在 gdb 中查看 ASCII 寄存器内容
use*_*312 2 c x86 assembly gdb
假设,我现在处于这个位置,我想以ascii格式查看cl、ch、cx、ecx等的内容。
该怎么办?
以下是命令中显示的子程序layout asm。
RemCharCodeFromAToB:
; standard entry sequence
push ebp ; save the previous value of ebp for the benefi$
mov ebp, esp ; copy esp -> ebp so that ebp can be used as a $
; accessing arguments
; [ebp + 0] = old ebp stack frame
; [ebp + 4] = return address
mov edx, [ebp + 8] ; string address
while_loop_rcc:
mov cl, [edx] ; obtain the address of the 1st character of the string
cmp cl, 0 ; check the null value
je while_loop_exit_rcc ; exit if the null-character is reached
mov al, cl ; save cl
mov cl, [ebp + 16] ; end-char
push cx ; push end-char
mov cl, [ebp + 12] ; start-char
push cx ; push start-char
push ax; ; push ch
call IsBetweenAandB
add esp, 12
cmp eax, 0 ; if(ch is not between 'a' and 'e')
je inner_loop_exit_rcc
mov eax, edx ; copy the current address
inner_loop_rcc:
mov cl, [eax+1]
cmp cl, 0
je inner_loop_exit_rcc
mov [eax], cl
inc eax
jmp inner_loop_rcc
inner_loop_exit_rcc:
inc edx ; increment the address
jmp while_loop_rcc ; start the loop again
while_loop_exit_rcc:
; standard exit sequence
mov esp, ebp ; restore esp with ebp
pop ebp ; remove ebp from stack
ret ; return the value of temporary variable
这将定义一个asciiprint宏,它将其参数寄存器的值打印为字符序列,从最低有效字节到最高有效字节。
(gdb) define asciiprint
set $len = sizeof($arg0)
set $val = (unsigned long long)($arg0)
while $len-- > 0
set $char = $val & 0xff
if $char >= 0x20 && $char <= 0x7e
printf "%c", $char
else
printf "\\x%02x", $char
end
set $val >>= 8
end
printf "\n"
end
(gdb) set $rcx=0x6b63616a70616c66
(gdb) asciiprint $rcx
flapjack
(gdb) asciiprint $ecx
flap
(gdb) asciiprint $cx
fl
(gdb) asciiprint $cl
f
(gdb) asciiprint $ch
l