16位汇编学习mov指令反汇编

那个叔叔

于 2024-03-30 10:40:41 发布

阅读量353

点赞数 6

文章标签：汇编学习

本文链接：https://blog.csdn.net/weixin_74197261/article/details/137167466

版权

8086手册mov指令图

手册比较简陋,需要自己去写些代码找些规律.

八大常用寄存器表

段寄存器表

高低位寄存器表

基址变址寄存器表

代码

MyTransfer.h头文件

#pragma once
#include<string>
#include <iostream>
#include <iomanip>
#include<map>
#include<share.h>
#include<sstream>
#include<vector>
#define BIT(a,start,end) ((a)&0xff)>>((end-start))
int GetBit(unsigned char num, int n, int m);//第n位开始的m个位数

enum RegType
{
	/*八大常用寄存器*/
	AX=0,AL=0,AH=4,
	CX=1,CL=1,CH=5,
	DX=2,DL=2,DH=6,
	BX=3,BL=3,BH=7,
	SP=4,
	BP=5,
	SI=6,
	DI=7,
	/*段寄存器*/
	ES=0,
	CS = 1,
	SS=2,
	DS=3,
	/*基址和变址寄存器*/
	BXSI=0,
	BXDI=1,
	BPSI=2,
	BPDI=3,
	IRSI=4,
	IRDI=5,
	BRBP=6,
	BRBX=7
};
class MovType
{
public:
	virtual bool cmp(unsigned char Key) = 0;//如果键值匹配返回true
	virtual std::string Decode(const char* ptr, int& offset) = 0;
	static std::string getSmallReg(int reg );//小的寄存器 ah,al...
	static std::string getGeneralReg(int reg);//八大常用寄存器
	static std::string getSegementReg(int reg);//段寄存器
	static std::string getBrIrReg(int reg);//基址变址寄存器
	static std::string getHex(unsigned char data);//获取一字节16进制数据
private:

};
class MovType1:public MovType
{
	unsigned short rm : 3;
	unsigned short reg : 3;
	unsigned short mod : 2;
	unsigned short w : 1;
	unsigned short d : 1;
	unsigned short key : 6;
public:
	
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
class MovType2 :public MovType
{
	unsigned short rm : 3;
	unsigned short z3:3;
	unsigned short mod : 2;
	unsigned short w : 1;
	unsigned  short key : 7;
public:
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
class MovType3:public MovType
{
	unsigned char reg : 3;
	unsigned char w : 1;
	unsigned char key : 4;
public:
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
class MovType4 :public MovType
{
	unsigned char w : 1;
	unsigned char key : 7;
public:
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
class MovType5 :public MovType
{
	unsigned char w : 1;
	unsigned char key : 7;
public:
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
class MovType6 :public MovType
{
	unsigned short rm : 3;
	unsigned short reg : 2;
	unsigned short z1 : 1;
	unsigned short mod : 2;
	unsigned short key : 8;
public:
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
class MovType7 :public MovType
{
	unsigned short rm : 3;
	unsigned short reg : 2;
	unsigned short z1 : 1;
	unsigned short mod : 2;
	unsigned short key : 8;
public:
	virtual bool cmp(unsigned char Key);
	virtual std::string Decode(const char* ptr, int& offset);
};
#define PMT std::shared_ptr<MovType>

class MovTransfer
{

	 
public:
	MovTransfer();
	std::string Decode(char* ptr, int& offset);
private:
	std::vector<PMT>mVec;
	//MovType* mVec[7];
private:
};
class MyTransfer
{
public:
	static  std::string Decode(char *ptr,int& offset);//解析字符串  返回
};

mytransfer.cpp

#include "MyTransfer.h"

std::string MyTransfer::Decode(char* ptr, int& index)
{
	return std::string();
}

std::string MovType::getSmallReg(int reg)
{
	switch (reg)
	{
	case AL:
		return "AL";
	case CL:
		return "CL";
	case DL:
		return "DL";
	case BL:
		return "BL";
	case AH:
		return "AH";
	case CH:
		return "CH";
	case DH:
		return "DH";
	case BH:
		return "BH";
	}
	return std::string();
}

