalize@plt+0x70>
5d3: 5d pop rbp
5d4: ff e0 jmp rax
5d6: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
5dd: 00 00 00
5e0: 5d pop rbp
5e1: c3 ret
5e2: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
5e6: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
5ed: 00 00 00
5f0: 48 8d 3d 19 0a 20 00 lea rdi,[rip+0x200a19] # 201010 <__cxa_finalize@plt+0x200aa0>
5f7: 48 8d 35 12 0a 20 00 lea rsi,[rip+0x200a12] # 201010 <__cxa_finalize@plt+0x200aa0>
5fe: 55 push rbp
5ff: 48 29 fe sub rsi,rdi
602: 48 89 e5 mov rbp,rsp
605: 48 c1 fe 03 sar rsi,0x3
609: 48 89 f0 mov rax,rsi
60c: 48 c1 e8 3f shr rax,0x3f
610: 48 01 c6 add rsi,rax
613: 48 d1 fe sar rsi,1
616: 74 18 je 630 <__cxa_finalize@plt+0xc0>
618: 48 8b 05 d1 09 20 00 mov rax,QWORD PTR [rip+0x2009d1] # 200ff0 <__cxa_finalize@plt+0x200a80>
61f: 48 85 c0 test rax,rax
622: 74 0c je 630 <__cxa_finalize@plt+0xc0>
624: 5d pop rbp
625: ff e0 jmp rax
627: 66 0f 1f 84 00 00 00 nop WORD PTR [rax+rax*1+0x0]
62e: 00 00
630: 5d pop rbp
631: c3 ret
632: 0f 1f 40 00 nop DWORD PTR [rax+0x0]
636: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
63d: 00 00 00
640: 80 3d c9 09 20 00 00 cmp BYTE PTR [rip+0x2009c9],0x0 # 201010 <__cxa_finalize@plt+0x200aa0>
647: 75 2f jne 678 <__cxa_finalize@plt+0x108>
649: 48 83 3d a7 09 20 00 cmp QWORD PTR [rip+0x2009a7],0x0 # 200ff8 <__cxa_finalize@plt+0x200a88>
650: 00
651: 55 push rbp
652: 48 89 e5 mov rbp,rsp
655: 74 0c je 663 <__cxa_finalize@plt+0xf3>
657: 48 8b 3d aa 09 20 00 mov rdi,QWORD PTR [rip+0x2009aa] # 201008 <__cxa_finalize@plt+0x200a98>
65e: e8 0d ff ff ff call 570 <__cxa_finalize@plt>
663: e8 48 ff ff ff call 5b0 <__cxa_finalize@plt+0x40>
668: c6 05 a1 09 20 00 01 mov BYTE PTR [rip+0x2009a1],0x1 # 201010 <__cxa_finalize@plt+0x200aa0>
66f: 5d pop rbp
670: c3 ret
671: 0f 1f 80 00 00 00 00 nop DWORD PTR [rax+0x0]
678: f3 c3 repz ret
67a: 66 0f 1f 44 00 00 nop WORD PTR [rax+rax*1+0x0]
680: 55 push rbp
681: 48 89 e5 mov rbp,rsp
684: 5d pop rbp
685: e9 66 ff ff ff jmp 5f0 <__cxa_finalize@plt+0x80>
68a: 55 push rbp
68b: 48 89 e5 mov rbp,rsp
68e: 48 83 ec 10 sub rsp,0x10
692: 89 7d fc mov DWORD PTR [rbp-0x4],edi
695: 89 75 f8 mov DWORD PTR [rbp-0x8],esi
698: 8b 55 fc mov edx,DWORD PTR [rbp-0x4]
69b: 8b 45 f8 mov eax,DWORD PTR [rbp-0x8]
69e: 8d 0c 02 lea ecx,[rdx+rax*1]
6a1: 8b 55 f8 mov edx,DWORD PTR [rbp-0x8]
6a4: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6a7: 89 c6 mov esi,eax
6a9: 48 8d 3d 18 01 00 00 lea rdi,[rip+0x118] # 7c8 <__cxa_finalize@plt+0x258>
6b0: b8 00 00 00 00 mov eax,0x0
6b5: e8 a6 fe ff ff call 560 <printf@plt>
6ba: 8b 55 fc mov edx,DWORD PTR [rbp-0x4]
6bd: 8b 45 f8 mov eax,DWORD PTR [rbp-0x8]
6c0: 01 d0 add eax,edx
6c2: c9 leave
6c3: c3 ret
6c4: 55 push rbp
6c5: 48 89 e5 mov rbp,rsp
6c8: 48 83 ec 10 sub rsp,0x10
6cc: 89 7d fc mov DWORD PTR [rbp-0x4],edi
6cf: 89 75 f8 mov DWORD PTR [rbp-0x8],esi
6d2: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6d5: 2b 45 f8 sub eax,DWORD PTR [rbp-0x8]
