Environmental construction
At present, there are few information about this area. So this is what I am determined to write some things. I hope this article can help everyone. You must have a certain basis before reading this article. Otherwise, there is a big difficult time when reading, first of all, you have to understand the assembly language and C language. Second, you will use Linux.
First of all, I have to introduce, the hardware and software environment you need.
1, an Intel, I386 architecture PC or higher
2, a Linux operating system, such as a red hat.
3, GNU GCC compiler, this C compiler is usually Linux comes with. Use this command (gcc -version) to check the following version, I am displayed here 2.7.2.3. Maybe where you might show it is not this version, but I think there should be no big problem.
4, version of NASM with 0.97 or higher. NASM is a compiler compiler that supports cheap and multi-file object format. Its syntax design is very simple, it is easy to get started. Looking here to find the corresponding version http://www.ibiblio.org/pub/linux/devel/lang/assemblers/
5, a text editor
Install assembly compiler
Use the files downloaded from the Internet, decompressed in an appropriate directory, enter the following command:
Gunzip NASM-0.97.Tar.gz
Tar -Vxf NASM-0.97.tar
The above command creates a directory called NASM-0.97, enter the directory We start compiling this assembly compiler, enter the following command:
./configure
Make
This will create two executable NASM and NDISASM .. You can take these two files to / usr / bin so that you can easily execute the file. Next, you can delete all the files that have just been created by compilation and directory. After these steps, we can start entering the real theme.
Start compiling our first binary
Use any text editor, create a file called Test.c, then enter the following:
Int main () {
}
Then we start compiling this file. Enter the following command:
GCC -C Test.c
ld -o test -ttext 0x0 -e main test.o
Objcopy -r .note -r .comment -s -o binary test test.bin
Note that the Test.bin file here is a file of binary machine code, and the executable we usually run in Windows and Linux is different. It is necessary to load the binary machine code after being loaded by the loader of the operating system after being loaded by the operating system before being loaded. The executable is not the theme of this article, and we will not discuss this here. If you want to learn to crack, you can follow the kung fu in the binary machine code file. I believe that this will be helpful to you, it is good now to return to Zhengchuan, began to introduce the binary machine code.
After the above steps, we have created a binary machine code file called Test.bin. We can see our first binary machine code file with NDISASM just compiled. Please enter the following command:
NDISASM -B 32 TEST.BIN
When you press Enter, you will output the following on the screen:
00000000 55 PUSH EBP
00000001 89E5 MOV EBP, ESP
00000003 C9 Leave
00000004 C3 RET
We will see three columns on the screen, the first column is the address representing the instruction in memory. The second column is the binary code of the instruction, and the third column is the assembly code of the instruction. Note that the assembly code of the instruction is corresponding to the binary code of the instruction. You should notice that this is a 32-bit code, GNC GCC can only generate 32-bit code. Therefore, it is necessary to run this program to run in a 32-bit environment. This code is just a framework of a function of a function and does not execute any instructions. The EBP pointer is used to save the function parameters.
