Structure of the Memory Registers
When we play with a Buffer Overflow, knowledge of the CPU register must be known.An Intel x86-based CPU uses 8 registers as general purpose, namely: EAX, EDX, ECX, ESI,EDI, EBP, ESP and EBX.Each register in the design for a particular purpose, and each performing its functions theallows the CPU to process information efficiently.
Register EAX , used to perform calculations and store the value returned fromfunction call (function calls). Basic operations such as add, subtract, andcompare the optimized use of register EAX. Special operations such asmultiplication and division are also only in the EAX register.
Register EDX is a data Register. Basically an extension of EAX to(Help) save additional data for complex operations. It can also be usedfor general purpose data storage.
Registers ECX, also called the count register is used for loop operations. Loop operationcan store a string or counting numbers.
Registers ESI and EDI relied upon by the loop that processes the data. Register ESI is the index of the source(S on the ESI means the Source, which means the source) to the operating data and holds the location of input datastreams. EDI register points to the location where the operation data is stored, or objective index (Dthe mean EDI Destination meaningful purpose).
Register ESP is the stack pointer, and register EBP is the base pointer. These registers are usedto regulate the function calls and stack operations. When this function is called, the function arguments willpushed onto the stack and followed by the address of the sender (return address). ESP points to thetop of the stack, so it will point to the address of the sender (return address). While EBPused to refer to the call stack at the bottom.
Register EBX is the only register that is not designed for anything special. Butused for extra storage.
Register EIP is a register that points to the instruction currently being executed. When the CPUengaged in a binary, the address is always updated EIP to determine the location where the execution of thisoccur.
Register EAX , used to perform calculations and store the value returned fromfunction call (function calls). Basic operations such as add, subtract, andcompare the optimized use of register EAX. Special operations such asmultiplication and division are also only in the EAX register.
Register EDX is a data Register. Basically an extension of EAX to(Help) save additional data for complex operations. It can also be usedfor general purpose data storage.
Registers ECX, also called the count register is used for loop operations. Loop operationcan store a string or counting numbers.
Registers ESI and EDI relied upon by the loop that processes the data. Register ESI is the index of the source(S on the ESI means the Source, which means the source) to the operating data and holds the location of input datastreams. EDI register points to the location where the operation data is stored, or objective index (Dthe mean EDI Destination meaningful purpose).
Register ESP is the stack pointer, and register EBP is the base pointer. These registers are usedto regulate the function calls and stack operations. When this function is called, the function arguments willpushed onto the stack and followed by the address of the sender (return address). ESP points to thetop of the stack, so it will point to the address of the sender (return address). While EBPused to refer to the call stack at the bottom.
Register EBX is the only register that is not designed for anything special. Butused for extra storage.
Register EIP is a register that points to the instruction currently being executed. When the CPUengaged in a binary, the address is always updated EIP to determine the location where the execution of thisoccur.
Tidak ada komentar:
Posting Komentar