DATATYPES AND DATA STRUCTURES : Différence entre versions
(Page créée avec « The low-hanging fruit in understanding the )ehavior of hinary programs lies in cataloging the library functions that the program calis. A C program that calis the connect... »)
Version actuelle en date du 16 août 2019 à 01:27
The low-hanging fruit in understanding the )ehavior of hinary programs lies in cataloging the library functions that the program calis. A C program that calis the connect function is creating a network connection. A Windows program that calis RegOpenKey is accessing the Windows registry. Addïtional analysis is required, however, to gain an understanding of how and why these fonctions are called.
Discovering how a fonction is called requires learning what parameters are passed to the fonction. In the case of a connect eau, beyond the simple fact that the fonction is being called, it is important to know exactly what network address the program is connecting to. Understanding the data that is being passed into fonctions is the key to reverse engineering a functions signature (the number, type, and sequence of parameters requïred by the [unetion) and, as such, points out the importance of understanding how datatypes and data structures are manïpulated at the assembly language level.