티스토리 뷰
[Source Code]
#include <stdio.h>
void main(int argc, char* argv[]) {
printf("argv[%d] = %s\n", 0, argv[0]);
printf("argv[%d] = %s\n", 0, argv[0]);
if(argc == 2)
printf("argv[%d] = %s\n", 1, argv[1]);
}
printf("argv[%d] = %s\n", 1, argv[1]);
}
[Debug Mode]
00401005 /$ /E9 06000000 jmp main
0040100A | |CC int3
0040100B | |CC int3
0040100C | |CC int3
0040100D | |CC int3
0040100E | |CC int3
0040100F | |CC int3
00401010 >|> \55 push ebp
00401011 |. 8BEC mov ebp, esp
00401013 |. 83EC 40 sub esp, 40
00401016 |. 53 push ebx
00401017 |. 56 push esi
00401018 |. 57 push edi
00401019 |. 8D7D C0 lea edi, dword ptr [ebp-40]
0040101C |. B9 10000000 mov ecx, 10
00401021 |. B8 CCCCCCCC mov eax, CCCCCCCC
00401026 |. F3:AB rep stos dword ptr es:[edi]
00401028 |. 8B45 0C mov eax, dword ptr [ebp+C]
0040102B |. 8B08 mov ecx, dword ptr [eax]
0040102D |. 51 push ecx ; /<%s>
0040102E |. 6A 00 push 0 ; |<%d> = 0
00401030 |. 68 802E4200 push 00422E80 ; |format = "argv[%d] = %s
"
00401035 |. E8 56C60000 call printf ; \printf
0040103A |. 83C4 0C add esp, 0C
0040103D |. 837D 08 02 cmp dword ptr [ebp+8], 2
00401041 |. 75 16 jnz short 00401059
00401043 |. 8B55 0C mov edx, dword ptr [ebp+C]
00401046 |. 8B42 04 mov eax, dword ptr [edx+4]
00401049 |. 50 push eax ; /<%s>
0040104A |. 6A 01 push 1 ; |<%d> = 1
0040104C |. 68 802E4200 push 00422E80 ; |format = "argv[%d] = %s
"
00401051 |. E8 3AC60000 call printf ; \printf
00401056 |. 83C4 0C add esp, 0C
00401059 |> 5F pop edi
0040105A |. 5E pop esi
0040105B |. 5B pop ebx
0040105C |. 83C4 40 add esp, 40
0040105F |. 3BEC cmp ebp, esp
00401061 |. E8 EAC50000 call _chkesp
00401066 |. 8BE5 mov esp, ebp
00401068 |. 5D pop ebp
00401069 \. C3 retn
0040106A CC int3
0040106B CC int3
0040106C CC int3
0040106D CC int3
0040106E CC int3
0040106F CC int3
00401070 CC int3
00401071 CC int3
00401072 CC int3
00401073 CC int3
00401074 CC int3
00401075 CC int3
00401076 CC int3
00401077 CC int3
00401078 CC int3
00401079 CC int3
0040107A CC int3
0040107B CC int3
0040107C CC int3
0040107D CC int3
0040107E CC int3
0040107F CC int3
00401080 >/$ 55 push ebp
00401081 |. 8BEC mov ebp, esp
00401083 |. 6A FF push -1
00401085 |. 68 20204200 push 00422020
0040108A |. 68 E0264000 push _except_handler3 ; SE handler installation
0040108F |. 64:A1 0000000>mov eax, dword ptr fs:[0]
00401095 |. 50 push eax
00401096 |. 64:8925 00000>mov dword ptr fs:[0], esp
0040109D |. 83C4 F0 add esp, -10
004010A0 |. 53 push ebx
004010A1 |. 56 push esi
004010A2 |. 57 push edi
004010A3 |. 8965 E8 mov dword ptr [ebp-18], esp
004010A6 |. FF15 4CA14200 call dword ptr [<&KERNEL32.GetVersion>; kernel32.GetVersion
004010AC |. A3 7C7C4200 mov dword ptr [_osver], eax
004010B1 |. A1 7C7C4200 mov eax, dword ptr [_osver]
004010B6 |. C1E8 08 shr eax, 8
004010B9 |. 25 FF000000 and eax, 0FF
004010BE |. A3 887C4200 mov dword ptr [_winminor], eax
