473,406 Members | 2,705 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c / c++ > questions > can running kali in virualbox effect the output of addresses and their pointers?

Join Bytes to post your question to a community of 473,406 software developers and data experts.

can running kali in virualbox effect the output of addresses and their pointers?

for example i have the small program that passes 4 ints to test_func,

Expand|Select|Wrap|Line Numbers
  1. root@Brien:~# gcc -g -o ./stack_example stack_example.c
  2. root@Brien:~# gdb -q ./stack_example
  3. Reading symbols from /root/stack_example...done.
  4. (gdb) list
  5. 3    void test_function(int a, int b, int c, int d) {
  6. 4        int flag;
  7. 5        char buffer[10];
  8. 6    
  9. 7        flag=31337;
  10. 8        buffer[0] = 'A';
  11. 9        }
  12. 10    
  13. 11    int main() {
  14. 12        test_function(1, 2, 3, 4);
  15. (gdb) 
  16.  
  17. (gdb) disass main
  18. Dump of assembler code for function main:
  19.    0x00000000004004c9 <+0>:    push   rbp
  20.    0x00000000004004ca <+1>:    mov    rbp,rsp
  21.    0x00000000004004cd <+4>:    mov    ecx,0x4
  22.    0x00000000004004d2 <+9>:    mov    edx,0x3
  23.    0x00000000004004d7 <+14>:    mov    esi,0x2
  24.    0x00000000004004dc <+19>:    mov    edi,0x1
  25.    0x00000000004004e1 <+24>:    call   0x4004ac <test_function>
  26.    0x00000000004004e6 <+29>:    pop    rbp
  27.    0x00000000004004e7 <+30>:    ret    
  28. End of assembler dump.
  29. (gdb) disass test_function
  30. Dump of assembler code for function test_function:
  31.    0x00000000004004ac <+0>:    push   rbp
  32.    0x00000000004004ad <+1>:    mov    rbp,rsp
  33.    0x00000000004004b0 <+4>:    mov    DWORD PTR [rbp-0x14],edi
  34.    0x00000000004004b3 <+7>:    mov    DWORD PTR [rbp-0x18],esi
  35.    0x00000000004004b6 <+10>:    mov    DWORD PTR [rbp-0x1c],edx
  36.    0x00000000004004b9 <+13>:    mov    DWORD PTR [rbp-0x20],ecx
  37.    0x00000000004004bc <+16>:    mov    DWORD PTR [rbp-0x4],0x7a69
  38.    0x00000000004004c3 <+23>:    mov    BYTE PTR [rbp-0x10],0x41
  39.    0x00000000004004c7 <+27>:    pop    rbp
  40. (gdb) break 12
  41. Breakpoint 1 at 0x4004cd: file stack_example.c, line 12.
  42. (gdb) break test_function
  43. Breakpoint 2 at 0x4004bc: file stack_example.c, line 7.
  44. (gdb) run
  45. Starting program: /root/stack_example 
  46. warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
  47.  
  48.  
Expand|Select|Wrap|Line Numbers
  1.  
  2. Breakpoint 1, main () at stack_example.c:12
  3. 12        test_function(1, 2, 3, 4);
  4. (gdb) i r rsp rbp rip
  5. rsp            0x7fffffffe3a0    0x7fffffffe3a0
  6. rbp            0x7fffffffe3a0    0x7fffffffe3a0
  7. rip            0x4004cd    0x4004cd <main+4>
  8. (gdb) x/5i $rip
  9. => 0x4004cd <main+4>:    mov    ecx,0x4
  10.    0x4004d2 <main+9>:    mov    edx,0x3
  11.    0x4004d7 <main+14>:    mov    esi,0x2
  12.    0x4004dc <main+19>:    mov    edi,0x1
  13.    0x4004e1 <main+24>:    call   0x4004ac <test_function>
  14. (gdb) cont
  15. Continuing.
  16.  
  17. Breakpoint 2, test_function (a=1, b=2, c=3, d=4) at stack_example.c:7
  18. 7        flag=31337;
  19. (gdb) i r rsp rbp rip
  20. rsp            0x7fffffffe390    0x7fffffffe390
  21. rbp            0x7fffffffe390    0x7fffffffe390
  22. rip            0x4004bc    0x4004bc <test_function+16>
  23. (gdb) disass test_function
  24. Dump of assembler code for function test_function:
  25.    0x00000000004004ac <+0>:    push   rbp
  26.    0x00000000004004ad <+1>:    mov    rbp,rsp
  27.    0x00000000004004b0 <+4>:    mov    DWORD PTR [rbp-0x14],edi
  28.    0x00000000004004b3 <+7>:    mov    DWORD PTR [rbp-0x18],esi
  29.    0x00000000004004b6 <+10>:    mov    DWORD PTR [rbp-0x1c],edx
  30.    0x00000000004004b9 <+13>:    mov    DWORD PTR [rbp-0x20],ecx
  31. => 0x00000000004004bc <+16>:    mov    DWORD PTR [rbp-0x4],0x7a69
  32.    0x00000000004004c3 <+23>:    mov    BYTE PTR [rbp-0x10],0x41
  33.    0x00000000004004c7 <+27>:    pop    rbp
  34.    0x00000000004004c8 <+28>:    ret    
  35. End of assembler dump.
  36. (gdb) print $rbp-0x4
  37. $1 = (void *) 0x7fffffffe38c
  38. (gdb) print $rbp-0x10
  39. $2 = (void *) 0x7fffffffe380
  40. (gdb) x/16xw $rbp
  41. 0x7fffffffe390:    0xffffe3a0    0x00007fff    0x004004e6    0x00000000
  42. 0x7fffffffe3a0:    0x00000000    0x00000000    0xf7a70ead    0x00007fff
  43. 0x7fffffffe3b0:    0x00000000    0x00000000    0xffffe488    0x00007fff
  44. 0x7fffffffe3c0:    0x00000000    0x00000001    0x004004c9    0x00000000
  45.  
  46.  

this seems incorrect beacuse according to FILO 0x7fffffffe3c0: from L to R 1,2,3,4 in hex
0x7fffffffe3b0: from R to L should conatin return address, SFP (which should be 0x7fffffffe3a0,not 0xffffe488), flag and buffer.
Apr 8 '15 #1
0 1062

Sign in to post your reply or Sign up for a free account.

Similar topics

1
Running multiple console processes and watching their output
by: Yoav | last post by:
I need to run multiple console apps in the background and to watch their output. I have no idea if this is possible, and I don't even know where to start looking. The processes are watchers,...
Python
46
Why do people call addresses "pointers"?
by: TTroy | last post by:
Hi, I'm just wondering why people/books/experts say "the function returns a pointer to.." or "we have to send scanf a pointer to.." instead of "the function returns the address of.." or "we have...
C / C++
4
Segmentation error, running kali Virualbox
by: futSecGuy1990 | last post by:
#include <stdio.h> int main() { int i; char char_array = {'a', 'b', 'c', 'd', 'e'}; int int_array = {1, 2, 3, 4, 5}; unsigned int hacky_nonpointer;
C / C++
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!