Re: Need a jump opcode generator.

Skybuck Flying wrote:

Look what the debugger showed me after the sendto is overwritten:

ws2_32.sendto:
71C03D14 FFE8 jmp eax
71C03D16 FE4000 inc byte ptr [eax+$00]
71C03D19 83EC10 sub esp,$10
71C03D1C 56 push esi
71C03D1D 57 push edi

Original is:

ws2_32.sendto:
71C03D14 8BFF mov edi,edi
71C03D16 55 push ebp
71C03D17 8BEC mov ebp,esp

Hmmmmmmmmmmmm me wonders what DOES IT MEAAAANNNNnnnn ?! ;)

Let's seeee.

FF is near absolute jump.

No idea what E8 is ?! What the *** is that doing there ?!

GET OUT OF THERE YOU STUPID OPCODE I didn't program you there ?!

The manual says:

FF /4

What the *** does /4 mean ?

Me interpreted as:

/4 means 4 bytes follow.

Which would make sense... the next 4 bytes would be the jump address me thought...

Intel has lost it's mind... what a crappy DOC.

Oh no... no me wished I copied more text from original winsuck... now I can't see if it overwrote any other bytes... probably not though...

But me gonna check anyway.

Maybe me code simple asm example to see what happens:

asm
jump $123456789
end;

might work ;)

Bye,
Skybuck.

You are dangerous..



--
"I'm never wrong, once i thought i was, but was mistaken"
Real Programmers Do things like this.
http://webpages.charter.net/jamie_5

.

Quantcast