004010C3 |. 8B0D 7C7C4200 mov ecx, dword ptr [_osver]
004010C9 |. 81E1 FF000000 and ecx, 0FF
004010CF |. 890D 847C4200 mov dword ptr [_winmajor], ecx
004010D5 |. 8B15 847C4200 mov edx, dword ptr [_winmajor]
004010DB |. C1E2 08 shl edx, 8
004010DE |. 0315 887C4200 add edx, dword ptr [_winminor]
004010E4 |. 8915 807C4200 mov dword ptr [_winver], edx
004010EA |. A1 7C7C4200 mov eax, dword ptr [_osver]
004010EF |. C1E8 10 shr eax, 10
004010F2 |. 25 FFFF0000 and eax, 0FFFF
004010F7 |. A3 7C7C4200 mov dword ptr [_osver], eax
004010FC |. 6A 00 push 0 ; /Arg1 = 00000000
004010FE |. E8 6D130000 call _heap_init ; \_heap_init
00401103 |. 83C4 04 add esp, 4
00401106 |. 85C0 test eax, eax
00401108 |. 75 0A jnz short 00401114
0040110A |. 6A 1C push 1C
0040110C |. E8 CF000000 call fast_error_exit
00401111 |. 83C4 04 add esp, 4
00401114 |> C745 FC 00000>mov dword ptr [ebp-4], 0
0040111B |. E8 500D0000 call _ioinit
00401120 |. FF15 48A14200 call dword ptr [<&KERNEL32.GetCommand>; [GetCommandLineA
00401126 |. A3 20964200 mov dword ptr [_acmdln], eax
0040112B |. E8 200B0000 call __crtGetEnvironmentStringsA
00401130 |. A3 647C4200 mov dword ptr [_aenvptr], eax
00401135 |. E8 06060000 call _setargv
0040113A |. E8 B1040000 call _setenvp
0040113F |. E8 CC000000 call _cinit
00401144 |. 8B0D 987C4200 mov ecx, dword ptr [_environ]
0040114A |. 890D 9C7C4200 mov dword ptr [__initenv], ecx
00401150 |. 8B15 987C4200 mov edx, dword ptr [_environ]
00401156 |. 52 push edx
00401157 |. A1 907C4200 mov eax, dword ptr [__argv]
0040115C |. 50 push eax
0040115D |. 8B0D 8C7C4200 mov ecx, dword ptr [__argc]
00401163 |. 51 push ecx
00401164 |. E8 9CFEFFFF call 00401005
00401169 |. 83C4 0C add esp, 0C
0040116C |. 8945 E4 mov dword ptr [ebp-1C], eax
0040116F |. 8B55 E4 mov edx, dword ptr [ebp-1C]
00401172 |. 52 push edx ; /status
00401173 |. E8 D8000000 call exit ; \exit
00401178 |. 8B45 EC mov eax, dword ptr [ebp-14]
0040117B |. 8B08 mov ecx, dword ptr [eax]
0040117D |. 8B11 mov edx, dword ptr [ecx]
0040117F |. 8955 E0 mov dword ptr [ebp-20], edx
00401182 |. 8B45 EC mov eax, dword ptr [ebp-14]
00401185 |. 50 push eax ; /Arg2
00401186 |. 8B4D E0 mov ecx, dword ptr [ebp-20] ; |
00401189 |. 51 push ecx ; |Arg1
0040118A |. E8 51020000 call _XcptFilter ; \_XcptFilter
0040118F |. 83C4 08 add esp, 8
00401192 \. C3 retn
0040100A | |CC int3
0040100B | |CC int3
0040100C | |CC int3
0040100D | |CC int3
0040100E | |CC int3
0040100F | |CC int3
00401010 >|> \55 push ebp
00401011 |. 8BEC mov ebp, esp
00401013 |. 83EC 40 sub esp, 40
00401016 |. 53 push ebx
00401017 |. 56 push esi
00401018 |. 57 push edi
00401019 |. 8D7D C0 lea edi, dword ptr [ebp-40]
0040101C |. B9 10000000 mov ecx, 10
00401021 |. B8 CCCCCCCC mov eax, CCCCCCCC
00401026 |. F3:AB rep stos dword ptr es:[edi]
00401028 |. 8B45 0C mov eax, dword ptr [ebp+C]
