flat assembler
Message board for the users of flat assembler.

flat assembler > DOS > Tutorial: Doing assembly without using an assembler

Author
Thread Post new topic Reply to topic
Ciper



Joined: 01 Jan 2013
Posts: 27
The following runs under XP.

Add the following to 'commands.txt':
Code:
n my.com a mov ah,2 mov dl,41 int 21 int 20 r cx 8 w q


Then issue:
Code:
debug < commands.txt


Now you have my.com that you can run as you please.
Post 03 Jan 2013, 14:37
View user's profile Send private message Visit poster's website Reply with quote
freecrac



Joined: 19 Oct 2011
Posts: 117
Location: Germany Hamburg
Ciper wrote:
The following runs under XP.

Add the following to 'commands.txt':
Code:
n my.com a mov ah,2 mov dl,41 int 21 int 20 r cx 8 w q


Then issue:
Code:
debug < commands.txt


Now you have my.com that you can run as you please.


Thats nice and now we can place it all together into one batchfile:
Code:
@echo off echo n my.com>tmp.deb echo a>>tmp.deb echo mov ah,2>>tmp.deb echo mov dl,41>>tmp.deb echo int 21>>tmp.deb echo int 20>>tmp.deb echo rcx>>tmp.deb echo 8>>tmp.deb echo w>>tmp.deb echo q>>tmp.deb debug <tmp.deb >debug.tmp REM del tmp.deb REM type debug.tmp REM del debug.tmp my.com


