实时编辑code使用gdb | 实时编辑code使用gdb

本文介绍了实时编辑code使用gdb的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我没有使用gdb丰富的经验，所以我不知道什么，我问的是甚至有可能，但是它可以编辑code生活用gdb？

在运行（遇到断点后），disas看起来像这样：

  0x080487d8 1 + 9计算值：MOVL $ 0x80485e4,0x1c（％ESP）
0x080487e0 1 + 17计算值：MOVL $ 0x8048640,0x20（％尤）
0x080487e8 1 + 25计算值：MOVL $ 0x804869c，0X24（％尤）
0x080487f0 1 + 33计算值：MOVL $ 0x8048719,0x28（％尤）

在试图在这些指令之一更改地址，我这样做：

 设置（* 0x080487e1）= 0x5b870408

但是，而不是简单地改变地址，如我所料，新disas是这样的：

  0x080487d8 1 + 9计算值：MOVL $ 0x80485e4,0x1c（％ESP）
0x080487e0 1 + 17计算值：（坏）
0x080487e1 1 + 18计算值：或％人，（％EDI，％eax中，4）
0x080487e4 1 + 21计算值：流行％EBX
0x080487e5 1 + 22：XCHG％人，（％eax中，％ecx中，1）
0x080487e8 1 + 25计算值：MOVL $ 0x804869c，0X24（％尤）
0x080487f0 1 + 33计算值：MOVL $ 0x8048719,0x28（％尤）

因此，我有3个问题：就是我试图做可能吗？如果是这样，我是不是做错了什么？如果是这样，我做错了，我该如何解决这个问题？

解决方案

Yes, you can change .text of a binary.

Note that this change will only affect current execution; upon run your change will "evaporate" (if you wanted to permanently patch the binary, that's possible as well, but the procedure is different).

Likely. You didn't tell us what you are trying to change the instruction to.

Using (gdb) disas/r will show you actual raw instruction bytes, and will likely make it easier to see what you did wrong. When I use it, I see this:

   0x080483ed <+9>: c7 44 24 1c d0 84 04 08 movl   $0x80484d0,0x1c(%esp)

That is, the address (which you apparently wanted to overwrite) for the instruction above [1] does not begin at &instruction+1, it begins at &instruction+4. Also, you shouldn't reverse the bytes when you ask GDB to write a word (I am guessing you wanted the new address to be 0x0804785b and not 0x5b870408):

(gdb) set *(0x080483ed+4)=0x01020304
(gdb) disas
Dump of assembler code for function main:
   0x080483e4 <+0>: push   %ebp
   0x080483e5 <+1>: mov    %esp,%ebp
   0x080483e7 <+3>: and    $0xfffffff0,%esp
   0x080483ea <+6>: sub    $0x20,%esp
=> 0x080483ed <+9>: movl   $0x1020304,0x1c(%esp)
   0x080483f5 <+17>:    mov    0x1c(%esp),%eax
   0x080483f9 <+21>:    mov    %eax,(%esp)
   0x080483fc <+24>:    call   0x8048318 <puts@plt>
   0x08048401 <+29>:    mov    $0x0,%eax
   0x08048406 <+34>:    leave
   0x08048407 <+35>:    ret

[1] It is very likely that your instruction:

0x080487e0 <+17>: movl   $0x8048640,0x20(%esp)

has the same encoding as my instruction:

0x080483ed  <+9>: movl   $0x80484d0,0x1c(%esp)

as they are the "same", and have the same 8-byte length, but as FrankH pointed out, there might exist a different encoding of the same instruction. In any case, disas/r will show you all you need to know.

这篇关于实时编辑code使用gdb的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！