assembly - Binary Patching - modifing existing instructions and keeping machine code alignment -


i'd edit first instruction , change jmp 100h (give or take few bytes) mov edi,edi takes 2 bytes , jmp 100h takes 5 bytes (correct me if im wrong)

i edit machine code jmp 100h , add nop round 6 bytes.

.text:08048dd5                 mov     edi, edi .text:08048dd7                 mov     edi, edi .text:08048dd9                 mov     edi, edi .text:08048ddb                 mov     edi, edi .text:08048ddd                 mov     edi, edi .text:08048ddf                 mov     edi, edi .text:08048de1                 mov     edi, edi .text:08048de3                 mov     edi, edi .text:08048de5                 add     [ebp+var_c], 1  ; add .text:08048de9                 mov     eax, offset format ; "message %d: %s" .text:08048dee                 lea     edx, [ebp+s]    ; load effective address .text:08048df4                 mov     [esp+8], edx

the result looks like: 

.text:08048dd5                 jmp     loc_8048d41 .text:08048dd5 ; --------------------------------------------------------------------------- .text:08048dda                 db 90h .text:08048ddb                 db 89h, 0ffh .text:08048ddd                 db 89h, 0ffh .text:08048ddf                 db 89h, 0ffh .text:08048de1                 db 89h, 0ffh .text:08048de3                 db 89h, 0ffh .text:08048de5 ; --------------------------------------------------------------------------- .text:08048de5                 add     [ebp+var_c], 1 .text:08048de9                 mov     eax, offset amessageds ; "message %d: %s" .text:08048dee                 lea     edx, [ebp+s] .text:08048df4                 mov     [esp+8], edx .text:08048df8                 mov     edx, [ebp+var_c]

what goes wrong here? how keep rest of code intact?

looks works, disassembler isn't interpreting data instructions. because of preceding jmp instruction - disassembler sees code right after never reached, assumes it's not code (and interprets straight data).


Comments

Post a Comment

Popular posts from this blog

How to mention the localhost in android -

i trying call localhost in android application. unfortunately not possible used several methods emulator local host http://10.0.2.2/android/dbconnection.php and network ip address http://192.168.1.xx/android/dbconnection.php also http://localhost:8080/android/dbconnection.php but nothing connected localhost. purpose refer stackoverflow answers not working i facing same problem when worked on localhost. referred stackoverflow answer got solution create new emulator works fine in new emulator.
Read more

php - Calling a template part from a post -

i include iframe within post in wordpress. located inside content of post, meaning cannot in post template file, otherwise either before or after. i'd add facebook plugin within posts: <div id="socialwrap"><div class="fb-like" data-href="http://onlinearizonahomes.info" data-send="true" data-width="450" data-show-faces="true" data-font="arial"></div></div> i thinking of calling template part within post <?php get_template_part( 'social' ); ?> cannot use php within post without plugin (i'd avoid using plugin this). an alternative using javascript create html in post, seems unnecessary use of javascript. what best way add html within wordpress post? you can use shortcode. add functions.php function cudjex_fbshare( $atts, $content = null ) { global $post; $link = get_permalink($post->id); return '<div id="socialwrap...
Read more

c# - String.format() DateTime With Arabic culture -

check below code snippet, namespace testdateconvertion { class program { static void main(string[] args) { datetime testvalue = new datetime(2013, 12, 15, 15, 33, 44); cultureinfo culture = new cultureinfo("ar-sa"); string stringvalue = string.format(culture, "{0:d} {0:hh:mm:ss}", testvalue); console.writeline(stringvalue); console.readline(); } } } it gives output 22/02/35 15:33:44 i not getting how possible. whats 35 doing in output there that's 13/12/2015 in hijri, 35 means 1435 in hijri, default date format saudi arabia.
Read more