NoteZ
NoteZ copied to clipboard
jmpews
notebook base on github issue
## Prologue 读完了感觉这本书讲的还是很基础, 但是有写有些地方只是一点而过, 没有解释为啥. 只能作为入门第一个本资料. 实力推荐 这本书, 讲的非常仔细. 虽然有点废话多. ## Somniloquy #### 16.3.2 任务全局空间和局部空间的页面映射 在保护模式时, 段部件产生线性地址就是物理地址. 但是开启分页机制(即: cr3 指定页目录地址, cr0 指定分页 flag), 此时段部件产生的线性地址并不是物理地址, 需要通过页部件从**页目录->目录项->页表->页表项->物理页地址**. 以上前提, 由于 0x80000000~0xFFFFFFFF 为内核空间, 所以此时需要重新映射物理地址...
## Prologue ## References ``` https://sourceware.org/binutils/docs-2.20/as/Pseudo-Ops.html#Pseudo-Ops http://web.mit.edu/gnu/doc/html/as_7.html http://service.scs.carleton.ca/sivarama/asm_book_web/Student_copies/ch10_macros.pdf http://users.cis.fiu.edu/~downeyt/cop3402/macros.html ``` ## Somniloguy #### `.macro` ``` .macro sum from=0, to=5 .long \from .if \to-\from sum "(\from+1)",\to .endif .endm ``` ``` .long...
## Progolue ## Smoniloquy #### GDT ``` https://en.wikipedia.org/wiki/Global_Descriptor_Table http://wiki.osdev.org/Global_Descriptor_Table ```
## Prologue ## Somniloquy #### 1. KiFastCallEntry hook #### 2. inject x64 dll to x86 application
``` [[NSFileManager defaultManager] fileExistsAtPath:path] [[NSFileManager defaultManager] contentsOfDirectoryAtPath:path error:nil] ```
## Prologue CFI == Call Frame Infomation **The CFI are informations (not native CPU instructions) describing the layout of the frame.** ## Somnliquy ## References ``` https://www.imperialviolet.org/2017/01/18/cfi.html https://sourceware.org/binutils/docs/as/CFI-directives.html http://larmbr.com/2013/09/20/x86-assembly-call-frame-and-dwarf-CFI-introduction/ ```