flat assembler
Message board for the users of flat assembler.

Index > Main > mov BX to EAX ~ the newbiest question

Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author
Thread Post new topic Reply to topic
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
I feel like an asm-pro now *_*
Post 01 Jan 2010, 13:11
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
Teehee wrote:
I feel like an asm-pro now *_*
Cool
Post 01 Jan 2010, 13:13
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
Do not let that up to your head Smile

Just one more question. There is some difference of i to do a cast in the operand 'dest.' or in operand 'source'? ex:
Code:
mov dword [esp+0*4], sizeof.INITCOMMONCONTROLSEX
mov dword [esp+1*4], ICC_BAR_CLASSES+ICC_COOL_CLASSES 
; -- or --
mov [esp+0*4], dword sizeof.INITCOMMONCONTROLSEX
mov [esp+1*4], dword ICC_BAR_CLASSES+ICC_COOL_CLASSES     
Post 01 Jan 2010, 13:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
This is the usual way:
Code:
mov dword [esp+0*4], sizeof.INITCOMMONCONTROLSEX
mov dword [esp+1*4], ICC_BAR_CLASSES+ICC_COOL_CLASSES      
Post 01 Jan 2010, 13:35
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
But try to use symbolic constants instead of magic number constants. Wink
Post 01 Jan 2010, 13:35
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
So there is no difference.

Whats symbolic constants and magic number constants?
Post 01 Jan 2010, 13:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
Code:
mov eax,[ebx+NMHDR.code]
mov eax,[ebx+8]    
Which line is easier to understand?
Post 01 Jan 2010, 13:54
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
The first one. its possible to do that? *.*
Post 01 Jan 2010, 13:58
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
revolution wrote:

Teehee: You can access esp directly like that but beware when you want to push an esp based parameter that is not the last:
Code:
invoke SomeFunction,[esp],eax,... ;<--- dangerous, esp parameter is not last
invoke SomeFunction,ebx,eax,[esp] ;<--- okay because esp is the last parameter    
It can be done but you have to adjust the esp offset by +4 for each parameter that comes after the [esp] parameter.


Do you mean:
SomeFunction,[esp+4],eax ?

_________________
Sorry if bad english.
Post 01 Jan 2010, 14:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
Teehee wrote:
You mean:
SomeFunction,[esp+4],eax ?
I depends upon how many parameters are listed after the [esp] and also upon which original offset you are using.

e.g.
Code:
invoke SomeThing,[esp+12],[esp+8],[esp+4],[esp] ;All push the same value
invoke SomeThing,[esp],[esp],[esp],[esp] ;All push the same value also!
invoke SomeThing,[esp+24],[esp+16],[esp+8],[esp] ;pushing stack values in reverse order    
Post 01 Jan 2010, 14:05
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
I think I don't understand why they all push the same value and why the last one in reverse order. o.o'
Post 01 Jan 2010, 14:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
esp changes after each push. That is why people use ebp, it doesn't change.
Post 01 Jan 2010, 14:14
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
Code:
invoke SomeThing,[esp],[esp],[esp],[esp],eax    
is the same as:
Code:
invoke SomeThing,eax,eax,eax,eax,eax    
is the same as:
Code:
invoke SomeThing,[esp+12],[esp+8],[esp+4],[esp],eax    
Post 01 Jan 2010, 14:16
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 9004
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
Quote:

var1: 0000 address ; just example
7 value
var2: 00FF address
5 value
mov eax, [var1] ; mov value of var1 (7) to eax ; eax = 7 ?
mov ebx, [var2] ; mov value of var2 (5) to ebx ; ebx = 5 ?
cmp [ebx], eax ; cmp address (0005) with value of eax (7)?


you got it right for the first and second mov example.
the third one is wrong a bit.

after above 2 mov(s) instruction.
the third [ebx] means to access the value of linear address number 5.

so, now, the 0005 address could be anything. any figure.

u commet said, cmp (address) 0005 with value 7..
yeah it is correct.

but u also understand that 0005 is not defined and could be anything.
Post 01 Jan 2010, 15:17
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
hmmm...
Post 01 Jan 2010, 15:37
View user's profile Send private message Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
Revolution,
I tried this, but doesn't work:
Code:
sub      esp, sizeof.RECT
invoke   SendMessage,[hToolBar],TB_GETRECT,[eax+NMTOOLBAR.iItem],esp
invoke   MapWindowPoints,[hToolBar],HWND_DESKTOP,dword[esp+4],2  ; <- crashes my app

invoke   LoadMenu,[hInstance],LAB_MENU
mov      ebx, eax
invoke   GetSubMenu,eax,0
invoke   TrackPopupMenuEx,eax,TPM_LEFTALIGN+TPM_LEFTBUTTON+TPM_VERTICAL,\
         [esp+RECT.left],[esp+RECT.bottom],[hMainWnd],NULL
invoke   DestroyMenu,ebx
add      esp, sizeof.RECT 

; dword[esp+4] <- crashes
; esp only     <- "works": but its a weird value    
Post 02 Jan 2010, 15:32
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
You have to pass the address, not the value:
Code:
invoke   MapWindowPoints,[hToolBar],HWND_DESKTOP,addr esp+4,2    
Also this needs changing:
Code:
invoke   TrackPopupMenuEx,eax,TPM_LEFTALIGN+TPM_LEFTBUTTON+TPM_VERTICAL,\
         [esp+RECT.left+12],[esp+RECT.bottom+8],[hMainWnd],NULL     
So now you see why using esp directly is problematic?
Post 02 Jan 2010, 15:43
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
Yeah, I see Smile

i didn't know that 'addr' keyword. Where can I read about?

and, how can I use esp indirectly?
Post 02 Jan 2010, 15:53
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
Teehee wrote:
and, how can I use esp indirectly?
Code:
mov ebp,esp
...
invoke SomeThing,[ebp],eax,...    
Post 02 Jan 2010, 15:54
View user's profile Send private message Visit poster's website Reply with quote
Teehee



Joined: 05 Aug 2009
Posts: 568
Location: Brazil
Teehee
it crashes..
Code:
sub      esp, sizeof.RECT
mov     ebp, esp
invoke   SendMessage,[hToolBar],TB_GETRECT,[eax+NMTOOLBAR.iItem], ebp
invoke   MapWindowPoints,[hToolBar],HWND_DESKTOP,ebp,2

invoke   LoadMenu,[hInstance],LAB_MENU
mov      ebx, eax  ; EBX = hMenu
invoke   GetSubMenu,eax,0
invoke   TrackPopupMenuEx,eax,TPM_LEFTALIGN+TPM_LEFTBUTTON+TPM_VERTICAL,\
                         [ebp+RECT.left],[ebp+RECT.bottom],[hMainWnd],NULL
invoke   DestroyMenu,ebx
add      esp, sizeof.RECT    


Last edited by Teehee on 02 Jan 2010, 16:06; edited 1 time in total
Post 02 Jan 2010, 15:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5, 6  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.