AIX PowerPC体系结构及其溢出技术学习笔记(7)

来源：网络收集时间：2019-03-23 下载这篇文档手机版

说明：文章内容仅供预览，部分内容可能不全，需要完整文档或者需要复制内容，请下载word后使用。下载word有问题请添加微信号:或QQ：处理（尽可能给您提供完整文档），感谢您的支持与谅解。

(gdb)

0x1000735c in socket () (gdb) p/x $r2 $1 = 0x8d (gdb) c Continuing.

Breakpoint 2, 0x10007448 in bind () (gdb) x/8i $pc

0x10007448 : lwz r12,32(r2) 0x1000744c : stw r2,20(r1) 0x10007450 : lwz r0,0(r12) 0x10007454 : lwz r2,4(r12) 0x10007458 : mtctr r0 0x1000745c : bctr 0x10007460 : .long 0x0 0x10007464 : .long 0xc8000 (gdb) si

0x1000744c in bind () (gdb)

0x10007450 in bind () (gdb)

0x10007454 in bind () (gdb)

0x10007458 in bind () (gdb) p/x $r2 $2 = 0x8c (gdb) c Continuing.

Breakpoint 3, 0x1000746c in listen () (gdb) x/8i $pc

0x1000746c : lwz r12,36(r2) 0x10007470 : stw r2,20(r1) 0x10007474 : lwz r0,0(r12) 0x10007478 : lwz r2,4(r12) 0x1000747c : mtctr r0 0x10007480 : bctr 0x10007484 : .long 0x0 0x10007488 : .long 0xc8000 (gdb) si

0x10007470 in listen () (gdb)

0x10007474 in listen ()

(gdb)

0x10007478 in listen () (gdb)

0x1000747c in listen () (gdb) p/x $r2 $5 = 0x8b (gdb) c Continuing.

Breakpoint 4, 0x10007394 in naccept () (gdb) x/8i $pc

0x10007394 : lwz r12,12(r2) 0x10007398 : stw r2,20(r1) 0x1000739c : lwz r0,0(r12) 0x100073a0 : lwz r2,4(r12) 0x100073a4 : mtctr r0 0x100073a8 : bctr 0x100073ac : .long 0x0 0x100073b0 : .long 0xc8000 (gdb) si

0x10007398 in naccept () (gdb)

0x1000739c in naccept () (gdb)

0x100073a0 in naccept () (gdb)

0x100073a4 in naccept () (gdb) p/x $r2 $6 = 0x8a (gdb) c Continuing.

Breakpoint 5, 0x100074b4 in close () (gdb) x/8i $pc

0x100074b4 : lwz r12,44(r2) 0x100074b8 : stw r2,20(r1) 0x100074bc : lwz r0,0(r12) 0x100074c0 : lwz r2,4(r12) 0x100074c4 : mtctr r0 0x100074c8 : bctr 0x100074cc : .long 0x0 0x100074d0 : .long 0xc8000 (gdb) si

0x100074b8 in close ()

(gdb)

0x100074bc in close () (gdb)

0x100074c0 in close () (gdb)

0x100074c4 in close () (gdb) p/x $r2 $7 = 0xa0 (gdb) c Continuing.

Breakpoint 6, 0x100074d8 in kfcntl () (gdb) x/8i $pc

0x100074d8 : lwz r12,48(r2) 0x100074dc : stw r2,20(r1) 0x100074e0 : lwz r0,0(r12) 0x100074e4 : lwz r2,4(r12) 0x100074e8 : mtctr r0 0x100074ec : bctr 0x100074f0 : .long 0x0 0x100074f4 : .long 0xc8000 (gdb) si

0x100074dc in kfcntl () (gdb)

0x100074e0 in kfcntl () (gdb)

0x100074e4 in kfcntl () (gdb)

0x100074e8 in kfcntl () (gdb) p/x $r2 $1 = 0x142 (gdb) c Continuing.

Breakpoint 7, 0x10007328 in execve () (gdb) x/8i $pc

0x10007328 : lwz r12,0(r2) 0x1000732c : stw r2,20(r1) 0x10007330 : lwz r0,0(r12) 0x10007334 : lwz r2,4(r12) 0x10007338 : mtctr r0 0x1000733c : bctr 0x10007340 : .long 0x0

0x10007344 : .long 0xc8000 (gdb) si

0x1000732c in execve () (gdb)

0x10007330 in execve () (gdb)

0x10007334 in execve () (gdb)

0x10007338 in execve () (gdb) p/x $r2 $9 = 0x5

好了，现在我们找出在AIX 5.1下我们需要系统调用中断号的值：

socket=0x8d bind=0x8c listen=0x8b naccept=0x8a close=0xa0 kfcntl=0x142 execve=0x05

lsd已经把功能都实现了，我们只需做少许的修改：

char lsd[] =

\ \ \ \ \ \ \ \

\ \ \ /* listen=0x8b naccept=0x8a */ /* kfcntl=0x142 */

\ \ \

\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \

百度搜索“77cn”或“免费范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读，免费范文网，提供经典小说综合文库AIX PowerPC体系结构及其溢出技术学习笔记(7)在线全文阅读。

AIX PowerPC体系结构及其溢出技术学习笔记(7).doc 将本文的Word文档下载到电脑，方便复制、编辑、收藏和打印下载失败或者文档不完整，请联系客服人员解决！

下载这篇word文档

本文链接：https://www.77cn.com.cn/wenku/zonghe/542595.html（转载请注明文章来源）

上一篇：《选修5-有机化学基础》十年高考试题汇编（一）无答案 - 图文
下一篇：2012CFA一级总结(会计部分)