从C ++调用putchar地址 [英] Calling putchar address from C++
问题描述
在上一个问题中,我询问是否可以编写和执行程序集命令在记忆中。我得到了一些很好的反应,经过一些更多的研究,我想出了如何做。现在我可以做到了,我有麻烦弄清楚写什么内存(以及如何正确地做它)。我知道一些程序集和mnemonics如何翻译为操作码,但我不知道如何正确使用操作码。
In a previous question, I asked if it was possible to write and execute assembly commands in memory. I got some nice responses, and after a bit more research, I figured out how to do it. Now that I can do it, I am having trouble figuring out what to write to memory (and how to do it correctly). I know some assembly and how the mnemonics translate to opcodes, but I can't figure out how to use the opcodes correctly.
这里有一个例子,我想得到working:
Here's an example I'm trying to get working:
void(*test)() = NULL; //create function pointer, initialize to NULL
void* hold_address = VirtualAlloc(NULL, 5*1024, MEM_COMMIT, PAGE_EXECUTE_READWRITE); //allocate memory, make writable/ readable/ executable
unsigned char asm_commands[] = {0x55, 0x89, 0xE5, 0x83, 0xEC, 0x18, 0xC7, 0x04, 0x24, 0x41, 0xE8, 0x1E, 0xB3, 0x01, 0x00, 0xC9, 0xC3}; //create array of assembly commands, hex values
memcpy(hold_address, asm_commands, sizeof(asm_commands)[0]*10); //copy the array into the reserved memory
test = (void(*)())hold_address; //set the function pointer to start of the allocated memory
test(); //call the function
只需将0xC3放入asm_commands数组就可以了但这很无聊。现在我在那里的操作码(和地址)系列打印出字符A(大写字母a)。我得到了操作码和地址从调试一个简单的程序,调用printf(A)和查找内存中的调用。现在,程序返回一个0xC00000096错误,特权命令。我认为错误源于尝试直接调用系统putchar地址,这是系统不喜欢。我也认为我可以绕过这个,通过给我的程序Ring 0访问,但我几乎不知道除了很多潜在的问题之外。
Just placing 0xC3 into the asm_commands array works (and the function just returns), but that's boring. The series of opcodes (and addresses) I have in there right now are supposed to print out the character "A" (capital a). I got the opcodes and addresses from debugging a simple program that calls printf("A") and finding the call in memory. Right now, the program returns a 0xC00000096 error, "privileged command". I think the error stems from trying to call the system putchar address directly, which the system doesn't like. I also think I can bypass that by giving my program Ring 0 access, but I hardly know what that entails other than a lot of potential problems.
调用printf()函数(在汇编操作码中)而不需要更高的权限?
So is there any way to either call the printf() function (in assembly opcodes) without needing higher privileges?
我使用的是Windows 7 64位,Code :: Blocks 10.05(GNU GCC Compiler)。
I'm using Windows 7, 64-bit, Code::Blocks 10.05 (GNU GCC Compiler).
这里是调试的printf()调用(在OllyDebug中)的屏幕截图:
Here's a screenshot of the debugged printf() call (in OllyDebug):
推荐答案
unsigned char asm_commands[] = {0x55, 0x89E5…
哇,挂起,停在那儿。 0x89E5 对于 unsigned char 不是有效的值,您的编译器应该可能会抱怨这个。 (如果没有,请检查您的设置;您可能已禁用了一些非常重要的警告。)
Whoa, hang on, stop right there. 0x89E5 isn't a valid value for an unsigned char, and your compiler should probably be complaining about this. (If not, check your settings; you've probably disabled some very important warnings.)
您需要将此初始化程序中的代码拆分为单独的字节,例如
You'll need to split your code in this initializer up into individual bytes, e.g.
{0x55, 0x89, 0xE5, …
这篇关于从C ++调用putchar地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
