Warning: Non-static method vBSEO_Storage::path() should not be called statically in ..../vbseo/includes/functions_vbseo_pre.php on line 387

Warning: Non-static method vBSEO_Storage::path() should not be called statically in ..../vbseo/includes/functions_vbseo_pre.php on line 387

Warning: Non-static method vBSEO_Storage::path() should not be called statically in ..../vbseo/includes/functions_vbseo_seo.php on line 337

Warning: Non-static method vBSEO_Storage::path() should not be called statically in ..../vbseo/includes/functions_vbseo_seo.php on line 339

Warning: Non-static method vBSEO_Storage::path() should not be called statically in ..../vbseo/includes/functions_vbseo_seo.php on line 341

Warning: Non-static method vBSEO_Storage::path() should not be called statically in ..../vbseo/includes/functions_vbseo_seo.php on line 343
[Question] Assembly

Results 1 to 6 of 6
  1. #1
    Coders NightGhost's Avatar
    Join Date
    Apr 2006
    Posts
    658

    [Question] Assembly

    Sorry if I'm posting in the wrong section, but I couldn't find a "question section" :P.

    Assembly isn't my best part (just some basic knowledge), so I googled some while but I couldn't find an answer.
    Ill keep it short, here is my question:

    The opcode for
    1) PUSH is 0x6A

    When messing with OllyDBG (assemble at <mem add>; double click) it generates this:
    6A 01 PUSH 1

    ~Quite obvious

    Things change when I try "PUSH EAX":
    50 PUSH EAX

    "PUSH ECX":
    51 PUSH ECX


    50 PUSH EAX
    51 PUSH ECX
    52 PUSH EDX
    53 PUSH EBX


    :P
    Now, the same goes for CMP:

    83F8 01 CMP EAX,1 (0x83 = cmp, F8 is the eax register, 01 = 1)
    83F8 02 CMP EAX,2 (0x83 = cmp, F8 is the eax register, 02 = 2)
    83FB 01 CMP EBX,1 (0x83 = cmp, FB is the ebx register, 01 =1)

    Quite predictable..

    Things change when comparing registers with each others:
    3BC1 CMP EAX,ECX (...)
    3BC2 CMP EAX,EDX (...)

    3BD8 CMP EBX,EAX (...)
    etc.

    I can see whats going on here, 3B = CMP and the other part is the registery but why would it change from lets say:
    83FB F8 CMP EBX,EAX
    to
    3BD8 CMP EBX,EAX

    ?

    Ty for your time.

    ~Greets,
    NightGhost[br]Posted on: March 11, 2007, 08:47:35 AM_________________________________________________A n Error Has Occurred!
    Session verification failed. Please try logging out and back in again, and then try again.

    Solved =D, guess it cant be helped and Im forced to use it how its made.
    But it makes sense: YOU CANNOT jump to a register, you are jumping to the value STORED in it.

  2. #2
    Junior Member
    Join Date
    Feb 2007
    Posts
    25

    Re: [Question] Assembly

    You can jump to a register.

    mov eax,aaa // eax = aaa
    jmp eax // jumps to 00000aaa

    What exactly is your question lol?

  3. #3
    Coders NightGhost's Avatar
    Join Date
    Apr 2006
    Posts
    658

    Re: [Question] Assembly

    My answer was why this happens:

    8302 01 CMP 2,1

    3BC2 CMP EAX,EDX

    83 is the hex for "cmp".
    =D but, when doing "3BC2" you arnt comparing the eax with the edx, you are comparing WHATS INSIDE these registers.

    I already answered myself lol

  4. #4
    Junior Member
    Join Date
    Feb 2007
    Posts
    25

    Re: [Question] Assembly

    If you compare eax to edx you compare what they&#39;re storing (what else would you compare? lolz)

    If you compare [eax] to [edx] you&#39;re comparing the value of what they&#39;re storing.

    Registers are just storage ; in this case, with EAX and EDX, they store 32 bits of data. Each has a special purpose, of course, like ECX being the counter ESP pointing to the top of the stack.

    The bytes go:

    mnemonic|args

    just like the opcode

  5. #5
    VIP null's Avatar
    Join Date
    Apr 2006
    Posts
    1,796

    Re: [Question] Assembly

    Solved =D, guess it cant be helped and Im forced to use it how its made.
    But it makes sense: YOU CANNOT jump to a register, you are jumping to the value STORED in it.


  6. #6
    Coders NightGhost's Avatar
    Join Date
    Apr 2006
    Posts
    658

    Re: [Question] Assembly

    Ty null =D

    To clear some things up, this was my question:
    6A 01 PUSH 1

    ~Quite obvious

    Things change when I try "PUSH EAX":
    50 PUSH EAX

    PUSH EAX, with the opcode of "50", and PUSH 1 with 2 opcodes "6A 01" (6A = push and 01 = 1).
    My question was why the 50 appeared (AND NOT LIKE 6A F8; F8 = eax) when I tried to push the eax, answert: you arnt pushing the eax, but the value that is stored in the eax.

Similar Threads

  1. Load File From Server Into Assembly
    By FreckleS in forum Basics
    Replies: 0
    Last Post: January 3rd, 2012, 06:57
  2. Bot question
    By Red Zepelin in forum Call of Duty 2 Cheats
    Replies: 4
    Last Post: July 7th, 2008, 22:28
  3. Question for all...
    By SixOp_Sn1p3r in forum Spam
    Replies: 2
    Last Post: July 6th, 2008, 02:37
  4. Question..
    By mrgypsie in forum Counterstrike 1.6 Cheats
    Replies: 3
    Last Post: June 28th, 2008, 01:54

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •