CPU REGISTER
When we playing with
Buffer Overflow, Knowledge about CPU Register must be known. An Intel
x86-based CPU use 8 register as general purpose. There are : EAX,
EDX, ECX, ESI, EDI, EBP, ESP, dan EBX.
Each register in the
design for particular purpose, and respective perfomance of the
functions that allow the CPU to process information effeciently.
Register EAX,
used to perform calculations and store the value returned from a
function call (function calls). Basic Operations such as add,
subtract, and compare the optimezed use of register EAX, Special
operations such as multiplication and division are also only in the
EAX register.
Register EDX,
Basically an extension an extension of EAX to help save additional
data from operation complex. It can also be used for general purpose
data storage.
Register ECX,
also called the count register is used for loop operations. Loop
Operation can save string or counting number.
Register ESI and EDI,
reliable by loop who processes data. Register ESI is sources indeks (
S on ES I mean source which means the source ) to the data operations
and holds the location of the input data stream. Register EDI points
to the location where the operation data stored, or indeks purpose (
D pada ED I mean Destination which means the purpose).
Register ESP adalah
stack pointer, and Register EBP is the base Pointer. These registers
can use to set the to set the function calls and stack operations.
When this function is called, the function
of argument would be pushed into the stack and followed by the
address of the sender (return address). ESP points to the top of the
stack, so it will point to the address of the the sender (return
address). While ECP is used to points the call stack below.
Register
EBX, is
the only register that is not designed for anything special. But used
for extra strorage.
Register
EIP,
is a register that points to the instruction currently being
executed. When CPU is enganged in the binary, the address is always
updated EIP to determine location where the execution occurred.
This information will help you to do exploitation direct return exploit and SEH Basic exploitation.
GOOD LUCK
Tidak ada komentar:
Posting Komentar