flat assembler
Message board for the users of flat assembler.
Index
> Main > 2 beginner questions |
Author |
|
Tomasz Grysztar 13 Dec 2007, 21:57
zxcv wrote: 1. Is there a sizeof macro? It would help to count bytes declared as strings. Eg. string db 'long buff' See the "struc db" example in the section 2.3.4 of the manual. You may also look here. zxcv wrote: 2. Why i cant push on stack [register] "push dword [ebx]" and "push word [ebx]" are different instructions, which both are valid in either 16-bit or 32-bit mode. For this reason "push [ebx]" is ambiguous. You may however write "pushd [ebx]" as a shorter form that specifies that the 4 bytes should be stored (not 2). You may also find it all in manual. |
|||
13 Dec 2007, 21:57 |
|
zxcv 13 Dec 2007, 22:37
thanks much, you helped me.
|
|||
13 Dec 2007, 22:37 |
|
zxcv 14 Dec 2007, 00:03
1 more:
in esi i have addres of some memory, and i want to readprocessmemory from other process like that: .. push esi+8 .. call [rpm] but it doesnt work... |
|||
14 Dec 2007, 00:03 |
|
edfed 14 Dec 2007, 00:36
programming under windows?
in this case, goto windows section... why push esi+8? push esi only can be good! rpm, is it a far pointer or a near pointer? |
|||
14 Dec 2007, 00:36 |
|
LocoDelAssembly 14 Dec 2007, 01:12
Quote:
Do you need the result of "esi+8" on stack or the memory content at [esi+8]? Code: ; To push ESI+8 lea eax, [esi+8] ; Of course previous content of EAX register will be lost here push eax ; To push the memory contents at ESI+8 address push dword [esi+8] If you don't know assembly basics I recommend to learn those before starting to write complicated programs. Even if your intention is just patch/crack something, basics are mandatory knowledge. |
|||
14 Dec 2007, 01:12 |
|
zxcv 14 Dec 2007, 02:01
im learning it all time, but simply i dont have any good book/ebook/other source
Quote: Do you need the result of "esi+8" on stack or the memory content at [esi+8]? i need to add 8 to esi, and get memory pointed by esi+8. |
|||
14 Dec 2007, 02:01 |
|
edfed 14 Dec 2007, 02:15
simple
... call idontknowwhatyouwant ... idontknowwhatyouwant: mov eax,[esi+8] ret no need to push registers when you access them in the called procedure with the same value than in the caller procedure. you see? to learn assembly, the first step is to try everything, find solutions by yourself, training your brain to asm programming, the only tutorial you need to read in assembly is the one who explain the instructions. the forum is good for that. but if you don't know how to access memory with a register, you first need to read the more thread you can before posting questions. we cannot understand for you. |
|||
14 Dec 2007, 02:15 |
|
zxcv 14 Dec 2007, 05:34
maybe i give you a code:
Code: push 1024 call [malloc] mov esi, eax push 1024 push 0 push esi call [memset] add esp, 16 push 666 push 0 push PROCESS_VM_READ call [OpenProcess] mov ebx, eax push 0 push 32 push esi push 0x666 push ebx call [ReadProcessMemory] push 0 push 32 push dword [esi+32] ;<it actually pushes memory allocated by malloc, not address. Esp points a block of memory (filed by previous readproc..). I want to append to this memory new data. I hope you know what i mean. push 0x666 push ebx call [ReadProcessMemory] push ebx call [CloseHandle] |
|||
14 Dec 2007, 05:34 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.