本节课讲了debug和release两种发布方法
F10单步步过 F11单步步入
本人用vs2015仿照视频实测
进入main函数后的地址:00C517A0
准备call printf时的地址:00C517C3
被call的地址:0C5131Bh
相关源代码:
int main()
{
int a, b, c;
printf("helloworld!\n");
a = 1; b = 3; c = 9;
_gettch();
return 0;
}
相关反汇编代码:
int main()
{
00C517A0 push ebp
00C517A1 mov ebp,esp
00C517A3 sub esp,0E4h
00C517A9 push ebx
00C517AA push esi
00C517AB push edi
00C517AC lea edi,[ebp-0E4h]
00C517B2 mov ecx,39h
00C517B7 mov eax,0CCCCCCCCh
00C517BC rep stos dword ptr es:[edi]
int a, b, c;
printf("helloworld!\n");
00C517BE push offset string "helloworld!\n" (0C56B30h)
00C517C3 call _printf (0C5131Bh)
00C517C8 add esp,4
a = 1; b = 3; c = 9;
00C517CB mov dword ptr [a],1
00C517D2 mov dword ptr [b],3
00C517D9 mov dword ptr [c],9
_gettch();
00C517E0 mov esi,esp
00C517E2 call dword ptr [__imp___getwch (0C59160h)]
00C517E8 cmp esi,esp
00C517EA call __RTC_CheckEsp (0C5110Eh)
return 0;
00C517EF xor eax,eax
}
完成地址值记录后,退出vs2015,将此exe源文件(debug版)发送到Olydbg中
实际操作中按地址并没有找到