0040102B |. 8B08 mov ecx, dword ptr [eax]
0040102D |. 51 push ecx ; /<%s>
0040102E |. 6A 00 push 0 ; |<%d> = 0
00401030 |. 68 802E4200 push 00422E80 ; |format = "argv[%d] = %s
"
00401035 |. E8 56C60000 call printf ; \printf
0040103A |. 83C4 0C add esp, 0C
0040103D |. 837D 08 02 cmp dword ptr [ebp+8], 2
00401041 |. 75 16 jnz short 00401059
00401043 |. 8B55 0C mov edx, dword ptr [ebp+C]
00401046 |. 8B42 04 mov eax, dword ptr [edx+4]
00401049 |. 50 push eax ; /<%s>
0040104A |. 6A 01 push 1 ; |<%d> = 1
0040104C |. 68 802E4200 push 00422E80 ; |format = "argv[%d] = %s
"
00401051 |. E8 3AC60000 call printf ; \printf
00401056 |. 83C4 0C add esp, 0C
00401059 |> 5F pop edi
0040105A |. 5E pop esi
0040105B |. 5B pop ebx
0040105C |. 83C4 40 add esp, 40
0040105F |. 3BEC cmp ebp, esp
00401061 |. E8 EAC50000 call _chkesp
00401066 |. 8BE5 mov esp, ebp
00401068 |. 5D pop ebp
00401069 \. C3 retn
0040106A CC int3
0040106B CC int3
0040106C CC int3
0040106D CC int3
0040106E CC int3
0040106F CC int3
00401070 CC int3
00401071 CC int3
00401072 CC int3
00401073 CC int3
00401074 CC int3
00401075 CC int3
00401076 CC int3
00401077 CC int3
00401078 CC int3
00401079 CC int3
0040107A CC int3
0040107B CC int3
0040107C CC int3
0040107D CC int3
0040107E CC int3
0040107F CC int3
00401080 >/$ 55 push ebp
00401081 |. 8BEC mov ebp, esp
00401083 |. 6A FF push -1
00401085 |. 68 20204200 push 00422020
0040108A |. 68 E0264000 push _except_handler3 ; SE handler installation
0040108F |. 64:A1 0000000>mov eax, dword ptr fs:[0]
00401095 |. 50 push eax
00401096 |. 64:8925 00000>mov dword ptr fs:[0], esp
0040109D |. 83C4 F0 add esp, -10
004010A0 |. 53 push ebx
004010A1 |. 56 push esi
004010A2 |. 57 push edi
004010A3 |. 8965 E8 mov dword ptr [ebp-18], esp
004010A6 |. FF15 4CA14200 call dword ptr [<&KERNEL32.GetVersion>; kernel32.GetVersion
004010AC |. A3 7C7C4200 mov dword ptr [_osver], eax
004010B1 |. A1 7C7C4200 mov eax, dword ptr [_osver]
004010B6 |. C1E8 08 shr eax, 8
004010B9 |. 25 FF000000 and eax, 0FF
004010BE |. A3 887C4200 mov dword ptr [_winminor], eax
004010C3 |. 8B0D 7C7C4200 mov ecx, dword ptr [_osver]
004010C9 |. 81E1 FF000000 and ecx, 0FF
004010CF |. 890D 847C4200 mov dword ptr [_winmajor], ecx
004010D5 |. 8B15 847C4200 mov edx, dword ptr [_winmajor]
004010DB |. C1E2 08 shl edx, 8
004010DE |. 0315 887C4200 add edx, dword ptr [_winminor]
004010E4 |. 8915 807C4200 mov dword ptr [_winver], edx
004010EA |. A1 7C7C4200 mov eax, dword ptr [_osver]
004010EF |. C1E8 10 shr eax, 10
004010F2 |. 25 FFFF0000 and eax, 0FFFF
004010F7 |. A3 7C7C4200 mov dword ptr [_osver], eax
004010FC |. 6A 00 push 0 ; /Arg1 = 00000000
004010FE |. E8 6D130000 call _heap_init ; \_heap_init
00401103 |. 83C4 04 add esp, 4
00401106 |. 85C0 test eax, eax
00401108 |. 75 0A jnz short 00401114
0040110A |. 6A 1C push 1C
0040110C |. E8 CF000000 call fast_error_exit