Additional we can place opcodes direktly inside of a batchfile or a shellscript, like Herbert Kleebauers example shows.
Code:
ftp://137.193.64.130/pub/assembler/xlinux.zip Linux X demo Herbert Kleebauer <klee@unibwm.de> 18.07.2007 23:31:04 Newsgroups: alt.lang.asm Have done a little bit code clean up and added some comments. It still requires a 24 bit true color screen but packet splitting should now be ok. Press any key or mouse button to exit the program. Most of the code is stolen from Frank (hope he doesn't mind, at least now he gets the code back in a readably assembler syntax). Here the binary (the source in a follow up): #!/bin/bash name=xdemo echo -n>$name x=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789123 for (( i=0; i<65; i++ )); do eval _$(( $i/62 ))${x:$i:1}=$(( $i&63 )); done n=0; m=0 (while read -n 1 c; do case $c in [A-Za-z0-9+/=]) if [ "$c" == "+" ]; then c=11; elif [ "$c" == "/" ]; then c=12; elif [ "$c" == "=" ]; then c=13; else c=0$c; fi e=$d; d=$c ; eval c=\$_$c; n=$(( $n*64+$c )); m=$(( $m+1 )) if [ "$m" == "4" ]; then echo -n -e \\$(( ($n>>22&7)*100+($n>>19&7)*10+($n>>16&7) ))>>$name if [ "$e" != "13" ]; then echo -n -e \\$(( ($n>>14&7)*100+($n>>11&7)*10+($n>>8&7) ))>>$name; fi if [ "$d" != "13" ]; then echo -n -e \\$(( ($n>>6&7) *100+($n>>3&7)*10+($n&7) ))>>$name; fi n=0; m=0 fi esac done)<<"---"; f0VMR gEBAQAAAAAAAAAAAAIAAwABAAA Ad IA ECDQAAAAAAAAAAAAAADQAIAACA AA AAAAAAAEA AAAAAA AAAIAECACABAhEBQAARAUAAA UAA AAA EAAAAQAAAEQFAABElQQIRJUE CIg AAAC07gMA BgAAAAA QAACJJcx9CAhqAGoBagGJ4 bsBA AAAu GYAAADNgIPEDIXAD4gHAgA Ao9B 9CAhoEwAA AGgwhQQI /zXQfQgIieG7AwAAALhm AAAAz YCDxA yFwA+I2QEAAIsd0H0ICL kDAAA AuDcAAADN gIXAD4i/A QAAix3QfQgIuQQAAAC JwoHKA AgAALg 3AAAAzYCFwA+InQEAA LhMlQQ IugwAAADo HwIAAA+CKA AAAGaJHVKVBAhmiT VUlQQI6 P0CAACJ yI1TA4Pi/OjwAgAA ieiNVgO D4vzo4wIA ADHtvvh/CAi /AAQAAInwifrop QMAAHT1g D34fwgIA Q+FNwEAAAHFAcY px4H9CAA AAHLaD7cd /n8ICI0cnQgA AAA53XLIvvh/ CAiLRgyLV hCJ0ffZIc qjXJUECKOIlQ QIo5SVBAi juJUECKOs lQQIAdCjkJUEC KO8lQQIAdA Pt0YYg8ArJ PwPtlYdweI DAcKLBBajY JUECItEFhS jaJUECC1A AcgA0egl/3///6 PElQQIuF iVBAi6LAAAA OgkAgAA6GgC AAB0CYA4 AA+EjAAAALi ElQQIuggA AADoBQIAAOhJAgA AdAmAO AAPhG0AAAC4j JUECLocAAAA6 OYBAAD oKgIAAHQJgDg AD4ROAAAA uKiVBAi6DAAAAOjH AQAA 6AsCAAB0CYA4A A+ELwAAAOiWAA AA6D EAAAC4tJUECLo Y6AMA6J4B AADo4gEAAHTlgDgAd Aq AOAJ0BYA4BHXWu wAAAAC4AQAAAM2 AY DHb/wXUfQgIuQD 6AAAx/4n4 MdK7QAEAAPfzLXgAAA CB6qAAAAB/Avfai cMPr9sB0PfoAcN0 CTHSuMAnCQD38wM F1H0ICMDo Ag+2wIsEhdh9CAiJBL 3 MlQQIR+KzYZDDY L7YfQgIuAAAAAC5 Q AAAAIkGg8YEBBB mBQAIBQAA BADi7mGQw1BSV4s9z H0I CIsHjXyHCIs3g 8cEhfYPhKoAAAC BPk hPTUV164B+BD1 15YPGBYPJ /0GAPA4AdfkJyQ+E hwAAA IH5AAEAAA+He wAAAL/YfggI86 S4Ly5 YYau4dXRob6u 4cml0eavG BwC72H4ICDHJuAU AAADNgI XAeE2Jw7n4f wgIugAEAAC4A wAAAM2A PQAEAAAPg9j +//+JxbgG AAAAzYCF7XQivv h/CAgB9TH AZq1mSHQWu QQAAABmrWbB yAgBxuL2O e5y5/nrKrk CAAAAictm rWbByAgBxuL2Z q1mwcgIifEP t9gB3matZ sHICIn1D7f w+F9aWMNgic WJ1on3gf8 AQAAAdgW/ AEAAAGoAV1X/ NdB9CAiJ4bsJA AAAuGYAA ADNgIPEED 31////dN6FwA+ IOv7//yn GdAQBxeu/ YZDDUVZXoUi VBAg9IAAAAHM7iz VElQQIv /h/CAiJP USVBAg593QICcB0 BInB86S 6AAQAACnC jYD4fwgI6F AAAAB1AutIAQVIlQQ I67mLN USVBAiA PiIPh9b9//+APgAPh M39//+ 6IAAAAIA+ AXUMA1YMA 1YMA1YMA1YMOdByk4nw KRVIl QQIARV ElQQIX15Zw1FTagBSUP 810H0 ICInhuwoA AAC4ZgAA AM2Ag8QQW1k99f///3QIh cAPi HP9// /DAAABAC90bXAvLlgxMS1 1bml 4L1gwAPh/ CAgAAAA AbAALAAAAAAAAAAAAAQALAA AAA AAAA AAAAAAAAIACkAEAAAAAAAAA AAI KAAAAAAAA AQAAAA UAAAAIAAIAAAAAADcABwAAAAA AA AAA AA0AAAADAAAA////AP+AAAAqA AM AAAAAAAAA AABIA gb6AAAAAAAAAABAAcgAoABkAAAY A AA= --- chmod +x $name ;------------------------------------------------------------- ; "Annie's Heart" for Xwindows ; Herbert's code, translated to Nasm ; "regular linkable version" ; ; nasm -f elf -O999 myprog.asm ; ld -o myprog myprog.o global _start section .text _start: ;--------------------------- code ------------------------------------------ main: mov [stack_ptr], esp ; save initial stack pointer ; ******************** get socket handle *************************** push 0 ; no protocol specified push 1 ; 1: SOCK_STREAM (/usr/include/linux/net.h) push 1 ; 1: AF_UNIX, AF_LOCAL (/usr/include/linux/socket.h) mov ecx, esp ; pointer to parameter for "socket" mov ebx, 1 ; "socket" (/usr/include/linux/net.h) mov eax, 102 ; socketcall (/usr/include/asm/unistd.h) int 80h add esp, 3 * 4 ; free space for parameters test eax, eax ; ERROR js err ; my apologies for propagating this sloppiness. ; really should be "cmp eax, -4096" (or -4095?) ; won't happen here, but we *could* get a ; valid return over 2G! - fbk mov [x_handle], eax ; ********** connect socket to /tmp/.X11-unix/X0" ****************** push sockaddr_un_l push sockaddr_un ; (/usr/include/linux/un.h) push dword [x_handle] ; socket handle mov ecx, esp ; pointer to parameter for "connect" mov ebx, 3 ; "connect" (/usr/include/linux/net.h) mov eax, 102 ; socketcall (/usr/include/asm/unistd.h) int 80h add esp, 3 * 4 ; free space for parameters test eax, eax ; ERROR js err ; *************** make socket read non blocking ******************* mov ebx, [x_handle] ; socket handle mov ecx, 3 ; F_GETFL (/usr/include/asm/fcntl.h) mov eax, 55 ; fcntl (/usr/include/asm/unistd.h) int 80h test eax, eax ; ERROR js err mov ebx, [x_handle] ; socket handle mov ecx, 4 ; F_SETFL (/usr/include/asm/fcntl.h) mov edx, eax or edx, 800h ; O_NONBLOCK (/usr/include/asm/fcntl.h) mov eax, 55 ; fcntl (/usr/include/asm/unistd.h) int 80h test eax, eax ; ERROR js err ; ******************* send connect message ************************* mov eax, send1 ; pointer to connect message mov edx, send1l call get_xauth ; try to read .Xauthority jc _11 ; no success, let's try without auth. mov [send1+6], bx ; insert name length mov [send1+8], si ; insert data length call x_send ; send header mov eax, ecx ; pointer to name lea edx, [ebx + 3] ; pad to a multiple of 4 and edx, -4 call x_send ; send name mov eax, ebp ; pointer to data lea edx, [esi + 3] ; pad to a multiple of 4 and edx, -4 _11: call x_send ; send data xor ebp, ebp ; number of total bytes read mov esi, buf2 ; pointer to buffer for next read mov edi, buf2l ; max. bytes to read .10: mov eax, esi mov edx, edi call x_receive_raw jz .10 ; but we need a reply cmp byte [buf2], 1 ; success jne err ; something went wrong add ebp, eax ; total read bytes add esi, eax ; pointer to buffer for next read sub edi, eax ; max. bytes to read cmp ebp, 8 ; at least 8 bytes read? jc .10 ; no, get more movzx ebx, word [buf2 + 6] ; additional data in 4 bytes lea ebx, [ebx * 4 + 8] ; total size in bytes cmp ebp, ebx ; all read jc .10 ; no, get more ; ******************* calculate id's ******************************* mov esi, buf2 mov eax, [esi + 0Ch] ; resource_id_base mov edx, [esi + 10h] ; resource_id_mask mov ecx, edx neg ecx and edx, ecx ; resource_id_incr mov [s2a], eax ; wid for CreateWindow mov [s3a], eax ; wid for MapWindow mov [s4a], eax ; wid for CreateDC mov [s5a], eax ; wid for CreateDC mov [s6a], eax ; wid for SetInputFocus add eax, edx ; next id mov [s4b], eax ; cid for CreateDC mov [s5b], eax ; cid for CreateDC add eax, edx ; next id ; lint!!! ; mov [resource_id_next], eax ; mov [resource_id_incr], edx ; ******************* get root window id *************************** movzx eax, word [esi + 18h] ; length of vendor string add eax, 28h + 3 ; const header length + round vendor length and al, -4 ; round to 4 bytes movzx edx, byte [esi + 1Dh] ; number of FORMATs shl edx, 3 ; 8 byte for each FORMAT entry add edx, eax ; offset to root WINDOW id mov eax, [esi + edx] ; root window mov [s2b], eax ; CreateWindow needs root window id mov eax, [esi + edx + 20] ; width/height of root window mov [s2x], eax ; create window full size sub eax, (200 << 16) + 320 shr eax, 1 and eax, 