堆栈内存溢出
  简体   繁体   English

此字符串代表serv_addr缓冲区什么格式?

[英]What format is this string representing serv_addr buffer?

 原文  2019-03-22 13:47:09       c/ networking/ format/ byte

问题描述

So I've been reading this tutorial on how to use Frida: https://www.frida.re/docs/functions/ and I've encountered the following: 因此,我一直在阅读有关如何使用Frida的教程: https : //www.frida.re/docs/functions/,并且遇到了以下问题: 

$ ./client 127.0.0.1
connect() is at: 0x400780

Here's the serv_addr buffer:
02 00 13 88 7f 00 00 01 30 30 30 30 30 30 30 30
Press ENTER key to Continue

The tutorial states that the bytes represent 0x1388 or 5000 so clearly its not in hex or decimal. 本教程指出, 字节代表0x1388或5000,因此显然不能以十六进制或十进制表示。 I tried using base64 converters to convert the string to see if 0x1388 or 5000 comes up but no luck. 我尝试使用base64转换器将字符串转换为0x1388或5000,但是没有运气。

What format is this exactly in? 这到底是什么格式? I haven't done low level programming lately and if i recall, bytes are groups of 8 bits 1s and 0s. 我最近没有做过低级编程,如果我记得,字节是8位1和0的组。

EDIT: Yup, the tutorial states this represents a struct. 编辑:是的,本教程指出这代表一个结构。 But how did he know that it represents 0x1388? 但是他怎么知道它代表0x1388? If I received a string like this is there a way for me to understand that it represents a particular value without being the author of the code that sent the message? 如果我收到这样的字符串,是否可以让我理解它表示特定的值,而不必是发送消息的代码的作者?

1 个解决方案

解决方案1
 1 已采纳  2019-03-22 13:56:55

The relevant parts of the code is this: 代码的相关部分是这样的: 

printf ("\nHere's the serv_addr buffer:\n");
b = (unsigned char *) &serv_addr;
for (i = 0; i != sizeof (serv_addr); i++)
  printf ("%s%02x", (i != 0) ? " " : "", b[i]);

What it is doing is simply printing the raw data from the structure serv_addr (which is of type struct sockaddr_in ). 它所做的只是从结构serv_addr (类型为struct sockaddr_in )中打印原始数据。

There's no "string" here (in the sense of a C null-terminated byte string). 此处没有“字符串”(就以C空终止的字节字符串而言)。

The 0x1388 is the value of serv_addr.sin_port , which is printed as the third and fourth byte ( 13 and 88 , in network ( big endian ) byte order). 所述0x1388是的值serv_addr.sin_port ,其上印刷如在第三和第四字节( 1388 ,在网络( 大端 )字节顺序)。

Knowing that the output is the raw data of a sockaddr_in structure, we can decipher the data easily 知道输出是sockaddr_in结构的原始数据,我们可以轻松地解密数据

  • 02 00 This is the sin_family member, with the value 2 (decimal). 02 00这是sin_family成员,值为2 (十进制)。 This value corresponds to AF_INET . 该值对应于AF_INET This is in host byte order. 这是主机字节顺序。

  • 13 88 This is (as already mentioned) the network byte order of the port in sin_port . 13 88 (如前所述)这是sin_port端口的网络字节顺序。

  • 7f 00 00 01 This is the sin_addr member, and corresponds to the IP address 127.0.0.1 ( 7f is 127 ). 7f 00 00 01这是sin_addr成员,对应于IP地址127.0.0.17f127 )。 This is also in network byte order. 这也是网络字节顺序。

  • The rest, 30 30 30 30 30 30 30 30 , is "garbage" that fills the structure up to a common size for struct sockaddr , which is 16 bytes long. 其余的30 30 30 30 30 30 30 30是“垃圾”,它将结构填充到struct sockaddr的公共大小,该大小为16字节长。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 in_addr_t 到字符串 - in_addr_t to string 什么是[0] = addr&0xff? - what does a[0] = addr & 0xff? 如何将多播地址字符串转换为 in_addr 或 in_addr6 - How to convert a multicast address string to in_addr or in_addr6 clang 是否支持格式字符串 %ms 以便 scanf() 分配缓冲区? - Does clang support format string %ms so scanf() allocates the buffer? 固定字符串的printf格式是什么? - What is the printf format for fixed string? addr2line中的“鉴别器”是什么? - What's the “discriminator” in addr2line? 在堆栈上分配大小的字符串缓冲区的好方法是什么? - What is a good way to allocate a sized string buffer on the stack? 缓冲区溢出攻击格式 - Buffer overflow attack format 字段 s_addr 的结构体 in_addr 的默认值是多少? - What's the default value of the structure in_addr for the field s_addr? 将变量与 C 中的字符串进行比较的正确格式是什么? - What is the proper format for comparing a variable to a string in C?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM