X86 汇编

来源：互联网发布：淘宝网裙裤编辑：程序博客网时间：2024/05/17 04:25

apt-get install nasm

nasm -f elf hello.asm
gcc -o hello hello.o

1 section .data
2         msg db 'Hello, world!', 0xA
3         len equ $ - msg
4 section .text
5 global main
6 main:
7         mov edx, len
8         mov ecx, msg
9         mov ebx, 1
10         mov eax, 4
11         int 0x80
12         mov ebx, 0
13         mov eax, 1
14         int 0x80  开始调试javen@javen-laptop:~/study$ nasm -f elf hello.asm -g -F stabs

javen@javen-laptop:~/study$ gcc -o hello hello.o -g
javen@javen-laptop:~/study$ gdb hello
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"

(gdb)

开始运行

(gdb) start
Breakpoint 1 at 0x80483a0: file hello.asm, line 7.
Starting program: /home/javen/study/hello
main () at hello.asm:7
7 mov edx, len
(gdb)

查看反汇编，结果是AT&T语法。

(gdb) disassemble
Dump of assembler code for function main:
0x080483a0 <main+0>:    mov    $0xe,%edx
0x080483a5 <main+5>:    mov    $0x804a010,%ecx
0x080483aa <main+10>:    mov    $0x1,%ebx
0x080483af <main+15>:    mov    $0x4,%eax
0x080483b4 <main+20>:    int    $0x80
0x080483b6 <main+22>:    mov    $0x0,%ebx
0x080483bb <main+27>:    mov    $0x1,%eax
0x080483c0 <main+32>:    int    $0x80
0x080483c2 <main+34>:    nop
0x080483c3 <main+35>:    nop
0x080483c4 <main+36>:    nop
0x080483c5 <main+37>:    nop
0x080483c6 <main+38>:    nop
0x080483c7 <main+39>:    nop
0x080483c8 <main+40>:    nop
0x080483c9 <main+41>:    nop
0x080483ca <main+42>:    nop
0x080483cb <main+43>:    nop
0x080483cc <main+44>:    nop
0x080483cd <main+45>:    nop
0x080483ce <main+46>:    nop
0x080483cf <main+47>:    nop

运行下一步，并查看寄存器，eip改变

(gdb) n
8            mov ecx, msg
(gdb) info register
eax            0xbfcd9864    -1077045148
ecx            0xe2d47497    -489393001
edx            0xe    14
ebx            0xb80c3ff4    -1207156748
esp            0xbfcd97dc    0xbfcd97dc
ebp            0xbfcd9838    0xbfcd9838
esi            0x80483e0    134513632
edi            0x80482e0    134513376
eip            0x80483a5    0x80483a5 <main+5>
eflags         0x246    [ PF ZF IF ]
cs             0x73    115
ss             0x7b    123
ds             0x7b    123
es             0x7b    123
fs             0x0    0
gs             0x33    51
(gdb) n
9            mov ebx, 1
(gdb) info register
eax            0xbfcd9864    -1077045148
ecx            0x804a010    134520848
edx            0xe    14
ebx            0xb80c3ff4    -1207156748
esp            0xbfcd97dc    0xbfcd97dc
ebp            0xbfcd9838    0xbfcd9838
esi            0x80483e0    134513632
edi            0x80482e0    134513376
eip            0x80483aa    0x80483aa <main+10>
eflags         0x246    [ PF ZF IF ]
cs             0x73    115
ss             0x7b    123
ds             0x7b    123
es             0x7b    123
fs             0x0    0
gs             0x33    51
(gdb)

查看内存

(gdb) x  0x80483aa
0x80483aa <main+10>:    0x000001bb
(gdb) x  0x80483a5
0x80483a5 <main+5>:    0x04a010b9
(gdb)

详细的gdb使用网上搜索。

gdb调试汇编
首先看一个最基本的nasm语法汇编程序hello.asm： section .text
global main
main:
mov eax,4 ;4号调用
mov ebx,1 ;ebx送1表示stdout
mov ecx,msg ;字符串的首地址送入ecx
mov edx,14 ;字符串的长度送入edx
int 80h ;输出字串
mov eax,1 ;1号调用
int 80h ;结束
msg:
db "Hello World!",0ah,0dh
我们想调用gdb进行调试，该怎么办呢？
请看下面的示例：
[root@localhost asm]# nasm -f elf hello.asm -g -F stabs
[root@localhost asm]# gcc -o hello hello.o -g
[root@localhost asm]# gdb hello
eflags 0x246 [ PF ZF IF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
(gdb) n : 72 'H' 101 'e' 108 'l' 108 'l' 111 'o'
(gdb) n
9 int 80h ;输出字串
(gdb) n
Hello
10 mov eax,1 ;1号调用
(gdb) n
11 int 80h ;结束
(gdb) n
Program exited with code 01.
(gdb)