/* C program to to show how inline assembly works */ #include #include #include

/* Some functions have been deprecated because it is so bad to use, we need to "turn them on" so we can look at the different exploits */ #pragma warning(disable : 4996) #pragma check_stack( off ) #pragma optimize( "", off )

/* * Assembly language use of printf example * */ int asm_helloworld() { char* array = (char*)malloc(6); array[0] = 'T'; array[1] = 'e'; array[2] = 's'; array[3] = 't'; array[4] = ' '; array[5] = '\0'; __asm { mov edx, dword ptr[array] push edx call printf add esp, 4 xor eax, eax } }

/* * Examine the assembly language code, what is it doing? To understand, * add the required code at the end to perform a printf of the modified * array. * */ int helloworld() { char* array = (char*)malloc(7); array[0] = 'H'; array[1] = 'e'; array[2] = 'l'; array[3] = 'l'; array[4] = 'o'; array[5] = ' '; array[6] = '\0'; printf(array);

__asm { mov eax, 1 imul ecx, eax, 0 mov edx, dword ptr[array] mov byte ptr[edx + ecx], 42h mov eax, 1 shl eax, 0 mov ecx, dword ptr[array] mov byte ptr[ecx + eax], 6Fh mov edx, 1 shl edx, 1 mov eax, dword ptr[array] mov byte ptr[eax + edx], 6Fh mov ecx, 1 imul edx, ecx, 3 mov eax, dword ptr[array] mov byte ptr[eax + edx], 4Dh mov ecx, 1 shl ecx, 2 mov edx, dword ptr[array] mov byte ptr[edx + ecx], 21h mov eax, 1 imul ecx, eax, 5 mov edx, dword ptr[array] mov byte ptr[edx + ecx], 0 /* * STUDO: Add the call out to printf and clean up the stack * What is the results of the last printf? */ }

return 0; }

/* * Break points are easy to perform in assembly language */ void lookAtOutput() { /* * This will cause the debugger to trigger, great way to stop * the application and see what's going on. It can be inserted * into any assembly code your writting */ __asm { int 3} }

int main(int argc, char** argv) { int nResult = asm_helloworld(); nResult = helloworld(); lookAtOutput(); return 0; }