测试外壳code [英] Testing a shellcode
问题描述
我有这块code的测试壳code,但我不明白它,任何人都可以解释给我吗?
忘记组装壳code,我想了解的是C code,
字符外壳code [] =...;INT主(INT ARGC,字符** argv的){INT(* FUNC)();FUNC =(INT(*)())外壳code;(INT)(* FUNC)();}
我的意思是一切,什么是空的(),请解释一下,如果你是它解释为一个初学者。
INT(* FUNC)();
这是一个函数指针的声明。一个函数指针基本上是持有函数的地址的变量。在这种情况下,函数的类型 FUNC 指的是一个不带任何参数,并返回一个 INT 。您可以将函数的地址赋给这个变量,像这样:
FUNC = foo的;
其中,富与原型 INT富()函数;
一旦功能已被分配到这个变量,你可以调用函数 FUNC 点,像这样:
(* FUNC)();
有一种语法(相当于),我认为这是更清楚:
FUNC();
所以,如果富被分配到 FUNC ,那么上面这两个例子中实际上会调用该函数富。
您也可以施放值函数指针。在code例如
(INT(*)())
是一投一个函数指针,它没有参数,并返回一个 INT 。这是为了让编译器不会抱怨什么分配本质上是一个的char * 来函数指针 FUNC 。
在上面,你给了code,还有最后一件事。后 FUNC 被调用时,结果(因为某些原因),强制转换为 INT 。据我所知,这是投完全不必要的。所以最后一行
(INT)(* FUNC)();
可以被替换
(* FUNC)();
I have this piece of code to test a shellcode but I don't understand it so can anyone explain it to me?
Forget about the assembly shellcode, what I want to understand is the C code,
char shellcode[] = "...";
int main(int argc, char **argv)
{
int (*func)();
func = (int (*)()) shellcode;
(int)(*func)();
}
I mean everything, what are the empty (), please explain it as if you are explaining it to a beginner.
int (*func)();
This is a declaration of a function pointer. A function pointer is essentially a variable that holds the address of a function. In this case, the type of function that func points to is a one that takes no arguments and returns an int. You can assign the address of a function to this variable like so:
func = foo;
Where foo is a function with the prototype int foo();.
Once a function has been assigned to this variable, you can call the function that func points to like so:
(*func)();
There is an alternate syntax (which is equivalent), which I think is more clear:
func();
So if foo was assigned to func, then both examples above would actually call the function foo.
You can also cast values to function pointers. In the code example
(int (*)())
is a cast to a function pointer that takes no arguments and returns an int. This is so the compiler won't complain about assigning what is essentially a char* to the function pointer func.
In the code you gave above, there is one last thing. After func is called, the result is (for some reason) cast to an int. As far as I can tell, this cast is totally unnecessary. So the last line
(int)(*func)();
could be replaced with
(*func)();
这篇关于测试外壳code的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
