X86-assembly/Instructions/sgdt
Jump to navigation
Jump to search
| You are here: | sgdt
|
Description
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Example
C source//...SNIP...
unsigned long
get_gdt_base (void)
{
unsigned char gdtr[6];
unsigned long gdt = 0;
_asm sgdt gdtr
gdt = *((unsigned long *)&gdtr[2]);
return (gdt);
}
// ... SNIP ...
void
test3 (void)
{
unsigned int gdt_base = 0;
gdt_base = get_gdt_base ();
printf ("\n[+] Test 3: GDT\n");
printf ("GDT base: 0x%x\n", gdt_base);
if ((gdt_base >> 24) == 0xff) {
printf ("Result : VMware detected\n\n");
return;
}
else {
printf ("Result : Native OS\n\n");
return;
}
}
|
Assembly.text:00401090 get_gdt_base proc near
.text:00401090
.text:00401090 var_10 = dword ptr -10h
.text:00401090 var_C = byte ptr -0Ch
.text:00401090 var_4 = dword ptr -4
.text:00401090
.text:00401090 push ebp
.text:00401091 mov ebp, esp
.text:00401093 sub esp, 10h
.text:00401096 mov eax, ___security_cookie
.text:0040109B xor eax, ebp
.text:0040109D mov [ebp+var_4], eax
.text:004010A0 mov [ebp+var_10], 0
.text:004010A7 sgdt fword ptr [ebp+var_C]
.text:004010AB mov eax, dword ptr [ebp+var_C+2]
.text:004010AE mov [ebp+var_10], eax
.text:004010B1 mov eax, [ebp+var_10]
.text:004010B4 mov ecx, [ebp+var_4]
.text:004010B7 xor ecx, ebp
.text:004010B9 call @__security_check_cookie@4 ; __security_check_cookie(x)
.text:004010BE mov esp, ebp
.text:004010C0 pop ebp
.text:004010C1 retn
.text:004010C1 get_gdt_base endp
[SNIP]
.text:004011A0 sgdt_test proc near
.text:004011A0
.text:004011A0 var_4 = dword ptr -4
.text:004011A0
.text:004011A0 push ebp
.text:004011A1 mov ebp, esp
.text:004011A3 push ecx
.text:004011A4 mov [ebp+var_4], 0
.text:004011AB call get_gdt_base
.text:004011B0 mov [ebp+var_4], eax
.text:004011B3 push offset aTest3Gdt ; "\n[+] Test 3: GDT\n"
.text:004011B8 call _printf
.text:004011BD add esp, 4
.text:004011C0 mov eax, [ebp+var_4]
.text:004011C3 push eax
.text:004011C4 push offset aGdtBase0xX ; "GDT base: 0x%x\n"
.text:004011C9 call _printf
.text:004011CE add esp, 8
.text:004011D1 mov ecx, [ebp+var_4]
.text:004011D4 shr ecx, 18h
.text:004011D7 cmp ecx, 0FFh
.text:004011DD jnz short loc_4011F0
.text:004011DF push offset aResultVmware_1 ; "Result : VMware detected\n\n"
.text:004011E4 call _printf
.text:004011E9 add esp, 4
.text:004011EC jmp short loc_4011FD
.text:004011EE ; ---------------------------------------------------------------------------
.text:004011EE jmp short loc_4011FD
.text:004011F0 ; ---------------------------------------------------------------------------
.text:004011F0
.text:004011F0 loc_4011F0:
.text:004011F0 push offset aResultNative_1 ; "Result : Native OS\n\n"
.text:004011F5 call _printf
.text:004011FA add esp, 4
.text:004011FD
.text:004011FD loc_4011FD:
.text:004011FD mov esp, ebp
.text:004011FF pop ebp
.text:00401200 retn
.text:00401200 sgdt_test endp
|