Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

OSCE > windows-exploit-development-part-1-basics > Flashcards

windows-exploit-development-part-1-basics Flashcards

1
Q

registers

A

serve as small storage areas used to access data quickly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Tell me the names of general purpose registers?

A

8 general-purpose registers: EAX, EBX, ECX, EDX, EDI, ESI, EBP, and ESP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is EAX register used for?

A

EAX – The Accumulator Register.
It’s called the accumulator register because it’s the primary register used for common calculations (such as ADD and SUB). While other registers can be used for calculations, EAX has been given preferential status by assigning it more efficient, one-byte opcodes. Such efficiency can be important when it comes to writing exploit shellcode for a limited available buffer space (more on that in future tutorials!). In addition to its use in calculations, EAX is also used to store the return value of a function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How general purpose registers can be referenced?

A

This general purpose register can be referenced in whole or in part as follows: EAX refers to the 32-bit register in its entirety. AX refers to the least significant 16 bits which can be further broken down into AH (the 8 most significant bits of AX) and AL (the 8 least significant bits).This same whole/partial 32-, 16-, and 8-bit referencing also applies to the next three registers (EBX, ECX, and EDX)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is EBX register used for?

A

EBX – The Base Register.

In 32-bit architecture, EBX doesn’t really have a special purpose so just think of it as a catch-all for available storage. Like EAX, it can be referenced in whole (EBX) or in part (BX, BH, BL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is ECX register used for?

A

ECX – The Counter Register.

As its name implies, the counter (or count) register is frequently used as a loop and function repetition counter, though it can also be used to store any data. Like EAX, it can be referenced in whole (ECX) or in part (CX, CH, CL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is EDX register used for?

A

EDX – The Data Register

EDX is kind of like a partner register to EAX. It’s often used in mathematical operations like division and multiplication to deal with overflow where the most significant bits would be stored in EDX and the least significant in EAX. It is also commonly used for storing function variables. Like EAX, it can be referenced in whole (EDX) or in part (DX, DH, DL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is ESI register used for?

A

ESI – The Source Index

The counterpart to EDI, ESI is often used to store the pointer to a read location. For example, if a function is designed to read a string, ESI would hold the pointer to the location of that string.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is EDI register used for?

A

EDI – The Destination Index

Though it can be (and is) used for general data storage, EDI was primarily designed to store the storage pointers of functions, such as the write address of a string operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is EDI register used for?

A

EDI – The Destination Index

Though it can be (and is) used for general data storage, EDI was primarily designed to store the storage pointers of functions, such as the write address of a string operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is EBP register used for?

A

EBP – The Base Pointer

EBP is used to keep track of the base/bottom of the stack. It is often used to reference variables located on the stack by using an offset to the current value of EBP, though if parameters are only referenced by register, you may choose to use EBP for general use purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is ESP register used for?

A

ESP – The Stack Pointer

ESP is used to track the top of the stack. As items are moved to and from the stack ESP increments/decrements accordingly. Of all of the general purpose registers, ESP is rarely/never used for anything other than it’s intended purpose.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is EIP register used for?

A

The Instruction Pointer (EIP)

Not a general purpose register, but fitting to cover here, EIP points to the memory address of the next instruction to be executed by the CPU. As you’ll see in the coming tutorials, control the value of EIP and you can control the execution flow of the application (to execute code of your choosing).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is EFLAGS register?

A

EFLAGS register is comprised of a series of flags that represent Boolean values resulting from calculations and comparisons and can be used to determine when/if to take conditional jumps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Convenience Variables

A 
You can create variables in GDB to hold data
set $i = 10
set $dyn = (char*) malloc(10)
$demo = "ary"
set argv[1] = $demo
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Give example of calling routing in GDB

A

call AddNumbers(10, 20)

17
Q

Conditional break points with source code available

A

condition 1 counter == 5 (counter is a variable)

This can be done if you have a source code.

18
Q

Conditional break points without source code

A

condition 1 $eax != 0

OSCE (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions