Gray Hat Hacking: The Ethical Hacker??™s Handbook
314
Listing 13-4
mov eax, stderr
mov [esp+250h+var_244], eax
mov [esp+250h+var_248], 14h
mov [esp+250h+var_24C], 1
mov [esp+250h+var_250], offset aUsageFetchHost ; "usage: fetch
\n"
call fwrite
mov [esp+250h+var_250], 1
call exit
; ------------------------------------------------------------
loc_804825F: ; CODE XREF: main+24^j
mov edx, [ebp-22Ch]
mov eax, [edx+4]
add eax, 4
mov eax, [eax]
mov [esp+250h+var_250], eax
call gethostbyname
mov [ebp-10h], eax
Listing 13-5
mov eax, off_80BEBE4
mov [esp+250h+var_244], eax
mov [esp+250h+var_248], 14h
mov [esp+250h+var_24C], 1
mov [esp+250h+var_250], offset aUsageFetchHost ; "usage: fetch \n"
call loc_8048F7C
mov [esp+250h+var_250], 1
call sub_8048BB0
; ------------------------------------------------------------
loc_804825F: ; CODE XREF: sub_8048208+24^j
mov edx, [ebp-22Ch]
mov eax, [edx+4]
add eax, 4
mov eax, [eax]
mov [esp+250h+var_250], eax
call loc_8052820
mov [ebp-10h], eax
In Listing 13-5, we have lost the names of stderr, fwrite, exit, and gethostbyname, and
each is indistinguishable from any other user space function or global variable. The danger
we face is that being presented with the binary from Listing 13-5, we might attempt
to reverse-engineer the function at loc_8048F7C.
Pages:
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565