std::string MovType::getGeneralReg(int reg)
{
	switch (reg)
	{
	case AX:
		return "AX";
	case CX:
		return "CX";
	case DX:
		return "DX";
	case BX:
		return "BX";
	case SP:
		return "SP";
	case BP:
		return "BP";
	case SI:
		return "SI";
	case DI:
		return "DI";
	}
	return std::string();
}

std::string MovType::getSegementReg(int reg)
{
	switch (reg)
	{
	case ES:
		return "ES";
	case CS:
		return "CS";
	case SS:
		return "SS";
	case DS:
		return "DS";
	}
	return std::string();
}

std::string MovType::getBrIrReg(int reg)
{
	switch (reg)
	{
	case BXSI:
		return "BX+SI";
	case BXDI:
		return "BX+DI";
	case BPSI:
		return "BP+SI";
	case BPDI:
		return "BP+DI";
	case IRSI:
		return "SI";
	case IRDI:
		return "DI";
	case BRBX:
		return "BX";
	case BRBP:
		return "BP";
	}
	return std::string();
}

std::string MovType::getHex(unsigned char data)
{
	static char a[] = { "0123456789ABCDEF" };
	std::string ret;
	do
	{
		//ret.insert(ret.begin(), a[data%16]);
		ret .insert(ret.begin(), a[data % 16]);
		data /= 16;
	} while (data > 0);
	if (ret.size() == 1)
		ret .insert(ret.begin(), '0');
	return ret;
}



bool MovType1::cmp(unsigned char Key)
{
	if (Key >= 0x88 && Key <= 0x8B)
	{
		return true;
	}
	
	return false;
}
/**/
//mod 2位
//00 表示基址变址
//01相对基址变址+1字节偏移
//10相对基址变址+2字节偏移
//11寄存器到寄存器

//w
//1 2字节寄存器
//0 1字节寄存器
//d
//0 到[reg]
//1到reg
std::string MovType1::Decode(const char* ptr, int& offset)
{
	//unsigned char 

	std::string hex_str;
	std::string ret="mov ";
	key = GetBit(ptr[0], 2, 6);
	d = GetBit(ptr[0], 1, 1);
	w = GetBit(ptr[0], 0, 1);
	mod = GetBit(ptr[1], 6, 2);
	reg = GetBit(ptr[1],3,3 );
	rm = GetBit(ptr[1], 0, 3);
	std::string Rm;
	std::string Reg;
	if (mod == 3)
	{
		Rm = w == 1 ? getGeneralReg(rm) : getSmallReg(rm);
		Reg=w==1? getGeneralReg(reg) : getSmallReg(reg);
		offset = 2;
	}
	else if (mod == 0)
	{
		Reg = w == 1 ? getGeneralReg(reg) : getSmallReg(reg);
		if (BRBP != rm)
		{
			Rm = w == 1 ? " [" + getBrIrReg(rm) + "]"
				: "[" + getBrIrReg(rm) + "]";
			offset = 2;
		}
		else
		{
			hex_str = getHex(ptr[3]) + getHex(ptr[2]);
			Rm = "[" + hex_str+"]";
			offset = 4;
		}
	}
	else if (mod == 1)
	{
		Reg = w == 1 ? getGeneralReg(reg) : getSmallReg(reg);
		hex_str = getHex(ptr[2]);
		Rm = "[" + getBrIrReg(rm)+ "+"+hex_str + "]";
		offset = 3;
	}
	else
	{
		Reg = w == 1 ? getGeneralReg(reg) : getSmallReg(reg);
		hex_str = getHex(ptr[3])+getHex(ptr[2]);
		Rm = "[" + getBrIrReg(rm) + "+" + hex_str + "]";
		offset = 4;
	}
	if (d)
	{
		ret += Reg + "," + Rm;
	}
	else
	{
		ret += Rm + "," + Reg;
	}
	return ret;
}