00401111 |. 83C4 04 add esp, 4
00401114 |> C745 FC 00000>mov dword ptr [ebp-4], 0
0040111B |. E8 500D0000 call _ioinit
00401120 |. FF15 48A14200 call dword ptr [<&KERNEL32.GetCommand>; [GetCommandLineA
00401126 |. A3 20964200 mov dword ptr [_acmdln], eax
0040112B |. E8 200B0000 call __crtGetEnvironmentStringsA
00401130 |. A3 647C4200 mov dword ptr [_aenvptr], eax
00401135 |. E8 06060000 call _setargv
0040113A |. E8 B1040000 call _setenvp
0040113F |. E8 CC000000 call _cinit
00401144 |. 8B0D 987C4200 mov ecx, dword ptr [_environ]
0040114A |. 890D 9C7C4200 mov dword ptr [__initenv], ecx
00401150 |. 8B15 987C4200 mov edx, dword ptr [_environ]
00401156 |. 52 push edx
00401157 |. A1 907C4200 mov eax, dword ptr [__argv]
0040115C |. 50 push eax
0040115D |. 8B0D 8C7C4200 mov ecx, dword ptr [__argc]
00401163 |. 51 push ecx
00401164 |. E8 9CFEFFFF call 00401005
00401169 |. 83C4 0C add esp, 0C
0040116C |. 8945 E4 mov dword ptr [ebp-1C], eax
0040116F |. 8B55 E4 mov edx, dword ptr [ebp-1C]
00401172 |. 52 push edx ; /status
00401173 |. E8 D8000000 call exit ; \exit
00401178 |. 8B45 EC mov eax, dword ptr [ebp-14]
0040117B |. 8B08 mov ecx, dword ptr [eax]
0040117D |. 8B11 mov edx, dword ptr [ecx]
0040117F |. 8955 E0 mov dword ptr [ebp-20], edx
00401182 |. 8B45 EC mov eax, dword ptr [ebp-14]
00401185 |. 50 push eax ; /Arg2
00401186 |. 8B4D E0 mov ecx, dword ptr [ebp-20] ; |
00401189 |. 51 push ecx ; |Arg1
0040118A |. E8 51020000 call _XcptFilter ; \_XcptFilter
0040118F |. 83C4 08 add esp, 8
00401192 \. C3 retn
[Release Mode]
00401000 /$ 56 push esi
00401001 |. 8B7424 0C mov esi, dword ptr [esp+C]
00401005 |. 8B06 mov eax, dword ptr [esi]
00401007 |. 50 push eax
00401008 |. 6A 00 push 0
0040100A |. 68 30704000 push 00407030 ; ASCII "argv[%d] = %s
"
0040100F |. E8 2C000000 call 00401040
00401014 |. 8B4424 14 mov eax, dword ptr [esp+14]
00401018 |. 83C4 0C add esp, 0C
0040101B |. 83F8 02 cmp eax, 2
0040101E |. 75 13 jnz short 00401033
00401020 |. 8B4E 04 mov ecx, dword ptr [esi+4]
00401023 |. 51 push ecx
00401024 |. 6A 01 push 1
00401026 |. 68 30704000 push 00407030 ; ASCII "argv[%d] = %s
"
0040102B |. E8 10000000 call 00401040
00401030 |. 83C4 0C add esp, 0C
00401033 |> 5E pop esi
00401034 \. C3 retn
00401035 90 nop
00401036 90 nop
00401037 90 nop
00401038 90 nop
00401039 90 nop
0040103A 90 nop
0040103B 90 nop
0040103C 90 nop
0040103D 90 nop
0040103E 90 nop
0040103F 90 nop
00401040 /$ 53 push ebx
00401041 |. 56 push esi
00401042 |. BE 70704000 mov esi, 00407070
00401047 |. 57 push edi
00401048 |. 56 push esi
00401049 |. E8 4B010000 call 00401199
0040104E |. 8BF8 mov edi, eax
00401050 |. 8D4424 18 lea eax, dword ptr [esp+18]
00401054 |. 50 push eax
00401055 |. FF7424 18 push dword ptr [esp+18]
00401059 |. 56 push esi
0040105A |. E8 04020000 call 00401263
0040105F |. 56 push esi
00401060 |. 57 push edi
