Current location: home page > Original course >Text

. net zero basics reverse tutorial lesson 6 (must skip)

In his class, shark Heng is talking about assembly, teaching you to toss key jumps with OD.

In fact, I think that the. Net tutorial should be a lot of basic code.

But I don't think it's too difficult to teach people skills directly?

After all, what I learned in the course will not make you feel the same as what I learned in class.

So from this class, I have to write the course without the copywriting of shark Heng. I hope I can write excellent copywriting.

Let's get to the point.

Today's lesson is "call stack"

First of all, what is the call stack

Suppose we have several functions: function1, function2, function3, function4, and function1 calls function2, function2 calls function3, function3 calls function4. In the running process of function4, we can know who the functions calling it are from the current stack of the thread. Looking at the order of functions, function4, function3, function2 and function1 present a "stack" feature, and the last called function appears at the top. This relationship is therefore called the call stack.

In short, we can find the execution of a function from the call stack.

Let's take a look at the following specific procedures:

Introduce the software, this software will automatically close after 3 seconds.
In order to make it easier for the zero base group to master, I added a pop-up window when closing, as shown in the figure.

Drag the software into dnspy and press F5 to run

When the pop-up window appears, interrupt it

Then you can see the source of the pop-up window in the call stack tab. If you don't have the call stack tab, you can find it in debug window call stack

At the top and bottom of my frame, there are some DLL calls with system and windows. These are system DLLs, and naturally they are not the target we are looking for. Therefore, I can quickly find the framed line which is the target I am looking for. Double click it to jump.

As shown in the figure, dnspy locates the source of the pop-up window.

After reading it, you can find that the information box will pop up when the window is closed.

So the question is, who caused the window to close?

So let's move on to the stack.

We've seen the first one. Next, we'll look at the timer event and double-click to follow up.

Timer, here's the end of a process.

Right click to edit the method.

This will not save the program again, will not automatically see?

Through this lesson, we learned the basic usage of call stack, which is very helpful for us to blow up the software and analyze the execution process in the future.

Courseware download: vhu0a7web3xh.html

Software unable to download / install / other computer problems, plus Penguin Group: 709531763

In general, there are no private questions in the group

I think the public can learn more about computer numbers

  Computer course for College Students
Article title: reverse course of. Net zero Basics - Lesson 6 (must skip)
Author: Mu Ruoxi
Release date: Monday, April 29, 2019 Mu Ruoxi blog
Link to this article:
Article label:
Last article: Next:


Comments loading
  1. sofa
    Flying snow   

    It's easy to understand
    Why can't I enlarge the picture in the article? The code is too small to read

    April 29, 2019   comment
    • It's forbidden to zoom in. If you need high-definition images, you can see them in the knowledge planet. After all, I have to distinguish between my paying users and free users.

      9:39 PM, April 29, 2019   comment


╮( ̄▽ ̄)╭ |  (= ̄ω ̄=) |  (>﹏<) |  Σ( ° △ °|||)︴ |  Σ(っ °Д °;)っ |  X﹏X |  (╯-_ -)╯╧╧

Tip: after submitting comments, refresh this page to see the hidden files~