我试图找出sscanf函数在汇编时要求的格式。我认为它需要两个输入,但我不确定它们是否应该是十进制或字符串等。
我试过x / s和x / d 0x400c30,但我得到了\ 377%z4。我在哪里可以看到%d或%s等?提前致谢!
Dump of assembler code for function phase_4:
0x000000000040101e <+0>: sub $0x18,%rsp
0x0000000000401022 <+4>: lea 0xc(%rsp),%rcx
0x0000000000401027 <+9>: lea 0x8(%rsp),%rdx
0x000000000040102c <+14>: mov $0x4027cd,%esi
0x0000000000401031 <+19>: mov $0x0,%eax
0x0000000000401036 <+24>: callq 0x400c30 <__isoc99_sscanf@plt> //???
0x000000000040103b <+29>: cmp $0x2,%eax
0x000000000040103e <+32>: jne 0x40104c <phase_4+46>
0x0000000000401040 <+34>: mov 0xc(%rsp),%eax
0x0000000000401044 <+38>: sub $0x2,%eax
0x0000000000401047 <+41>: cmp $0x2,%eax
0x000000000040104a <+44>: jbe 0x401051 <phase_4+51>
0x000000000040104c <+46>: callq 0x401554 <explode_bomb>
0x0000000000401051 <+51>: mov 0xc(%rsp),%esi
0x0000000000401055 <+55>: mov $0x7,%edi
0x000000000040105a <+60>: callq 0x400fe6 <func4>
0x000000000040105f <+65>: cmp 0x8(%rsp),%eax
0x0000000000401063 <+69>: je 0x40106a <phase_4+76>
0x0000000000401065 <+71>: callq 0x401554 <explode_bomb>
0x000000000040106a <+76>: add $0x18,%rsp
0x000000000040106e <+80>: retq
答案 0 :(得分:3)
我在这里假设x86。我不熟悉AT&amp; T语法,但是sscanf的第二个参数,格式字符串,在rsi寄存器中。您正在寻找的字符串似乎位于地址4027cd。
0x000000000040102c <+14>: mov $0x4027cd,%esi
0x0000000000401031 <+19>: mov $0x0,%eax
0x0000000000401036 <+24>: callq 0x400c30 <__isoc99_sscanf@plt> //???
尝试检查该地址