GDB shows “neg” instruction or $0xffffffffffffffff,%eax jmp 0x7f94f7fce0d0 mov 0x296e5f(%rip),%rax # 0x7f94f8264f98 neg %edx mov %edx,%fs:(%rax) or $0xffffffffffffffff,%eax jmp 0x7f94f7fce10f End of assembler dump. (gdb) 0x00007f94f7fce139 : neg %edx Process Involved software : gnome-panel. The launcher and docking facility for GNOME Explanation The neg (negate) instruction takes the two’s complement of a byte or word. …
Category Archives: Uncategorized
Print With Delay 0.5 (process independency)
/* Jeffrin Jose Licensed GPL v3 Copyright August 2010 GPL –> http://www.gnu.org/copyleft/gpl.html */ #include #include #include int main() { int seconds; int i=0,getptr; pid_t pid; char array[20]=”Happy Friendship Day”; /* printf(“n Happy Friendship Day n”); */ pid=fork(); if (pid == 0) { setsid(); setenv(“PS1″,”$”,1); /* getptr=getenv(“PS1”); printf(“%s”,getptr); */ printf(“\n”); for(i=0;i<20;i++) { printf("%c",array[i]); /* for(seconds=0;seconds<100000000;seconds++);*/ /* …
Continue reading “Print With Delay 0.5 (process independency)”
pop an address from the stack..
GDB shows retq instruction (gdb) disassemble Dump of assembler code for function __read_nocancel: 0x00007fbd743e0e89 : mov $0x0,%eax 0x00007fbd743e0e8e : syscall => 0x00007fbd743e0e90 : cmp $0xfffffffffffff001,%rax 0x00007fbd743e0e96 : jae 0x7fbd743e0ec9 0x00007fbd743e0e98 : retq End of assembler dump. (gdb) Process Involved GPL Ghostscript 8.71. PostScript and PDF language interpreter and previewer. A Screen Shot GPL Ghostscript 8.71 …
Print With Delay 0.4 (fork step 1)
/* Jeffrin Jose Licensed GPL v3 Copyright August 2010 GPL –> http://www.gnu.org/copyleft/gpl.html */ #include #include #include int main() { int seconds; int i=0,getptr; pid_t pid; char array[20]=”Happy Friendship Day”; /* printf(“n Happy Friendship Day n”); */ pid=fork(); if (pid == 0) { setenv(“PS1″,”$”,1); /* getptr=getenv(“PS1”); printf(“%s”,getptr); */ printf(“\n”); for(i=0;i<20;i++) { printf("%c",array[i]); /* for(seconds=0;seconds<100000000;seconds++);*/ /* system("sleep …
Print With Delay 0.3
/* Jeffrin Jose Licensed GPL v3 Copyright August 2010 GPL –> http://www.gnu.org/copyleft/gpl.html */ #include #include int main() { int seconds; int i=0; char array[20]=”Happy Friendship Day”; /* printf(“n Happy Friendship Day n”); */ for(i=0;i<20;i++) { printf("%c",array[i]); /* for(seconds=0;seconds<100000000;seconds++);*/ /* system("sleep 1s");*/ fflush(stdout); sleep(1); } printf("\n"); for(i=0;i<20;i++) { printf("%c",'-'); /* for(seconds=0;seconds<100000000;seconds++);*/ /* system("sleep 1s");*/ fflush(stdout); usleep(100000); …
CMP . Instruction
WinDbg shows cmp Instruction 7c9011ec 803d94b0977c00 cmp byte ptr [ntdll!fltused+0x4c (7c97b094)],0 7c9011f3 8b7508 mov esi,dword ptr [ebp+8] 7c9011f6 8945fc mov dword ptr [ebp-4],eax 7c9011f9 0f85d7ec0000 jne ntdll!RtlInitUnicodeStringEx+0x61 (7c90fed6) 7c9011ff f6461010 test byte ptr [esi+10h],10h 7c901203 0f84cdec0000 je ntdll!RtlInitUnicodeStringEx+0x61 (7c90fed6) 7c901209 5e pop esi 7c90120a c9 leave 7c90120b c20400 ret 4 ntdll!DbgBreakPoint: 7c90120e cc int 3 …
Print With Delay 0.2
/* Jeffrin Jose Licensed GPL v3 Copyright August 2010 GPL –> http://www.gnu.org/copyleft/gpl.html */ #include #include int main() { int seconds; int i=0; char array[20]=”Happy Friendship Day”; /* printf(“n Happy Friendship Day n”); */ for(i=0;i<20;i++) { printf("%c",array[i]); /* for(seconds=0;seconds<100000000;seconds++);*/ /* system("sleep 1s");*/ fflush(stdout); sleep(1); } printf("\n"); return 0; }
fork example.
/* Jeffrin Jose <jeffrin@rocketmail.com> Licensed GPL v3 Copyright August 2010 GPL –> http://www.gnu.org/copyleft/gpl.html */ #include #include main() { /* fork(); */ printf(“nhellon”); fork(); printf(“n World n”); }
print with delay 0.1
/* Jeffrin Jose Licensed GPL v3 Copyright 2010 GPL –> http://www.gnu.org/copyleft/gpl.html */ #include #include int main() { int seconds; int i=0; char array[20]=”Happy Friendship Day”; /* printf(“n Happy Friendship Day n”); */ for(i=0;i<20;i++) { printf("%c",array[i]); /* for(seconds=0;seconds<100000000;seconds++);*/ /* system("sleep 1s");*/ sleep(1); /* Delay not Properly Implemented . FIXME. */ } printf("n"); return 0; }
exclusive OR Instruction :-
GDB shows XOR Instruction (gdb) disassemble 0x00007f16db50b647 Dump of assembler code for function gtk_main: 0x00007f16db50b5a0 : push %r15 0x00007f16db50b5a2 : xor %edi,%edi 0x00007f16db50b5a4 : mov $0x1,%esi 0x00007f16db50b5a9 : push %r14 0x00007f16db50b5ab : push %r13 0x00007f16db50b5ad : push %r12 0x00007f16db50b5af : push %rbp 0x00007f16db50b5b0 : push %rbx 0x00007f16db50b5b1 : sub $0x38,%rsp 0x00007f16db50b5b5 : addl $0x1,0x4e2af4(%rip) # …