0FFFF7FFFh mov [s5x], eax ; center drawing ; ******************* send CreatWindow request ********************* mov eax, send2 mov edx, send2l call x_send call x_receive jz .20 ; no message is a good message cmp byte [eax], 0 ; error message je ende ; ******************* send MapWindow request *********************** .20: mov eax, send3 mov edx, send3l call x_send call x_receive jz .30 ; no message is a good message cmp byte [eax], 0 ; error message je ende ; ******************* send CreatDC request ************************* .30: mov eax, send4 mov edx, send4l call x_send call x_receive jz .40 ; no message is a good message cmp byte [eax], 0 ; error message je ende ; ******************* send SetInputFocust ************************* .40: mov eax, send6 mov edx, send6l call x_send call x_receive jz .60 ; no message is a good message cmp byte [eax], 0 ; error message je ende .60: call init_color ; init 64 VGA colors ; ******************** main loop *************************** .50: call annie ; generate next picture call display call x_receive jz .50 ; no message is a good message cmp byte [eax], 0 ; error message je err cmp byte [eax], 2 ; key press je ende cmp byte [eax], 4 ; button press jne .50 err: ende: mov ebx, 0 ; return code mov eax, 1 ; exit int 80h ;------------------------------------------ display: mov esi, screen mov ecx, 20 ; we use 20 parts to make each less than 16k .10 mov eax, send5 mov edx, send5l call x_send mov eax, esi mov edx, 320 * 10 * 4 ; size of one part call x_send add word [s5y], 10 ; update y pos for next part add esi, 320*10*4 ; update source pointer for next part loop .10 sub word [s5y], 20*10 ; restore original y position ret ;----------------------------------------- ; ********* Annie's code to draw a heart **************** annie: pusha xor ebx, ebx .10: inc dword [annie1] mov ecx, 320 * 200 xor edi, edi .20: mov eax, edi ; byte pos in screen xor edx, edx mov ebx, 320 ; 320 lines div ebx ; eax: line 0-199 edx: column 0-319 sub eax, 120 ; center y=120 (-120 .. +79) sub edx, 160 ; x=160 (-160 .. +159) jg .30 neg edx ; symmetric in x (0 .. 160) .30: mov ebx, eax imul ebx, ebx ; ebx = x*x add eax, edx ; eax = x*x+y imul eax ; eax = (x*x+y)**2 mod 2*16 add ebx, eax jz .40 xor edx, edx mov eax, 600000 div ebx .40: add eax, [annie1] ; change color shr eax, 2 movzx eax, al mov eax, [color+ eax * 4] mov [screen + edi * 4], eax inc edi loop .20 popa ; nop ??? ret ; ****************** initialize 64 VGA colors ********************* init_color: pusha mov esi, color mov eax, 0 ; sic mov ecx, 64 _01: mov [esi], eax add esi, 4 add al, 10h add ax, 800h add eax, 40000h loop _01 popa ; nop ??? ret ;********************************************************** ;******** read cookie from $home/.Xauthority ************** ;********************************************************** ; * ; input: stack_ptr: original sp at program start * ; output: C=0: cookie found in $home/.Xauthority * ; r2: pointer to protocol name * ; r3: length of protocol name * ; r4: pointer to protocol data * ; r5: length of protocol data * ; C=1: nothing found * ; r2/r3/r4/r5 undefined * ; * ; typedef struct xauth { * ; unsigned short family; * ; unsigned short address_length; * ; char *address; * ; unsigned short number_length; * ; char *number; * ; unsigned short name_length; * ; char *name; * ; unsigned short data_length; * ; char *data; * ; } Xauth; * ;********************************************************** get_xauth: push eax push edx push edi mov edi, [stack_ptr] ; original stack pointer at program start mov eax, [edi] ; number of arguments lea edi, [edi + eax * 4 + 8] ; skip arguments + trailing null pointer .20: mov esi, [edi] ; pointer to next env variable add edi, 4 test esi, esi ; no more env variables jz .notfound cmp dword [esi], 'HOME' ; HOME found? jne .20 ; no, try next cmp byte [esi + 