问题描述
希望您能帮助我了解如何找到六个数字.尝试了几组我认为是正确的数字,但猜想我对它的理解不正确.
Hope you can help me to understand how I can find out the six numbers. Have tried couple set of numbers that I thought was the right ones but guess I´m not understanding it right.
因此,对于第一个,我要寻找的这6个数字,不是数字就是结果,还是我放入的适合代码的数字?
So for the first, this six numbers that I'm looking for, isn´t it numbers that are the outcome or the number that I put in to fit to the code?
我是否必须仔细阅读所有代码,还是只有几行可以找到这些数字?开始认为我已经想不通了,找到这些数字要比我尝试的方法容易得多.
Do I have to go through all the code or are there just few lines that I can find out these numbers? Started to think that I'm over thinking it, that it´s much easier to find those numbers then the ways I´m trying.
08048b74 <phase_2>:
8048b74: 53 push %ebx
8048b75: 83 ec 38 sub $0x38,%esp
8048b78: 8d 44 24 18 lea 0x18(%esp),%eax
8048b7c: 89 44 24 04 mov %eax,0x4(%esp)
8048b80: 8b 44 24 40 mov 0x40(%esp),%eax
8048b84: 89 04 24 mov %eax,(%esp)
8048b87: e8 28 07 00 00 call 80492b4 <read_six_numbers>
8048b8c: 83 7c 24 18 00 cmpl $0x0,0x18(%esp)
8048b91: 79 22 jns 8048bb5 <phase_2+0x41>
8048b93: e8 dd 06 00 00 call 8049275 <explode_bomb>
8048b98: eb 1b jmp 8048bb5 <phase_2+0x41>
8048b9a: 89 d8 mov %ebx,%eax
8048b9c: 03 44 9c 14 add 0x14(%esp,%ebx,4),%eax
8048ba0: 39 44 9c 18 cmp %eax,0x18(%esp,%ebx,4)
8048ba4: 74 05 je 8048bab <phase_2+0x37>
8048ba6: e8 ca 06 00 00 call 8049275 <explode_bomb>
8048bab: 83 c3 01 add $0x1,%ebx
8048bae: 83 fb 06 cmp $0x6,%ebx
8048bb1: 75 e7 jne 8048b9a <phase_2+0x26>
8048bb3: eb 07 jmp 8048bbc <phase_2+0x48>
8048bb5: bb 01 00 00 00 mov $0x1,%ebx
8048bba: eb de jmp 8048b9a <phase_2+0x26>
8048bbc: 83 c4 38 add $0x38,%esp
8048bbf: 5b pop %ebx
8048bc0: c3 ret
推荐答案
@ user3399655,您只需要阅读反汇编函数并了解其功能.了解后,您将清楚需要输入的六个数字是什么.
@user3399655, you simply need to read the function disassembly and understand what it does. When you understand it, it will be clear what the six numbers you need to enter are.
-
首先,您知道反汇编中的每条指令做什么吗? (按,SUB,LEA,MOV,CALL,CMP ...).否则,请在英特尔的开发人员手册.您需要手册2A-C.如果您不了解指令的定义,请在此处询问有关该指令的具体问题.
First, do you know what each instruction in that disassembly does? (PUSH, SUB, LEA, MOV, CALL, CMP...) If not, look up the ones you don't know in Intel's Developer Manuals. You want manuals 2A-C. If you don't understand the definition of an instruction, ask a specific question about it here.
您了解调用堆栈的概念吗?您知道如何在堆栈上分配变量的空间,以及如何在汇编中对其进行访问吗?如果没有,您将无法理解此功能.
Do you understand the concept of the call stack? Do you know how space for variables on the stack is allocated, and how they are accessed in assembly? If not, you will not be able to understand this function.
您知道if...else和for(;;)这样的C控制结构如何转换为汇编吗?尝试打印出您发布的反汇编,并绘制箭头以显示每个有条件/无条件跳转指令的去向.提示一下,该函数似乎具有2个if块和一个循环.您可以看到哪些跳转是哪种控制结构的一部分吗?
Do you know how C control structures like if...else and for(;;) translate into assembly? Try printing out the disassembly you posted, and draw arrows showing where each conditional/unconditional jump instruction goes. As a hint, it looks like the function has 2 if blocks, and a single loop. Can you see which jumps are part of which control structure?
好的,另一个提示. if块通常转换为条件跳转,如果条件为 false ,则该条件跳转会跳过 块的内容.如果条件为真,则不执行跳转,而是跳转到块的内容. (这有意义吗?如果需要的话,请考虑一分钟.)循环转换为条件跳转,如果不满足结束循环的条件,则向后跳转 .
OK, another hint. An if block generally translates to a conditional jump, which jumps over the contents of the block if the condition is false. If the condition is true, it doesn't take the jump, and falls through to the contents of the block. (Does that make sense? Think about it for a minute if you need to.) Loops translate to conditional jumps which jump backwards if the condition for ending the loop is not met.
该循环具有单个索引变量.您可以看到索引变量保留在哪个寄存器中吗?你能说出它是上升还是下降?在循环终止之前要走多远?
The loop has a single index variable. Can you see which register the index variable is kept in? Can you tell if it steps up or down? And how far does it step before the loop terminates?
您能告诉我们6个数字在phase_2堆栈框中的哪个位置吗?每个字节使用多少个字节?如果需要,您可以尝试阅读read_six_numbers的代码.或者只是在调试器中运行代码,然后查看堆栈.
Can you tell where in phase_2's stack frame the 6 numbers will be kept? How many bytes are used for each one? You could try to read the code for read_six_numbers if you need to. Or just run the code in a debugger, and look at the stack.
这篇关于了解炸弹实验室的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!