Re: Fiddling with the Instruction Pointer
- From: "f0dder" <spamtrap@xxxxxxxxxx>
- Date: Wed, 28 Sep 2005 21:40:18 +0000 (UTC)
Sami Lakka wrote:
> It has been long since I did anything with x86 assembler and now I'm
> starting a small hobby project. What I would like to do is monitor the
> instructions that the x86 machine is performing and when certain
> conditions occur I would like to perform other operations instead of
> those in the instruction pointer. Could someone give me pointers how
> to do this with your regular x86 Windows XP machines. For example how
> to write an app that constantly monitors the IP?
This depends on what level you want to monitor the instruction pointer. If
you're satisfied with a single application, and don't need to trace
applications that have been protected, the WIN32 Debug API will most likely
handle what you need.
If you need more heavy monitoring than this, you'll need to be very
comfortable with the IA-32 instruction set and architecture (see intel's
volume 3, "systems programming guide"), as well as the NT internals, which
is an even more complex beast...
.
- References:
- Fiddling with the Instruction Pointer
- From: Sami Lakka
- Fiddling with the Instruction Pointer
- Prev by Date: Re: Fiddling with the Instruction Pointer
- Next by Date: Re: Figuring out table based encryption in assembly
- Previous by thread: Re: Fiddling with the Instruction Pointer
- Next by thread: Re: Fiddling with the Instruction Pointer
- Index(es):
Relevant Pages
|
