| View previous topic :: View next topic |
| Author |
Message |
Dr.Disrespect
Grandmaster Cheater
![]() Reputation: 3
Joined: 17 Feb 2016
Posts: 526
|
 Posted: Sun May 22, 2016 9:06 pm Post subject: What does this piece of code mean? |
 |
|
| Code: |
test eax,eax
mov al,01
js game.exe+00001537
mov al,[esi+05]
mov ecx,[ebp-0C] <===========Here is "game.exe+00001537"
mov fs:[00000000],ecx
|
As far as I know,
"test eax eax" checks is eax == 0;
than it moves "01" into al;
but what does "js" mean? Why bother checking it and jump if necessary?
last, what is"fs:[00000000]"?
Thanks in advance.
|
|
| Back to top |
|
 |
STN
I post too much
 Reputation: 43
Joined: 09 Nov 2005
Posts: 2676
|
| Posted: Sun May 22, 2016 9:45 pm Post subject: |
|
|
very sleepy so i'll answer quickly
js -> http://stackoverflow.com/questions/21872334/what-does-js-do-in-assembly-x86
fs: is used in structured exception handling for accessing TEB. FS at offset something i don't remember right now points to the start of TEB or something like that but yeah it is used for exception handling. Anytime you see it, you can safely assume it might be a try/catch situation or accessing TEB etc etc depending on the piece of code you're analyzing.
_________________
|
|
| Back to top |
|
|
Dr.Disrespect
Grandmaster Cheater
![]() Reputation: 3
Joined: 17 Feb 2016
Posts: 526
|
| Posted: Sun May 22, 2016 10:07 pm Post subject: |
|
|
| STN wrote: | very sleepy so i'll answer quickly
js -> http://stackoverflow.com/questions/21872334/what-does-js-do-in-assembly-x86
fs: is used in structured exception handling for accessing TEB. FS at offset something i don't remember right now points to the start of TEB or something like that but yeah it is used for exception handling. Anytime you see it, you can safely assume it might be a try/catch situation or accessing TEB etc etc depending on the piece of code you're analyzing. |
Thanks, STN. 
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