4], '=' ; HOME= found? jne .20 ; no, try next add esi, 5 ; start of HOME path or ecx, -1 .30: inc ecx ; count length of HOME path cmp byte [esi + ecx], 0 jne .30 or ecx, ecx ; at least one char long? jz .notfound ; no, HOME is empty cmp ecx, 256 ; more than 256 charcters ja .notfound ; somebody tries a buffer overflow mov edi, fname ; buffer for filename rep movsb ; copy HOME path mov eax, '/.Xa' ; 'aX./' ; add .Xauthority stosd mov eax, 'utho' ; 'ohtu' stosd mov eax, 'rity' ; 'ytir' stosd mov byte [edi], 0 ; and a trailing 0 mov ebx, fname xor ecx, ecx ; readonly mov eax, 5 ; open int 80h test eax, eax ; file open error? js .notfound ; yes mov ebx, eax ; file handle mov ecx, buf2 mov edx, buf2l ; read 1024 byte mov eax, 3 ; read int 80h cmp eax, buf2l jnc err ; .Xauthority >= 1024 byte mov ebp, eax ; bytes read mov eax, 6 ; close int 80h test ebp, ebp ; file empty jz .notfound mov esi, buf2 add ebp, esi ; end of read data xor eax, eax .60: lodsw ; family dec ax jz .40 ; 1=FamilyLocal mov ecx, 4 ; skip entry .50: lodsw ror ax, 8 ; big -> little endian add esi, eax loop .50 cmp esi, ebp ; more data jc .60 ; try next entry .notfound: stc jmp _70 .40: mov ecx, 2 mov ebx, ecx .41: lodsw ror ax, 8 add esi, eax ; skip address/number loop .41 .42: lodsw ror ax, 8 mov ecx, esi movzx ebx, ax add esi, ebx lodsw ror ax, 8 mov ebp, esi movzx esi, ax clc _70: pop edi pop edx pop eax ret ;********************************************************** ;******** send message to X server ************** ;********************************************************** ; input: eax: pointer to message * ; edx: length of message * ;********************************************************** x_send: pusha mov ebp, eax ; pointer to next byte of message mov esi, edx ; remaining bytes to send .20: push 0 ; flags push esi ; length push ebp ; pointer to data push dword [x_handle] ; socket handle mov ecx, esp ; pointer to parameter for "send" mov ebx, 9 ; "send" (/usr/include/linux/net.h) mov eax, 102 ; socketcall (/usr/include/asm/unistd.h) int 80h add esp, 4*4 ; free space for parameters cmp eax, -11 ; EAGAIN: je .20 ; message couldn't be sent, try again test eax, eax ; ERROR js err sub esi, eax ; remaining bytes to send jz .30 ; nothing, all sent add ebp, eax ; pointer to remaining message jmp .20 ; send rest of message .30: popa ; nop ? ret ;********************************************************** ;******** receive ONE message from X server ********** ;********************************************************** ; input: none * ; output: Z=1: no complete message available * ; eax/edx undefined * ; Z=0: eax: pointer to message data * ; edx: size of data * ;********************************************************** x_receive: push ecx push esi push edi _00: mov eax, [buf2_rest] ; still something in read buffer? cmp eax, 32 ; a message has at least 32 bytes jnc .10 ; maybe it is a complete message .30: mov esi, [buf2_ptr] ; start of message mov edi, buf2 ; start of buffer mov [buf2_ptr], edi ; we copy message to top of buffer cmp edi, esi ; already at top of buffer je .50 ; then nothing to copy or eax, eax ; nothing in buffer jz .50 ; then also nothing to copy mov ecx, eax ; copy to top of buffer rep movsb .50: mov edx, buf2l ; let's try to get some more data sub edx, eax ; not more bytes than space is left in the buf lea eax, [buf2 + eax] ; append it here call x_receive_raw jnz .20 ; we could read something jmp _100 ; return with Z=1 .20: add [buf2_rest], eax ; now we have a few more bytes in the buffer jmp _00 ; let's try again .10: mov esi, [buf2_ptr] ; let's test if it is a complete meesage cmp byte [esi], 34 ja err ; the last known message is nr 34 mov edx, 32 cmp byte [esi], 0 ; error message cmp byte [esi], 1 ; reply message jne .40 ; event message is always 32 byte add edx, [esi + 12] ; + additional data for reply add edx, [esi + 12] ; + additional data for reply add edx, [esi + 12] ; + additional data for reply add edx, [esi + 12] ; + additional data for reply cmp eax, edx ; complete reply in buffer jc .30 ; no, let's try to get more .40: mov eax, esi ; pointer to data sub [buf2_rest], edx ; new rest add [buf2_ptr], edx ; pointer to next data; clear Z flag _100: pop edi pop esi pop ecx ret ;********************************************************** ;******** read data from X server ********** ;********************************************************** ; input: eax: pointer to read buffer * ; edx: size of buffer * ; output: Z=1: nothing to read * ; Z=0: eax bytes read * ;********************************************************** x_receive_raw: push ecx push ebx push 0 ; flags push edx ; bytes to read push eax ; pointer to buffer push dword [x_handle] ; socket handle mov ecx, esp ; pointer to parameter for "recv" mov ebx, 10 ; "recv" (/usr/include/linux/net.h) mov eax, 102 ; socketcall (/usr/include/asm/unistd.h) int 80h add esp, 4 * 4 ; free space for parameters pop ebx pop ecx cmp eax, -11 ; EAGAIN: no message available -> Z=1 je .10 test eax, eax ; <0: ERROR 0: NULL message -> Z=1 js err .10: ret ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;--------------------------- constant data --------------------------------- ; (note that we're in .text, not .rdata) align 4 sockaddr_un: dw 1 ; 1: AF_UNIX, AF_LOCAL (/usr/include/linux/socket.h) db "/tmp/.X11-unix/X0" sockaddr_un_l equ $ - sockaddr_un align 4 ;--------------------------------------------------------------------------- section .data ;--------------------------- initialized data ------------------------------ buf2_ptr: dd buf2 buf2_rest: dd 0 ; Connection Setup send1: db $6c,0 ; LSB first dw 11,0 ; major/minor version dw 0,0 ; length of protocol name/data dw 0 ; unused send1l equ $ - send1 ; Create Window send2: db 1 ; opcode for Create Window db 0 ; depth from parent dw send2l/4; request length s2a: dd 0 ; wid (has to be calculated) s2b: dd 0 ; parent (has to be calculated) dw 0 ; x dw 0 ; y s2x: dw 640 ; width s2y: dw 400 ; heigth dw 0 ; border-width dw 0 ; class: CopyFromParent dd 0 ; visual: CopyFromParent dd 0A02h ; value-mask: background-pixel 2 ; + override-redirect 200 ; + event-mask 800 dd 0 ; background: black db 1 ; override-redirect = true db 0,0,0 ; pad dd 5 ; event_mask: KeyPress 1 ; +ButtenPress 4 ; +PointerMotion 40 send2l equ (($-send2)+3) & 0fffffffch ; Map Window send3: db 8 ; opcode for Map Window db 0 ; unused dw send3l/4; request length s3a: dd 0 ; wid (has to be calculated) send3l equ $ - send3 ; Create GC send4: db 55 ; opcode for CreateGC db 0 ; unused dw send4l/4; request length s4b: dd 0 ; cid (has to be calculated) s4a: dd 0 ; wid (has to be calculated) dd 1+4+8 ; function+foreground+background dd 3 ; function=copy dd 0ffffffh ; foreground: white dd 0080ffh ; background: light blue send4l equ $ - send4 ; Set Input Focus send6: db 42 ; opcode for SetInputFocus db 0 ; revert-to None dw send6l/4; request length s6a: dd 0 ; wid (has to be calculated) dd 0 ; timestamp CurrentTime send6l equ $ - send6 ; Put Image send5: db 72 ; opcode for PutImage db 2 ; ZPixmap dw send5l/4 + 320*10*4/4 ; request length s5a: dd 0 ; wid (has to be calculated) s5b: dd 0 ; cid (has to be calculated) dw 320 ; width dw 200/20 ; height s5x: dw 0 ; dest-x s5y: dw 0 ; dest-y db 0 ; left-pad db 24 ; depth dw 0 ; unused send5l equ $ - send5 section .bss ;--------------------------- uninitialized data ---------------------------- screen: resd 320*200 ; bitmap stack_ptr: resd 1 x_handle: resd 1 annie1: resd 1 color: resd 64 fname: resb 256+32 buf2: resb 1024 buf2l equ $ - buf2 ;---------------------------------------------------------------------------
Dirk
Post 08 Jan 2013, 07:39
View user's profile Send private message Send e-mail Reply with quote
Asmix



