Test

C++ Virtual Function #include <iostream> using namespace std ; class Foo1 { public : virtual void show () { // 虛擬函式 cout << "Foo1's show" << endl ; } }; class Foo2 : public Foo1 { public : virtual void show () { // 虛擬函式 cout << "Foo2's show" << endl ; } }; void showFooByPtr ( Foo1 * foo ) { foo -> show (); } void showFooByRef ( Foo1 & foo ) { foo . show (); } int main () { Foo1 f1 ; Foo2 f2 ; // 動態繫結 showFooByPtr (& f1 ); showFooByPtr (& f2 ); cout << endl ; // 動態繫結 showFooByRef ( f1 ); showFooByRef ( f2 ); cout << endl ; // 靜態繫結 f1 . show (); f2 . show (); return 0 ; }

C++ Hooking (using Dev-C++ 5.11 on Windows) compile and run following .cpp file Virtual Function Hook --------------------------------------------------------------------------------------------------------------------------- #include<iostream> #include<windows.h> using namespace std; class C{     public:     virtual void VF(int); }; void C::VF(int a){     printf("VF is called\n") ; } typedef void (__thiscall* VF_type) (int ); VF_type org_VF; void __fastcall hk_VF(int a){     printf("hook func is called.\n");         org_VF(a); } int main(){     C* pC = new C();     void** base = *(void***)pC;         org_VF = (VF_type)base[0];     org_VF(0);         //DWORD oldProtection;     //VirtualProtect(base, 4, PAGE_EXECUTE_READWRITE, &oldProtection);         base[0] = (void*) &hk_VF;         //VirtualProtect(base, 4, oldProtection, 0);     pC->VF(0);     return 0; }  ---------------------------------

Tool 1. tshark * 參考 : https://ithelp.ithome.com.tw/articles/10196772 [列出網卡資訊] >tshark -D [輸出成 pcap 檔] >tshark -i 8 -w C:\Users\BlackTea\Desktop\test.pcap 2. qemu [Boot from an .iso file but can't install ] >qemu-system-x86_64 -drive format=raw,media=cdrom,readonly,file=C:\Users\BlackTea\Downloads\ubuntu-16.04.6-desktop-amd64.iso -m 1024  (test in guest os) $sudo fdisk -l => /dev/loop0 .... 3. VirtualBox [ Convert .vdi to raw, qed, qcow2, vhd, vmdk ] Reference : https://medium.com/@lonardogio/convert-vdi-virtualbox-to-raw-in-windows-c96bded29640

Virtual Machine 一.qemu on Windows  >qemu-system-x86_64 -boot d -cdrom linux.iso -m 512

Bootable USB device 一. Win32DiskImager + WinISO 1.Convert .iso file to .img file through WinISO 2.Use Win32DiskImager to burn .img file to your USB device 二. rufus Use rufus to burn .iso file to your USB device  

作業系統 Operating System  How system boot 一. Hello, World ( 用 qemu & nasm ) >nasm -f bin -o helloWorld helloWorld.asm >qemu-system-x86_64 -hda C:\Users\BlackTea\Desktop\Code\Assembly\Example\helloWorld *helloWorld.asm =================================================================== org 7c00h jmp short Start Message: db 'Hello, World!' Start:      mov ax, 3     int 10h     mov ax, cs     mov es, ax     mov bp, Message             mov cx, 13     mov ax, 1301h     mov bx, 000fh     mov dl, 0     mov dh, 0     int 10h      jmp $ times 510 - ( $ - $$) db 0 dw 0xaa55 ==================================================================== 二. Hello World *將機械碼寫入到 硬碟(USB 隨身碟) 的MBR磁區 (參考: https://en.wikibooks.org/wiki/X86_Assembly/Bootloaders ) 具體作法: 1.編寫 os.asm 2.使用 nasm 將 os.asm 組譯成 os.bin(一種 flat-form 二進制檔案) 3.將 os.bin 寫入到 硬碟(USB 隨身碟) 的MBR磁區 1. os.asm ========================os.asm==================== org 7C00h j