FREE Trial
Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

reverseEngineering2: file format elf32-i386 Disassembly of section .init: 08048294 : 8048294: 53 push %ebx 8048295: 83 ec 08 sub $0x8,%esp 8048298: e8 83 00 00

reverseEngineering2: file format elf32-i386

Disassembly of section .init:

08048294 <_init>: 8048294: 53 push %ebx 8048295: 83 ec 08 sub $0x8,%esp 8048298: e8 83 00 00 00 call 8048320 <__x86.get_pc_thunk.bx> 804829d: 81 c3 63 1d 00 00 add $0x1d63,%ebx 80482a3: 8b 83 fc ff ff ff mov -0x4(%ebx),%eax 80482a9: 85 c0 test %eax,%eax 80482ab: 74 05 je 80482b2 <_init+0x1e> 80482ad: e8 1e 00 00 00 call 80482d0 <__gmon_start__@plt> 80482b2: 83 c4 08 add $0x8,%esp 80482b5: 5b pop %ebx 80482b6: c3 ret

Disassembly of section .plt:

080482c0 <__gmon_start__@plt-0x10>: 80482c0: ff 35 04 a0 04 08 pushl 0x804a004 80482c6: ff 25 08 a0 04 08 jmp *0x804a008 80482cc: 00 00 add %al,(%eax) ...

080482d0 <__gmon_start__@plt>: 80482d0: ff 25 0c a0 04 08 jmp *0x804a00c 80482d6: 68 00 00 00 00 push $0x0 80482db: e9 e0 ff ff ff jmp 80482c0 <_init+0x2c>

080482e0 <__libc_start_main@plt>: 80482e0: ff 25 10 a0 04 08 jmp *0x804a010 80482e6: 68 08 00 00 00 push $0x8 80482eb: e9 d0 ff ff ff jmp 80482c0 <_init+0x2c>

Disassembly of section .text:

080482f0 <_start>: 80482f0: 31 ed xor %ebp,%ebp 80482f2: 5e pop %esi 80482f3: 89 e1 mov %esp,%ecx 80482f5: 83 e4 f0 and $0xfffffff0,%esp 80482f8: 50 push %eax 80482f9: 54 push %esp 80482fa: 52 push %edx 80482fb: 68 90 84 04 08 push $0x8048490 8048300: 68 20 84 04 08 push $0x8048420 8048305: 51 push %ecx 8048306: 56 push %esi 8048307: 68 ec 83 04 08 push $0x80483ec 804830c: e8 cf ff ff ff call 80482e0 <__libc_start_main@plt> 8048311: f4 hlt 8048312: 66 90 xchg %ax,%ax 8048314: 66 90 xchg %ax,%ax 8048316: 66 90 xchg %ax,%ax 8048318: 66 90 xchg %ax,%ax 804831a: 66 90 xchg %ax,%ax 804831c: 66 90 xchg %ax,%ax 804831e: 66 90 xchg %ax,%ax

08048320 <__x86.get_pc_thunk.bx>: 8048320: 8b 1c 24 mov (%esp),%ebx 8048323: c3 ret 8048324: 66 90 xchg %ax,%ax 8048326: 66 90 xchg %ax,%ax 8048328: 66 90 xchg %ax,%ax 804832a: 66 90 xchg %ax,%ax 804832c: 66 90 xchg %ax,%ax 804832e: 66 90 xchg %ax,%ax

08048330 : 8048330: b8 2f a0 04 08 mov $0x804a02f,%eax 8048335: 2d 2c a0 04 08 sub $0x804a02c,%eax 804833a: 83 f8 06 cmp $0x6,%eax 804833d: 76 1a jbe 8048359 804833f: b8 00 00 00 00 mov $0x0,%eax 8048344: 85 c0 test %eax,%eax 8048346: 74 11 je 8048359 8048348: 55 push %ebp 8048349: 89 e5 mov %esp,%ebp 804834b: 83 ec 14 sub $0x14,%esp 804834e: 68 2c a0 04 08 push $0x804a02c 8048353: ff d0 call *%eax 8048355: 83 c4 10 add $0x10,%esp 8048358: c9 leave 8048359: f3 c3 repz ret 804835b: 90 nop 804835c: 8d 74 26 00 lea 0x0(%esi,%eiz,1),%esi