00401061 |. 8BD8 mov ebx, eax
00401063 |. E8 BE010000 call 00401226
00401068 |. 83C4 18 add esp, 18
0040106B |. 8BC3 mov eax, ebx
0040106D |. 5F pop edi
0040106E |. 5E pop esi
0040106F |. 5B pop ebx
00401070 \. C3 retn
00401071 >/$ 55 push ebp
00401072 |. 8BEC mov ebp, esp
00401074 |. 6A FF push -1
00401076 |. 68 B0604000 push 004060B0
0040107B |. 68 B8264000 push 004026B8 ; SE handler installation
00401080 |. 64:A1 0000000>mov eax, dword ptr fs:[0]
00401086 |. 50 push eax
00401087 |. 64:8925 00000>mov dword ptr fs:[0], esp
0040108E |. 83EC 10 sub esp, 10
00401091 |. 53 push ebx
00401092 |. 56 push esi
00401093 |. 57 push edi
00401094 |. 8965 E8 mov dword ptr [ebp-18], esp
00401097 |. FF15 04604000 call dword ptr [<&KERNEL32.GetVersion>; kernel32.GetVersion
0040109D |. 33D2 xor edx, edx
0040109F |. 8AD4 mov dl, ah
004010A1 |. 8915 18994000 mov dword ptr [409918], edx
004010A7 |. 8BC8 mov ecx, eax
004010A9 |. 81E1 FF000000 and ecx, 0FF
004010AF |. 890D 14994000 mov dword ptr [409914], ecx
004010B5 |. C1E1 08 shl ecx, 8
004010B8 |. 03CA add ecx, edx
004010BA |. 890D 10994000 mov dword ptr [409910], ecx
004010C0 |. C1E8 10 shr eax, 10
004010C3 |. A3 0C994000 mov dword ptr [40990C], eax
004010C8 |. 6A 00 push 0
004010CA |. E8 92140000 call 00402561
004010CF |. 59 pop ecx
004010D0 |. 85C0 test eax, eax
004010D2 |. 75 08 jnz short 004010DC
004010D4 |. 6A 1C push 1C
004010D6 |. E8 9A000000 call 00401175
004010DB |. 59 pop ecx
004010DC |> 8365 FC 00 and dword ptr [ebp-4], 0
004010E0 |. E8 5C110000 call 00402241
004010E5 |. FF15 00604000 call dword ptr [<&KERNEL32.GetCommand>; [GetCommandLineA
004010EB |. A3 24AE4000 mov dword ptr [40AE24], eax
004010F0 |. E8 1A100000 call 0040210F
004010F5 |. A3 E8984000 mov dword ptr [4098E8], eax
004010FA |. E8 C30D0000 call 00401EC2
004010FF |. E8 050D0000 call 00401E09
00401104 |. E8 7A0A0000 call 00401B83
00401109 |. A1 28994000 mov eax, dword ptr [409928]
0040110E |. A3 2C994000 mov dword ptr [40992C], eax
00401113 |. 50 push eax
00401114 |. FF35 20994000 push dword ptr [409920]
0040111A |. FF35 1C994000 push dword ptr [40991C]
00401120 |. E8 DBFEFFFF call 00401000
00401125 |. 83C4 0C add esp, 0C
00401128 |. 8945 E4 mov dword ptr [ebp-1C], eax
0040112B |. 50 push eax
0040112C |. E8 7F0A0000 call 00401BB0
00401131 |. 8B45 EC mov eax, dword ptr [ebp-14]
00401134 |. 8B08 mov ecx, dword ptr [eax]
00401136 |. 8B09 mov ecx, dword ptr [ecx]
00401138 |. 894D E0 mov dword ptr [ebp-20], ecx
0040113B |. 50 push eax
0040113C |. 51 push ecx
0040113D |. E8 430B0000 call 00401C85
00401142 |. 59 pop ecx
00401143 |. 59 pop ecx
00401144 \. C3 retn
00401000 /$ 56 push esi
00401001 |. 8B7424 0C mov esi, dword ptr [esp+C]
00401005 |. 8B06 mov eax, dword ptr [esi]
00401007 |. 50 push eax
00401008 |. 6A 00 push 0
0040100A |. 68 30704000 push 00407030 ; ASCII "argv[%d] = %s
