I'm making a start in the assembly, and I've written a very simple program that uses Windows Win32 7 will show a message box in the API. I wanted to modify this so that there was current EIP during the text time in MessageBox, OK, "capture" a phone + pop move.
But MessageBox uses parameters for lpText to read parameters as ASCII as it tries to read it as an ASCII string, then feeding value 00401005 (captured EIP value) Will turn into garbage
So my idea was to take each byte using LODSB and to extract each Nibb from it, expand it into bytes and in bytes so that I can finish with an 8 byte string. So I will just add 48 to convert them into each ASCII, but I'm stuck. And I was wondering if anyone knows any missing for such extraction?
Although it is finished, here is the code, if it helps in all
[bits 32] extern _MessageBoxA @ .text Global _main _main 16 section: Phone _Cast push 0x0 push title push push eax 0x0 call _MessageBoxA @ 16 retired 0x10 _Cast: mov esi, esp mov ECX, 8 loop: xor eax, x losb; Logic Dec ECX JNZ loop retired section .data title db "hello", section 0bbs.bss buffer resb goes 8 Thanks!
So what do you have to stop by completing the code that has been prepared? You are loading each byte of the address in EAX.
- Save the value to the stack
- Process on high munching (move mask and correct, translate, then display, or store)
- Pop value
- Process less nibble (mask, translate, display, or store)
- Repeat.
One of the warnings is that you can not add 48 to <> translate to them. This will work for 0 - 9 , but this will not display 'A - F' (10 to 15) correctly. Therefore, an easy choice will be a glance table. Define a 16 byte string, and use the null value as an index:
HEXDIGITS db "0123456789ABCDEF" After that, Every item value for the index in the table
If you do not talk about doing a little labor upfront, then you can generate 256 values which 00 through FF and each Simplifying your _cast routine by looking at each byte instead of the corner I'm not sure if it passes as easy because it has more characters to type , But it will be faster because you give the address of each byte to the fourth Only 2) issues.
Comments
Post a Comment