bool MovType2::cmp(unsigned char Key)
{
	if (Key == 0xc7 || Key == 0xc6)
		return true;
	return false;
}
// w 1两字节偏移 0一字节偏移
std::string MovType2::Decode(const char* ptr, int& offset)
{
	w = GetBit(ptr[0], 0, 1);
	rm = GetBit(ptr[1], 0, 3);
	mod = GetBit(ptr[1], 6, 2);
	std::string ret = "mov ";
	std::string hex_str;
	std::string Rm= getBrIrReg(rm);
	std::string Reg;
	ret += w == 1 ? "word ptr[" : "byte ptr[";
	if (mod == 0)
	{
		//基址变址 变址表 1/2字节数据
		if (rm!= BRBP)
		{
			ret += Rm+"],";
			hex_str = (w == 1 ? getHex(ptr[3]) : "") + getHex(ptr[2]);
			ret += hex_str;
			offset = w == 1 ? 4 : 3;
		}
		// mov [1234],1234
		else
		{
			hex_str = getHex(ptr[3]) + getHex(ptr[2]);
			ret += hex_str + "],";
			hex_str = (w == 1 ? getHex(ptr[5]) : "")+getHex(ptr[4]);
			ret += hex_str;
			offset = w == 1 ? 6: 5;
		}
	}
	else if (mod == 1)
	{
		hex_str = getHex(ptr[2]);
		ret += "[" + Rm + "+" + hex_str + "],";
		hex_str= (w == 1 ? getHex(ptr[4]) : "") + getHex(ptr[3]);
		ret += hex_str;
		offset = w == 1 ? 5 : 4;
	}
	else if (mod == 2)
	{
		hex_str = getHex(ptr[3])+getHex(ptr[2]);
		ret += "[" + Rm + "+" + hex_str + "],";
		hex_str = (w == 1 ? getHex(ptr[5]) : "") + getHex(ptr[4]);
		ret += hex_str;
		offset = w == 1 ? 6 : 5;
	}
	//mov reg ,imm
	else
	{
		Reg = w == 1 ? getGeneralReg(rm) : getSmallReg(rm);
		ret += Reg + ",";
		hex_str = (w == 1 ? getHex(ptr[3]) : "") + getHex(ptr[2]);
		ret += hex_str;
		offset = w == 1 ? 4 : 3;
	}

	return ret;
}

bool MovType3::cmp(unsigned char Key)
{
	if (Key >= 0xB0 && Key <= 0xBF)
		return true;
	return false;
}
//w 1 2字节立即数 0 1字节立即数 
std::string MovType3::Decode(const char* ptr, int& offset)
{
	w = GetBit(ptr[0], 3, 1);
	reg = GetBit(ptr[0], 0, 3);
	std::string ret="mov ";
	if (w == 1)
	{
		ret += getGeneralReg(reg)+","+getHex(ptr[2])+getHex(ptr[1]);
		offset = 3;
	}
	else
	{
		ret += getSmallReg(reg) + "," + getHex(ptr[1]) ;
		offset = 2;
	}
	return ret;
}
//内存到累加器
//w =1 ax
//w =0 al
bool MovType4::cmp(unsigned char Key)
{
	if (Key == 0xa1||Key==0xa0)
		return true;
	return false;
}

std::string MovType4::Decode(const char* ptr, int& offset)
{
	w = GetBit(ptr[0], 0, 1);
	std::string ret = "mov ";
	if (w == 1)
	{
		ret += "ax ,["+getHex(ptr[2])+getHex(ptr[1])+']';
		offset = 3;
	}
	else
	{
		ret += "al ,[" + getHex(ptr[1]) + ']';
		offset = 2;
	}
	return ret;
}

bool MovType5::cmp(unsigned char Key)
{
	if (Key == 0xa2 || Key == 0xa3)
		return true;
	return false;
}

std::string MovType5::Decode(const char* ptr, int& offset)
{
	std::string ret = "mov ";
	w = GetBit(ptr[0], 0, 1);
	if (w == 1)
	{
		ret += '[' + getHex(ptr[2]) + getHex(ptr[1])+"],ax";
		offset = 3;
	}
	else
	{
		ret += '[' + getHex(ptr[1]) + "],al";
		offset = 2;
	}
	return ret;
}

bool MovType6::cmp(unsigned char Key)
{
	if (Key == 0x8E)
		return true;
	return false;
}