"
0040100F |. E8 2C000000 call 00401040
00401014 |. 8B4424 14 mov eax, dword ptr [esp+14]
00401018 |. 83C4 0C add esp, 0C
0040101B |. 83F8 02 cmp eax, 2
0040101E |. 75 13 jnz short 00401033
00401020 |. 8B4E 04 mov ecx, dword ptr [esi+4]
00401023 |. 51 push ecx
00401024 |. 6A 01 push 1
00401026 |. 68 30704000 push 00407030 ; ASCII "argv[%d] = %s
"
0040102B |. E8 10000000 call 00401040
00401030 |. 83C4 0C add esp, 0C
00401033 |> 5E pop esi
00401034 \. C3 retn
00401035 90 nop
00401036 90 nop
00401037 90 nop
00401038 90 nop
00401039 90 nop
0040103A 90 nop
0040103B 90 nop
0040103C 90 nop
0040103D 90 nop
0040103E 90 nop
0040103F 90 nop
00401040 /$ 53 push ebx
00401041 |. 56 push esi
00401042 |. BE 70704000 mov esi, 00407070
00401047 |. 57 push edi
00401048 |. 56 push esi
00401049 |. E8 4B010000 call 00401199
0040104E |. 8BF8 mov edi, eax
00401050 |. 8D4424 18 lea eax, dword ptr [esp+18]
00401054 |. 50 push eax
00401055 |. FF7424 18 push dword ptr [esp+18]
00401059 |. 56 push esi
0040105A |. E8 04020000 call 00401263
0040105F |. 56 push esi
00401060 |. 57 push edi
00401061 |. 8BD8 mov ebx, eax
00401063 |. E8 BE010000 call 00401226
00401068 |. 83C4 18 add esp, 18
0040106B |. 8BC3 mov eax, ebx
0040106D |. 5F pop edi
0040106E |. 5E pop esi
0040106F |. 5B pop ebx
00401070 \. C3 retn
00401071 >/$ 55 push ebp
00401072 |. 8BEC mov ebp, esp
00401074 |. 6A FF push -1
00401076 |. 68 B0604000 push 004060B0
0040107B |. 68 B8264000 push 004026B8 ; SE handler installation
00401080 |. 64:A1 0000000>mov eax, dword ptr fs:[0]
00401086 |. 50 push eax
00401087 |. 64:8925 00000>mov dword ptr fs:[0], esp
0040108E |. 83EC 10 sub esp, 10
00401091 |. 53 push ebx
00401092 |. 56 push esi
00401093 |. 57 push edi
00401094 |. 8965 E8 mov dword ptr [ebp-18], esp
00401097 |. FF15 04604000 call dword ptr [<&KERNEL32.GetVersion>; kernel32.GetVersion
0040109D |. 33D2 xor edx, edx
0040109F |. 8AD4 mov dl, ah
004010A1 |. 8915 18994000 mov dword ptr [409918], edx
004010A7 |. 8BC8 mov ecx, eax
004010A9 |. 81E1 FF000000 and ecx, 0FF
004010AF |. 890D 14994000 mov dword ptr [409914], ecx
004010B5 |. C1E1 08 shl ecx, 8
004010B8 |. 03CA add ecx, edx
004010BA |. 890D 10994000 mov dword ptr [409910], ecx
004010C0 |. C1E8 10 shr eax, 10
004010C3 |. A3 0C994000 mov dword ptr [40990C], eax
004010C8 |. 6A 00 push 0
004010CA |. E8 92140000 call 00402561
004010CF |. 59 pop ecx
004010D0 |. 85C0 test eax, eax
004010D2 |. 75 08 jnz short 004010DC
004010D4 |. 6A 1C push 1C
004010D6 |. E8 9A000000 call 00401175
004010DB |. 59 pop ecx
004010DC |> 8365 FC 00 and dword ptr [ebp-4], 0
004010E0 |. E8 5C110000 call 00402241
004010E5 |. FF15 00604000 call dword ptr [<&KERNEL32.GetCommand>; [GetCommandLineA
004010EB |. A3 24AE4000 mov dword ptr [40AE24], eax
004010F0 |. E8 1A100000 call 0040210F
004010F5 |. A3 E8984000 mov dword ptr [4098E8], eax