6d8: 89 c1 mov ecx,eax
6da: 8b 55 f8 mov edx,DWORD PTR [rbp-0x8]
6dd: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6e0: 89 c6 mov esi,eax
6e2: 48 8d 3d df 00 00 00 lea rdi,[rip+0xdf] # 7c8 <__cxa_finalize@plt+0x258>
6e9: b8 00 00 00 00 mov eax,0x0
6ee: e8 6d fe ff ff call 560 <printf@plt>
6f3: 8b 45 fc mov eax,DWORD PTR [rbp-0x4]
6f6: 2b 45 f8 sub eax,DWORD PTR [rbp-0x8]
6f9: c9 leave
6fa: c3 ret
6fb: 55 push rbp
6fc: 48 89 e5 mov rbp,rsp
6ff: 48 83 ec 10 sub rsp,0x10
703: 89 7d fc mov DWORD PTR [rbp-0x4],edi
706: 48 89 75 f0 mov QWORD PTR [rbp-0x10],rsi
70a: 48 8d 3d db 00 00 00 lea rdi,[rip+0xdb] # 7ec <__cxa_finalize@plt+0x27c>
711: e8 3a fe ff ff call 550 <puts@plt>
716: be 05 00 00 00 mov esi,0x5
71b: bf 02 00 00 00 mov edi,0x2
720: e8 65 ff ff ff call 68a <__cxa_finalize@plt+0x11a>
725: be 01 00 00 00 mov esi,0x1
72a: bf 03 00 00 00 mov edi,0x3
72f: e8 90 ff ff ff call 6c4 <__cxa_finalize@plt+0x154>
734: b8 00 00 00 00 mov eax,0x0
739: c9 leave
73a: c3 ret
73b: 0f 1f 44 00 00 nop DWORD PTR [rax+rax*1+0x0]
740: 41 57 push r15
742: 41 56 push r14
744: 49 89 d7 mov r15,rdx
747: 41 55 push r13
749: 41 54 push r12
74b: 4c 8d 25 5e 06 20 00 lea r12,[rip+0x20065e] # 200db0 <__cxa_finalize@plt+0x200840>
752: 55 push rbp
753: 48 8d 2d 5e 06 20 00 lea rbp,[rip+0x20065e] # 200db8 <__cxa_finalize@plt+0x200848>
75a: 53 push rbx
75b: 41 89 fd mov r13d,edi
75e: 49 89 f6 mov r14,rsi
761: 4c 29 e5 sub rbp,r12
764: 48 83 ec 08 sub rsp,0x8
768: 48 c1 fd 03 sar rbp,0x3
76c: e8 b7 fd ff ff call 528 <puts@plt-0x28>
771: 48 85 ed test rbp,rbp
774: 74 20 je 796 <__cxa_finalize@plt+0x226>
776: 31 db xor ebx,ebx
778: 0f 1f 84 00 00 00 00 nop DWORD PTR [rax+rax*1+0x0]
77f: 00
780: 4c 89 fa mov rdx,r15
783: 4c 89 f6 mov rsi,r14
786: 44 89 ef mov edi,r13d
789: 41 ff 14 dc call QWORD PTR [r12+rbx*8]
78d: 48 83 c3 01 add rbx,0x1
791: 48 39 dd cmp rbp,rbx
794: 75 ea jne 780 <__cxa_finalize@plt+0x210>
796: 48 83 c4 08 add rsp,0x8
79a: 5b pop rbx
79b: 5d pop rbp
79c: 41 5c pop r12
79e: 41 5d pop r13
7a0: 41 5e pop r14
7a2: 41 5f pop r15
7a4: c3 ret
7a5: 90 nop
7a6: 66 2e 0f 1f 84 00 00 nop WORD PTR cs:[rax+rax*1+0x0]
7ad: 00 00 00
7b0: f3 c3 repz ret
Disassembly of section .fini:
00000000000007b4 <.fini>:
7b4: 48 83 ec 08 sub rsp,0x8
7b8: 48 83 c4 08 add rsp,0x8
7bc: c3 ret
root@DESKTOP-2HBCL3H:~/chp1/ex#
C
복사
1.
.text Section의 함수 심볼 부분만 제거되어 있습니다.
2.
Binary의 사이즈가 크기 때문에 심볼이 없을 경우 분별하기 힘듭니다.
3.
함수 Intro와 Outro로 분별해야 합니다.
2. 섹션 정보
2.1 코드와 데이터가 존재하는 영역을 이처럼 분리시킨 이유는 무엇일까?
해당 메모리영역의 권한을 나눠야 하기 때문입니다.
코드 영역에는 RWX(Read, Write, Execute)중 X 권한만 존재하여야 하기 때문입니다.
코드영역에 W 권한이 존재하게 되면 코드 영역 수정이 가능하여 후킹, 코드인젝션 등 악의적인 행위가 가능하기 때문에
RW 권한이 존재하는 데이터 영역과 같이 사용할 수 없습니다.
2.2 코드 부분과 데이터 부분을 로드하는 과정이 어떻게 다를까?
데이터부분을 로드 한 뒤 코드 부분을 로드하고, 코드부분에 재배치를 수행하여 변수, 함수를 operned 영역에 배치해줘야 합니다.
출제자의 의도가 이게 맞는지는 잘....
2.3 바이너리가 실행돼 메모리에 로드될 때 각각의 모든 섹션들을 한꺼번에 전부 복사해서 사용하는 것이 과연 필수적일까?
필수적이라고 생각합니다.
각 섹션에는 해당 바이너리가 실행되기 위한 정보가 저장되어 있기 때문에 로드 할 때 모든 섹션의 정보를 로드 한 뒤 사용해야 합니다.
