flat assembler
Message board for the users of flat assembler.

Index > Main > Need size example.

Author
Thread Post new topic Reply to topic
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 24 Apr 2011, 00:28
Hello everyone. I need little example how to take 2 dwords and do something with it. and of course in 32 bit mode.
I have question, can CDQ instruction do that ?
for example:
Code:
mov eax,0xFFFFFFFF
mov edx,0xEEEEEEEE
cdq
mov qword[eax],0xAAAAAAAAAAAAAAAA    

something like this.. thank you.
Post 24 Apr 2011, 00:28
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 4060
Location: vpcmpistri
bitRAKE 24 Apr 2011, 04:25
CMPXCHG8B can store 2 DWORDS. PUSHAD can store more. Very Happy

Not clear what you are after. Otherwise I'd give an example.

After CDQ, EDX is either 0 or -1.
(Based on high-bit of EAX.)

Is MMX or SSE an option?
Post 24 Apr 2011, 04:25
View user's profile Send private message Visit poster's website Reply with quote
ouadji



Joined: 24 Dec 2008
Posts: 1081
Location: Belgium
ouadji 24 Apr 2011, 09:47

but "pushad" can't be used with "lock" Crying or Very sad

but ... Very Happy

push ss
pop ss
pushad

A pop_ss instruction inhibits all interrupts,
including the NMI interrupt, until after execution of the next instruction.

_________________
I am not young enough to know everything (Oscar Wilde)- Image
Post 24 Apr 2011, 09:47
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20418
Location: In your JS exploiting you and your system
revolution 24 Apr 2011, 09:52
Hehe:
Code:
macro lock instr {
  push ss
  pop ss
  instr
}    
Post 24 Apr 2011, 09:52
View user's profile Send private message Visit poster's website Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 24 Apr 2011, 10:30
I really don't know what to do so.. All examples are welcome for me.. Smile I don't know what's MMX and how to ise that.. and what that does "push ss/pop ss/pushad" ? I know only that crashes olly (like exploit)
I need to push 8 byte argument in API call.. for example:
Code:
movq mm0,0xFFFFFFFFFFFFFFFF
invoke MessageBox,0,mm0,mm0,MB_OK    

This would not work right ?.. I need something like this but with QWORD..
Post 24 Apr 2011, 10:30
View user's profile Send private message Reply with quote
SPTH



Joined: 24 Jul 2004
Posts: 91
SPTH 24 Apr 2011, 16:18
Code:
invoke MessageBox,0,mm0,mm0,MB_OK    


is

Code:
push MB_OK
push mm0
push mm0
push 0
stdcall [MessageBox]
    


So you can simple push two 32bit values to get one 64bit value on stack, for the API to work with it:

Code:
mov eax, dword[HighDWORD]
push eax
mov eax, dword[LowDWORD]
push eax
stdcall [API_THAT_NEEDS_ONE_64BIT_VALUE_ON_STACK]
    


If you explain what you need more, somebody could help you i guess.

- - -
Something else
Code:
push ss
pop ss
    


isnt that just a NOP??? :o
Post 24 Apr 2011, 16:18
View user's profile Send private message Reply with quote
ouadji



Joined: 24 Dec 2008
Posts: 1081
Location: Belgium
ouadji 24 Apr 2011, 18:08

No, this is not like a "nop"
the combining of these two instructions offer, for the third, a very interesting property.

Quote:

INTEL 2B 4-190 (253667-038US April 2011)

Pop a Value from the Stack - pop ss

A POP SS instruction inhibits all interrupts, including the NMI interrupt, until after execution of the next instruction. This action allows sequential execution of POP SS and MOV ESP, EBP instructions without the danger of having an invalid stack during an interrupt.

MOV ESP, EBP ...
or any other instruction !
the third instruction will be executed atomically.

_________________
I am not young enough to know everything (Oscar Wilde)- Image
Post 24 Apr 2011, 18:08
View user's profile Send private message Send e-mail Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 24 Apr 2011, 23:47
I'm trying to do following but I fail.
movq mm0,0xFFFFFFFFFFFFFFFF
says mm0 is invalid address..
Post 24 Apr 2011, 23:47
View user's profile Send private message Reply with quote
SPTH



Joined: 24 Jul 2004
Posts: 91
SPTH 25 Apr 2011, 00:47
See page 47 in "flat assembler 1.69 Programmer's Manual" by Tomasz Grysztar (in the root dir of your FASM compiler, called FASM.PDF):

Quote:

movq copies a quad word from the source operand to the destination
operand. At least one of the operands must be a MMX register, the second
one can be also a MMX register or 64{bit memory location.
Code:
movq mm0,mm1 ; move quad word from register to register
movq mm2,[ebx] ; move quad word from memory to register
    



You can eighter use a different MMX register or a memory offset to fill the mm0 register. You can not use a constant.

See the manual for more infos. (you can use ctrl+F there, too :D )
Post 25 Apr 2011, 00:47
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 25 Apr 2011, 02:20
Oh, I got it! Thank you Smile and also, last little question.
how much bytes is TBYTE ? Is that larger than QWORD ?
Post 25 Apr 2011, 02:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20418
Location: In your JS exploiting you and your system
revolution 25 Apr 2011, 02:33
Overflowz wrote:
... and also, last little question.
how much bytes is TBYTE ? Is that larger than QWORD ?
Have you seen this link?

http://flatassembler.net/docs.php
Post 25 Apr 2011, 02:33
View user's profile Send private message Visit poster's website Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 25 Apr 2011, 14:33
revolution
ohh.. sorry I'm always forgetting that Sad thanks anyway Smile
Also, I'm interested why I can't do something like this ?
Code:
qval db 0xFFFFFFFFFFFFFFFF
..
mov qword[ebp],qval    

says, illegal unstruction at "mov qword[ebp],qval"..
but mov tbyte[ebp],qval works fine.
can someone tell me what the point of using those registers ? and for what ? (of course from your experience)
Post 25 Apr 2011, 14:33
View user's profile Send private message Reply with quote
SPTH



Joined: 24 Jul 2004
Posts: 91
SPTH 25 Apr 2011, 16:04
1) http://flatassembler.net/docs.php?article=manual -> ctrl+F -> "tbyte" ->
Quote:

qword 64bit=8byte
tbyte 80bit=10byte


2)
Quote:

but mov tbyte[ebp],qval works fine.

Code:
include '...\FASM\INCLUDE\win32ax.inc'

.data
qval db 0xFFFFFFFFFFFFFFFF

.code
start:
        mov tbyte[ebp],qval
.end start                   
    


Gives "invalid size of operand". mov can be used for byte, word, dword - NOT qword (use movq) or tbyte (see http://flatassembler.net/docs.php?article=manual#2.1.13) or something else than 8,16,32bit.

Reading the manual and searching the answeres to these questions will help you alot understanding assembler more, I promise you Wink
Post 25 Apr 2011, 16:04
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 25 Apr 2011, 17:17
SPTH
I got it.. Thank you Smile
Post 25 Apr 2011, 17:17
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.