08048360 : 8048360: b8 2c a0 04 08 mov $0x804a02c,%eax 8048365: 2d 2c a0 04 08 sub $0x804a02c,%eax 804836a: c1 f8 02 sar $0x2,%eax 804836d: 89 c2 mov %eax,%edx 804836f: c1 ea 1f shr $0x1f,%edx 8048372: 01 d0 add %edx,%eax 8048374: d1 f8 sar %eax 8048376: 74 1b je 8048393 8048378: ba 00 00 00 00 mov $0x0,%edx 804837d: 85 d2 test %edx,%edx 804837f: 74 12 je 8048393 8048381: 55 push %ebp 8048382: 89 e5 mov %esp,%ebp 8048384: 83 ec 10 sub $0x10,%esp 8048387: 50 push %eax 8048388: 68 2c a0 04 08 push $0x804a02c 804838d: ff d2 call *%edx 804838f: 83 c4 10 add $0x10,%esp 8048392: c9 leave 8048393: f3 c3 repz ret 8048395: 8d 74 26 00 lea 0x0(%esi,%eiz,1),%esi 8048399: 8d bc 27 00 00 00 00 lea 0x0(%edi,%eiz,1),%edi

080483a0 <__do_global_dtors_aux>: 80483a0: 80 3d 2c a0 04 08 00 cmpb $0x0,0x804a02c 80483a7: 75 13 jne 80483bc <__do_global_dtors_aux+0x1c> 80483a9: 55 push %ebp 80483aa: 89 e5 mov %esp,%ebp 80483ac: 83 ec 08 sub $0x8,%esp 80483af: e8 7c ff ff ff call 8048330 80483b4: c6 05 2c a0 04 08 01 movb $0x1,0x804a02c 80483bb: c9 leave 80483bc: f3 c3 repz ret 80483be: 66 90 xchg %ax,%ax

080483c0 : 80483c0: b8 08 9f 04 08 mov $0x8049f08,%eax 80483c5: 8b 10 mov (%eax),%edx 80483c7: 85 d2 test %edx,%edx 80483c9: 75 05 jne 80483d0 80483cb: eb 93 jmp 8048360 80483cd: 8d 76 00 lea 0x0(%esi),%esi 80483d0: ba 00 00 00 00 mov $0x0,%edx 80483d5: 85 d2 test %edx,%edx 80483d7: 74 f2 je 80483cb 80483d9: 55 push %ebp 80483da: 89 e5 mov %esp,%ebp 80483dc: 83 ec 14 sub $0x14,%esp 80483df: 50 push %eax 80483e0: ff d2 call *%edx 80483e2: 83 c4 10 add $0x10,%esp 80483e5: c9 leave 80483e6: e9 75 ff ff ff jmp 8048360 80483eb: 90 nop

080483ec

: 80483ec: 55 push %ebp 80483ed: 89 e5 mov %esp,%ebp 80483ef: 83 ec 10 sub $0x10,%esp 80483f2: c7 45 fc 1c a0 04 08 movl $0x804a01c,-0x4(%ebp) 80483f9: 8b 75 fc mov -0x4(%ebp),%esi 80483fc: 8b 3e mov (%esi),%edi 80483fe: 83 c6 0c add $0xc,%esi 8048401: 8b 3e mov (%esi),%edi 8048403: 83 ee 08 sub $0x8,%esi 8048406: 8b 3e mov (%esi),%edi 8048408: 83 c6 04 add $0x4,%esi 804840b: 8b 3e mov (%esi),%edi 804840d: b8 00 00 00 00 mov $0x0,%eax 8048412: c9 leave 8048413: c3 ret 8048414: 66 90 xchg %ax,%ax 8048416: 66 90 xchg %ax,%ax 8048418: 66 90 xchg %ax,%ax 804841a: 66 90 xchg %ax,%ax 804841c: 66 90 xchg %ax,%ax 804841e: 66 90 xchg %ax,%ax

08048420 <__libc_csu_init>: 8048420: 55 push %ebp 8048421: 57 push %edi 8048422: 31 ff xor %edi,%edi 8048424: 56 push %esi 8048425: 53 push %ebx 8048426: e8 f5 fe ff ff call 8048320 <__x86.get_pc_thunk.bx> 804842b: 81 c3 d5 1b 00 00 add $0x1bd5,%ebx 8048431: 83 ec 1c sub $0x1c,%esp 8048434: 8b 6c 24 30 mov 0x30(%esp),%ebp 8048438: 8d b3 04 ff ff ff lea -0xfc(%ebx),%esi 804843e: e8 51 fe ff ff call 8048294 <_init> 8048443: 8d 83 00 ff ff ff lea -0x100(%ebx),%eax 8048449: 29 c6 sub %eax,%esi 804844b: c1 fe 02 sar $0x2,%esi 804844e: 85 f6 test %esi,%esi 8048450: 74 27 je 8048479 <__libc_csu_init+0x59> 8048452: 8d b6 00 00 00 00 lea 0x0(%esi),%esi 8048458: 8b 44 24 38 mov 0x38(%esp),%eax 804845c: 89 2c 24 mov %ebp,(%esp) 804845f: 89 44 24 08 mov %eax,0x8(%esp) 8048463: 8b 44 24 34 mov 0x34(%esp),%eax 8048467: 89 44 24 04 mov %eax,0x4(%esp) 804846b: ff 94 bb 00 ff ff ff call *-0x100(%ebx,%edi,4) 8048472: 83 c7 01 add $0x1,%edi 8048475: 39 f7 cmp %esi,%edi 8048477: 75 df jne 8048458 <__libc_csu_init+0x38> 8048479: 83 c4 1c add $0x1c,%esp 804847c: 5b pop %ebx 804847d: 5e pop %esi 804847e: 5f pop %edi 804847f: 5d pop %ebp 8048480: c3 ret 8048481: eb 0d jmp 8048490 <__libc_csu_fini> 8048483: 90 nop 8048484: 90 nop 8048485: 90 nop 8048486: 90 nop 8048487: 90 nop 8048488: 90 nop 8048489: 90 nop 804848a: 90 nop 804848b: 90 nop 804848c: 90 nop 804848d: 90 nop 804848e: 90 nop 804848f: 90 nop