004010FA |. E8 C30D0000 call 00401EC2
004010FF |. E8 050D0000 call 00401E09
00401104 |. E8 7A0A0000 call 00401B83
00401109 |. A1 28994000 mov eax, dword ptr [409928]
0040110E |. A3 2C994000 mov dword ptr [40992C], eax
00401113 |. 50 push eax
00401114 |. FF35 20994000 push dword ptr [409920]
0040111A |. FF35 1C994000 push dword ptr [40991C]
00401120 |. E8 DBFEFFFF call 00401000
00401125 |. 83C4 0C add esp, 0C
00401128 |. 8945 E4 mov dword ptr [ebp-1C], eax
0040112B |. 50 push eax
0040112C |. E8 7F0A0000 call 00401BB0
00401131 |. 8B45 EC mov eax, dword ptr [ebp-14]
00401134 |. 8B08 mov ecx, dword ptr [eax]
00401136 |. 8B09 mov ecx, dword ptr [ecx]
00401138 |. 894D E0 mov dword ptr [ebp-20], ecx
0040113B |. 50 push eax
0040113C |. 51 push ecx
0040113D |. E8 430B0000 call 00401C85
00401142 |. 59 pop ecx
00401143 |. 59 pop ecx
00401144 \. C3 retn
'보안' 카테고리의 다른 글
| 03 PE 파일 분석-Export 분석 [펌 kkamagui.tistory.com] (0) | 2008.01.16 |
|---|---|
| 00 윈도우 DLL 분석 [펌 kkamagui.tistory.com] (0) | 2008.01.16 |
| register 종류 (2) | 2008.01.14 |
| Tutorial Crack! - TEST, XOR 기능 (4) | 2008.01.14 |
| Assembly 명령어 [펌 Newms Blog] (1) | 2008.01.14 |
공지사항
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
링크
- 지루박멸연구센타
- 열정의 힘을 믿는다
- Le4rN TO Cr4cK
- 디버깅에관한모든것(DebugLab)
- sysinternals
- FoundStone
- hashtab
- 보안-coderant
- 디바이스드라이버 개발자 포럼
- dualpage.muz.ro
- osronline.com - 드라이버 관련 정보 사이트
- NtInternals - NativeAPI Refere…
- pcthreat - spyware 정보 제공
- rootkit.com - 루트킷 관련 정보
- www.ntinternals.net
- WINE CrossRef. - source.winehq…
- tuts4you
- hex-rays
- idapalace
- idefense
- immunityinc
- threatexpert
- hdp.null2root.org
- www.crackstore.com
- crackmes.de
- www.who.is
- www.cracklab.ru
- community.reverse-engineering.…
- video.reverse-engineering.net
- SnD
- 클레이 키위
- reversengineering.wordpress.co…
- www.openrce.org
- www.woodmann.com
- PEID.Plusins.BobSoft
- roxik.com/pictaps/
- regexlib.com
- spyware-browser.com
- www.usboffice.kr
- regulator
- www.txt2re.com
- ietab.mozdev.org
- zesrever.xstone.org
- www.heaventools.com/PE-file-he…
- www.heaventools.com
- www.innomp3.com
- 울지않는벌새
- exetools.com-forum
- exetools.com
- utf8 conv
- robtex - IP trace
- onsamehost - same IP sites
- JpopSuki
- jsunpack.jeek.org
- wepawet.iseclab.org
- www.jswiff.com
- www.hackeroo.com
- winesearcher.co.kr
- khpga.org
- malwareurl.com
- anubis.iseclab.org
- www.crummy.com-eautifulSoup
- malwarebytes.org/forums
- bbs.janmeng.com
- blackip.ustc.edu.cn
- eureka.cyber-ta.org
- exploit-db.com
TAG
- 주택구매력지수
- ubuntu
- ChatGPT
- 주식
- CriticalSection
- 다올저축은행
- INVOICE
- ElasticSearch
- 시스템트래이딩
- O365
- 매매가격지수
- 실시간트래이딩
- SBI저축은행
- systemd
- 전세매매지수
- hai
- 레고랜드
- 맥쿼리인프라
- 주식트래이딩
- 공공인프라
- 자동트래이딩
- ROA
- 미국주식
- 사회간접자본
- 군함도
- Pivot
- 신한저축은행
- logrotate
- PIR
- 피봇
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
글 보관함