Basic Rev-6 | Notion

Untitled

main함수다. loc_140001106 함수에서 입력값을 비교하는 거 같다.

Untitled

.text:0000000140001000 sub_140001000   proc near               ; CODE XREF: main+4E↓p
.text:0000000140001000
.text:0000000140001000 var_18          = dword ptr -18h
.text:0000000140001000 arg_0           = qword ptr  8
.text:0000000140001000
.text:0000000140001000                 mov     [rsp+arg_0], rcx
.text:0000000140001005                 sub     rsp, 18h
.text:0000000140001009                 mov     [rsp+18h+var_18], 0
.text:0000000140001010                 jmp     short loc_14000101A
.text:0000000140001012 ; ---------------------------------------------------------------------------
.text:0000000140001012
.text:0000000140001012 loc_140001012:                          ; CODE XREF: sub_140001000:loc_140001053↓j
.text:0000000140001012                 mov     eax, [rsp+18h+var_18]
.text:0000000140001015                 inc     eax
.text:0000000140001017                 mov     [rsp+18h+var_18], eax
.text:000000014000101A
.text:000000014000101A loc_14000101A:                          ; CODE XREF: sub_140001000+10↑j
.text:000000014000101A                 movsxd  rax, [rsp+18h+var_18]
.text:000000014000101E                 cmp     rax, 12h
.text:0000000140001022                 jnb     short loc_140001055
.text:0000000140001024                 movsxd  rax, [rsp+18h+var_18]
.text:0000000140001028                 mov     rcx, [rsp+18h+arg_0]
.text:000000014000102D                 movzx   eax, byte ptr [rcx+rax]
.text:0000000140001031                 lea     rcx, byte_140003020
.text:0000000140001038                 movzx   eax, byte ptr [rcx+rax]
.text:000000014000103C                 movsxd  rcx, [rsp+18h+var_18]
.text:0000000140001040                 lea     rdx, unk_140003000
.text:0000000140001047                 movzx   ecx, byte ptr [rdx+rcx]
.text:000000014000104B                 cmp     eax, ecx
.text:000000014000104D                 jz      short loc_140001053
.text:000000014000104F                 xor     eax, eax
.text:0000000140001051                 jmp     short loc_14000105A
.text:0000000140001053 ; ---------------------------------------------------------------------------
.text:0000000140001053
.text:0000000140001053 loc_140001053:                          ; CODE XREF: sub_140001000+4D↑j
.text:0000000140001053                 jmp     short loc_140001012
.text:0000000140001055 ; ---------------------------------------------------------------------------
.text:0000000140001055
.text:0000000140001055 loc_140001055:                          ; CODE XREF: sub_140001000+22↑j
.text:0000000140001055                 mov     eax, 1
.text:000000014000105A
.text:000000014000105A loc_14000105A:                          ; CODE XREF: sub_140001000+51↑j
.text:000000014000105A                 add     rsp, 18h
.text:000000014000105E                 retn
.text:000000014000105E sub_140001000   endp

Untitled

비교하는 값들을 차례대로 발견할 수 있다.

mov     [rsp+arg_0], rcx
sub     rsp, 18h
mov     [rsp+18h+var_18], 0
jmp     short loc_14000101A

위 어셈을 통해 반복문이 수행되고 있음을 알 수 있다.