08048490 <__libc_csu_fini>: 8048490: f3 c3 repz ret 8048492: 66 90 xchg %ax,%ax

Disassembly of section .fini:

08048494 <_fini>: 8048494: 53 push %ebx 8048495: 83 ec 08 sub $0x8,%esp 8048498: e8 83 fe ff ff call 8048320 <__x86.get_pc_thunk.bx> 804849d: 81 c3 63 1b 00 00 add $0x1b63,%ebx 80484a3: 83 c4 08 add $0x8,%esp 80484a6: 5b pop %ebx 80484a7: c3 ret

Use Linux executable reverseEngineering2 for this question (see the Useful Files area of the Course Content for where to find the file). Run the file using gdb.

This code places the value 0xABCD into register EDI. After putting that value into EDI, the code puts 3 more values into EDI. Those values are:

Question 2 options:

1)

0xBEEF, 0xDEAD, 0xDEAF

2)

0xBEEF, 0xDEAF, 0xDEAD

3)

0xDEAD, 0xDEAF, 0xBEEF

4)

0xDEAF, 0xBEEF, 0xDEAD

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Implementing Ai And Machine Learning For Business Optimization

Implementing Ai And Machine Learning For Business Optimization

Authors: Robert K Wiley

1st Edition

B0CPQJW72N, 979-8870675855

More Books

Students also viewed these Databases questions

Question

Ester is walking to her chemistry class when she notices someone in the distance suddenly duck into a dark doorway. She is suspicious and starts to chase the figure, but misjudges the distance and...

Answered: 1 week ago

Question

1. Look at Vermont Heritages sales revenue, EBIT, and net income over the three-year period. Would you classify it as a growing, diminishing, or a stable company? 2. Look at Vermont Heritages expense...

Answered: 1 week ago

Question

reverseEngineering2: file format elf32-i386 Disassembly of section .init: 08048294 : 8048294: 53 push %ebx 8048295: 83 ec 08 sub $0x8,%esp 8048298: e8 83 00 00 00 call 8048320 804829d: 81 c3 63 1d 00...

Answered: 1 week ago

Question

The MODULO function is essential to crypto, and we will need it when we go over the Tupper function. Here is a quick assignment to get familiar with it: I am an alien with only 6 fingers so I...

Answered: 1 week ago

Question

Researchers conduct a RCT to test the impact of a literacy program on a set of student volunteers, and have the following information. Average Literacy Rate in the US Population is = 80% Average...

Answered: 1 week ago

Question

T5.4 Computer voice recognition software is getting better. Some companies claim that their software correctly recognizes 98% of all words spoken by a trained user. To simulate recognizing a single...

Answered: 1 week ago

Question

Below is a frequency table for the General Social Survey variable SOCOMMUN, which is based on the survey question, "How often do you spend an evening with someone who lives in your neighborhood?" In...

Answered: 1 week ago

Question

1. [5 marks] Consider L = lim n 6 1 -(+) i= Write down an integral with value L. Justify your expression.

Answered: 1 week ago

Question

Check Your Understanding Practise 1. Determine whether each relation is a function or is not a function. Give a reason for your answer. a) (1, 2), (0, 1), (1, 2), (2, 5) b) (3, 12), (4, 12), (5, 14),...

Answered: 1 week ago

Question

4. Support and enliven your speech with effective research

Answered: 1 week ago

Question

1. Describe the power of public speaking and how preparation eases natural nervousness

Answered: 1 week ago

Question

3. Choose an appropriate topic and develop it

Answered: 1 week ago

Previous Question Next Question