测试外壳code [英] Testing a shellcode
问题描述
我有这块code的测试壳code,但我不明白它,任何人都可以解释给我吗?
忘记组装壳code,我想了解的是C code,
字符外壳code [] =...;INT主(INT ARGC,字符** argv的){INT(* FUNC)();FUNC =(INT(*)())外壳code;(INT)(* FUNC)();}
我的意思是一切,什么是空的()
,请解释一下,如果你是它解释为一个初学者。
INT(* FUNC)();
这是一个函数指针的声明。一个函数指针基本上是持有函数的地址的变量。在这种情况下,函数的类型 FUNC
指的是一个不带任何参数,并返回一个 INT
。您可以将函数的地址赋给这个变量,像这样:
FUNC = foo的;
其中,富
与原型 INT富()函数;
一旦功能已被分配到这个变量,你可以调用函数 FUNC
点,像这样:
(* FUNC)();
有一种语法(相当于),我认为这是更清楚:
FUNC();
所以,如果富
被分配到 FUNC
,那么上面这两个例子中实际上会调用该函数富
。
您也可以施放值函数指针。在code例如
(INT(*)())
是一投一个函数指针,它没有参数,并返回一个 INT
。这是为了让编译器不会抱怨什么分配本质上是一个的char *
来函数指针 FUNC
。
在上面,你给了code,还有最后一件事。后 FUNC
被调用时,结果(因为某些原因),强制转换为 INT
。据我所知,这是投完全不必要的。所以最后一行
(INT)(* FUNC)();
可以被替换
(* FUNC)();
I have this piece of code to test a shellcode but I don't understand it so can anyone explain it to me?
Forget about the assembly shellcode, what I want to understand is the C code,
char shellcode[] = "...";
int main(int argc, char **argv)
{
int (*func)();
func = (int (*)()) shellcode;
(int)(*func)();
}
I mean everything, what are the empty ()
, please explain it as if you are explaining it to a beginner.
int (*func)();
This is a declaration of a function pointer. A function pointer is essentially a variable that holds the address of a function. In this case, the type of function that func
points to is a one that takes no arguments and returns an int
. You can assign the address of a function to this variable like so:
func = foo;
Where foo
is a function with the prototype int foo();
.
Once a function has been assigned to this variable, you can call the function that func
points to like so:
(*func)();
There is an alternate syntax (which is equivalent), which I think is more clear:
func();
So if foo
was assigned to func
, then both examples above would actually call the function foo
.
You can also cast values to function pointers. In the code example
(int (*)())
is a cast to a function pointer that takes no arguments and returns an int
. This is so the compiler won't complain about assigning what is essentially a char*
to the function pointer func
.
In the code you gave above, there is one last thing. After func
is called, the result is (for some reason) cast to an int
. As far as I can tell, this cast is totally unnecessary. So the last line
(int)(*func)();
could be replaced with
(*func)();
这篇关于测试外壳code的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!