Hello World – c++


Hello World Program

 

I would start with the conventional “Hello World “program written in C++ language. Program snippet is below

C++ Code

//using c++ compiler

#include <iostream>

void main()

{

std::cout<<“hello world\n”;

 

}

The above code looks simple, and lets now analyze the above code by going one step below the High level Language or simply in Assembly language. Before doing this exercise, I would like to show the steps which invovles breaking the above c++ code in assembly.

Step1 : launch the windbg tool

Step2 : Download the appropriate symbols from msdn website and provide the path of your project ( .pdb file path of your project )

Step3 : Before you provide the break point , you should know the function onto which you give the breakpoint , in our above example , we see that there is only one function named void main() , we will insert the breakpoint at main function

Step4: Program execution stops at the breakpoint inserted which is main() in our example .

Step5 : you have to disassmble the main function using “ u “ switch .

4 00411480 push    ebp

4 00411481 mov     ebp,esp

4 00411483 sub     esp,0C0h

4 00411489 push    ebx

4 0041148a push    esi

4 0041148b push    edi

4 0041148c lea     edi,[ebp-0C0h]

4 00411492 mov     ecx,30h

4 00411497 mov     eax,0CCCCCCCCh

4 0041149c rep stos dword ptr es:[edi]

5 0041149e push    offset Breaking_Code_c__!`string’ (004166fc)

5 004114a3 mov     eax,dword ptr [Breaking_Code_c__!_imp_?coutstd (0041930c)]

5 004114a8 push    eax

5 004114a9 call    Breaking_Code_c__!ILT+325(??$?6U?$char_traitsDstdstdYAAAV?$basic_ostreamDU?$char_traitsDstd (0041114a)

5 004114ae add     esp,8

7 004114b1 xor     eax,eax

7 004114b3 pop     edi

7 004114b4 pop     esi

7 004114b5 pop     ebx

7 004114b6 add     esp,0C0h

7 004114bc cmp     ebp,esp

7 004114be call    Breaking_Code_c__!ILT+390(__RTC_CheckEsp) (0041118b)

7 004114c3 mov     esp,ebp

7 004114c5 pop     ebp

7 004114c6 ret