std::string MovType6::Decode(const char* ptr, int& offset)
{
	mod = GetBit(ptr[1], 6, 2);
	reg = GetBit(ptr[1], 3, 2);
	rm = GetBit(ptr[1], 0, 3);
	std::string ret = "mov ";
	std::string Reg = getSegementReg(reg);
	std::string Rm = getBrIrReg(rm);
	std::string hex_str;
	ret += Reg + ",";
	if (mod == 3)
	{
		Rm = getGeneralReg(rm);
		ret += Rm;
		offset = 2;
	}
	else if (mod == 2)
	{
		hex_str = getHex(ptr[3]) + getHex(ptr[2]);
		ret += "[" + Rm + "+" + hex_str + "],";
		offset = 4;
	}
	else if (mod == 1)
	{
		hex_str = getHex(ptr[2]);
		ret += "[" + Rm + "+" + hex_str + "]";
		offset = 3;
	}
	else
	{
		if (rm == BRBP)
		{
			hex_str += getHex(ptr[3]) + getHex(ptr[2]);
			ret += "[" + hex_str + "]";
			offset = 4;
		}
		else
		{
			ret += "[" + Rm + "]";
			offset = 2;

		}
	}

	return ret;
}

bool MovType7::cmp(unsigned char Key)
{
	if (Key == 0x8c)
		return true;
	return false;
}

std::string MovType7::Decode(const char* ptr, int& offset)
{
	mod = GetBit(ptr[1], 6, 2);
	reg = GetBit(ptr[1], 3, 2);
	rm = GetBit(ptr[1], 0, 3);
	std::string ret = "mov ";
	std::string Reg = getSegementReg(reg);
	std::string Rm = getBrIrReg(rm);
	std::string hex_str;
	if (mod == 3)
	{
		Rm = getGeneralReg(rm);
		ret += Rm + ",";
		offset = 2;
	}
	else if (mod == 2)
	{
		hex_str = getHex(ptr[3]) + getHex(ptr[2]);
		ret += "[" + Rm + "+" + hex_str + "],";
		offset = 4;
	}
	else if (mod == 1)
	{
		hex_str = getHex(ptr[2]);
		ret += "[" + Rm + "+" + hex_str + "],";
		offset = 3;
	}
	else
	{
		if (rm == BRBP)
		{
			hex_str += getHex(ptr[3]) + getHex(ptr[2]);
			ret += "[" + hex_str + "],";
			offset = 4;
		}
		else
		{
			ret += "[" + Rm + "],";
			offset = 2;

		}
	}
	ret += Reg;
	return ret;

	
}

MovTransfer::MovTransfer():mVec{
PMT(new MovType1()),PMT(new MovType2()),PMT(new MovType3())
,PMT(new MovType4()),PMT(new MovType5()),PMT(new MovType6()),PMT(new MovType7()) }
{
}

std::string MovTransfer::Decode(char* ptr, int& offset)
{
	int len = mVec.size();
	for (int i = 0; i < len; i++)
	{
		if(mVec[i].use_count())
		if (mVec[i].get()->cmp(ptr[0]))
		{
			return mVec[i]->Decode(ptr, offset);
		}
	}

	return std::string();
}

int GetBit(unsigned char num, int n, int m)
{
	return (num >> n) & ((1 << m) - 1);
}

测试main函数

// disassemble.cpp : 此文件包含 "main" 函数。程序执行将在此处开始并结束。
//

#include <iostream>
#include"MyTransfer.h"
#include<Windows.h>
int main()
{
	MovTransfer type ;
	std::string szPath = "TEST7.BIN";
	HANDLE hFile = CreateFileA(
		szPath.c_str(),
		GENERIC_READ,
		FILE_SHARE_READ,
		NULL,
		OPEN_EXISTING,
		FILE_ATTRIBUTE_NORMAL,
		NULL
	);
	// 文件大小
	DWORD dwFileSize = GetFileSize(hFile, NULL);
	// 根据文件大小创建堆空间
	unsigned char* pBuf = new unsigned char[dwFileSize];
	DWORD dwBytesReaded = 0;
	// 读取文本内容
	BOOL bRet = ReadFile(
		hFile,
		pBuf,
		dwFileSize,
		&dwBytesReaded,
		NULL
	);
	char* ptr = (char*)pBuf;
	int offset = 0;
	int index = 0;
	while (index < dwFileSize)
	{
		std::cout<<type.Decode(ptr, offset)<<std::endl;
		index += offset;
		ptr += offset;
	}
		

	return 0;
}