| View previous topic :: View next topic |
| Author |
Message |
Aqua Regia
Advanced Cheater
 Reputation: 0
Joined: 12 May 2009
Posts: 51
Location: Sweden
|
 Posted: Tue May 12, 2009 12:13 pm Post subject: Assembly newbie |
 |
|
I'm new to assembly, although I know other languages. I would like a brief explanation of some things in how assembly works.
When I allocate new memory and write code in that area, will that code ever excecute if I don't jump there? If not, why?
When creating one of those tick boxes in CE, where you write assembly code after [enable] and [disable], I've seen that the most common way to make the program run your code instead of the original code you write something like:
01646C4B:
jmp newmem
nop
All the examples I've seen only use one "nop", but I'm guessing you must use more nops if the instruction you're replacing is longer, or am I wrong?
If there are other stuff that are important to know that differs from other programming languages, please tell me.
|
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Tue May 12, 2009 2:39 pm Post subject: |
|
|
code execution must be changed to the new memory for the code inside it to be run. there are other ways of changing code flow, like call.
long jmp takes 5 bytes the nop is not necessary. as long as you remember what instructions you overwrote and jmp back to an address with an instruction instead of halfway through you are good to go
assembly language.. differences ? more than there are similarities. when you code assembler try not to think high level
try to post examples of what you need help with exactly..
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 472
Joined: 09 May 2003
Posts: 25871
Location: The netherlands
|
| Posted: Tue May 12, 2009 3:43 pm Post subject: |
|
|
the nops make it easier for the labeling system to deal with the return jump
e.g:
01646c4b: might be one 4 byte instruction and after that a 5 byte instruction.
Since the first one isn't enough, both instructions would be overwritten by the jmp, resulting in a total of 9 bytes of instruction code. The jump is 5 bytes, so followed by 4 nop's
| Code: |
01646c4b:
jmp mycode
nop
nop
nop
return:
mycode:
dosomething
finally:
originalinstruction1
originalinstruction2
jmp return
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Aqua Regia
Advanced Cheater
Reputation: 0
Joined: 12 May 2009
Posts: 51
Location: Sweden
|
| Posted: Wed May 13, 2009 3:20 am Post subject: |
|
|
Thank you for your replies.
I recently learned python in which a code can look like this:
| Code: |
code1:
a
b
code2:
c
|
a and b belongs to code1, and c belongs to code2. But there doesn't seem to be any indentation in assembler, does the computer just excecute all the unstructions from top to bottom?
Sometimes when I use the code injection template, I write in the adress, and the original code contains 2 lines of assembler, which confuses me.
What's the difference between call and jmp? Is it like calling a function and goto?
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