Joined: 07 Sep 2004
Posts: 5
Location: Ukraine
Real coders do it like that:
B4 02 B3 41 CD 21 C3
Only HEX, Only Hardcore !!! Wink
Post 10 Jan 2013, 22:13
View user's profile Send private message Reply with quote
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1171
Location: Unknown
Stupid post removed.


Last edited by HaHaAnonymous on 28 Feb 2015, 22:02; edited 1 time in total
Post 10 Jan 2013, 22:37
View user's profile Send private message Reply with quote
freecrac



Joined: 19 Oct 2011
Posts: 117
Location: Germany Hamburg
Asmix wrote:
Real coders do it like that:
B4 02 B3 41 CD 21 C3
Only HEX, Only Hardcore !!! Wink


Therefore we need on one side a table of opcodes and on the other side a table of Postbytes/ModRM-bytes. And now we can also use a batchfile.
Code:
@echo off echo n my.com>tmp.deb echo rcx>>tmp.deb echo 7>>tmp.deb echo ecs:100>>tmp.deb echo B4 02 B3 41 CD 21 C3>>tmp.deb echo wcs:100>>tmp.deb echo q>>tmp.deb debug <tmp.deb my.com

But how can the last byte of "C3" be execute, it is placed after "CD 21"?

Dirk
Post 11 Jan 2013, 07:49
View user's profile Send private message Send e-mail Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >

Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 2004-2018, Tomasz Grysztar.

Powered by rwasa.