-
Anonymous users2024-02-05The Trojan is not clear, and you are explaining the meaning of the MOV instruction in general terms, without explaining the specific addressing process.
Toxsch is basically right, but EBP is not the top of the stack but the Extended Stack Base Pointer (EBP), and ESP is the top of the stack.
So this is: mov eax, dword ptr ss:[ebp+c] to send a double word in the stack from the bottom of the stack to the top c byte position to eax.
Mov ECX, DWORD PTR SS:[EBP+14] sends a double word in the stack 14 bytes from the bottom of the stack up to ECX.
Add eax, add the value of ECX EAX and the value of ECX, and the result is sent to EAX
MOV DWORD PTR DS:[ESI], eax sends the value of EAX to the two-word memory cell with the address ESI in the data segment.
In addition, the double byte is 32768 to 32767, but it involves a double word, lz should pay attention to this difference, Toxsch is right, the double word is -2 31 to 2 31-1, the number is relatively large.
This is a disassembly**,Most of the landlords are using not too strong disassembly software,If it's a stronger software like IDA Pro,There shouldn't be such a ** as above。 EBP+C and EBP+14 certainly have their meanings, EBP+C may mean the penultimate parameter, EBP+14 means the penultimate parameter, and so on.
Contact me if needed.
-
Anonymous users2024-02-04Assign the two-word value at the current stack top downward offset ch to EAX, assign the two-word value at the current stack top downward offset by 14h to ECX, add the values of EAX and ECX to EAX, and finally send the value at EAX to ESI.
It's just an addition operation in a function.
dword is a two-word, four-byte word. Range: Unsigned from zero to twenty thirty-first square minus one, signed from minus two thirty-one square to twenty thirty-first square minus one.
That's a lot of money, so do the math yourself if you need to.
-
Anonymous users2024-02-03mov eax,dword ptr ss:[ebp+c] ;Send the data in the stack from the SS:[EBP+C] position to EAX (EBP is the stack calibration pointer, and DWORD PTR defines this data as a double font).
mov ecx,dword ptr ss:[ebp+14] ;Same as above.
add eax,ecx ;The value of EAX and the value of ECX are added and the result is sent to EAX
mov dword ptr ds:[esi],eax ;Send the value of the EAX to the memory cell that DS:[ESI] points to
The range of double-byte numbers is 32768 32767 and if it is unsigned, the range of double-byte numbers is 0 65535
c language has just learned, I'm afraid of writing it wrong and embarrassing, hehe, don't be surprised
-
Anonymous users2024-02-02I'm sorry, it's useless for two years, and I've forgotten about it. Help you top.
-
Anonymous users2024-02-01BL=10000011,CF=1,ADC (with carry addition) BL,90H is equal to BL+90H+CF=10000011+10010000+1=100010100 The result is 14H with 8 digits, and there are carrying, CF=1
-
Anonymous users2024-01-3183h+90h+1h=114h
BL is an 8-bit register, and the high-bit truncation is 14h
-
Anonymous users2024-01-30Data 3FH, 06H, 5BH, 4FH, 66H, 6DH, 7DH, 07H, 7FH, 6FH, 77H, 7CH, 39H, 5EH, 79H, 71H are stored in the program memoryThe procedure is as follows:
db 3fh,06h,5bh,4fh,66h,6dh,7dh,07h
db 7fh,6fh,77h,7ch,39h, 5eh,79h,71h
Read the above-mentioned data in the program memory and send it to the external data memory address is 4000H 400FH storage unit, then take out the data in the external data memory 4000H 400FH and send it to the 50H 5FH of the internal data memory, and finally sum the data in 50H 5FH bytes and output the result by P2 (high 8 bits) and P1 (low 8 bits) port.
-
Anonymous users2024-01-29The actual compilation of the assembly do not to figure out what the opcode is, his meaning is the binary ** of the instruction, the operand is used to provide the actual value for the operation of the instruction, there is an address and data, depending on the situation of the instruction.
-
Anonymous users2024-01-28The Instruction Opcode section gives what kind of operation the instruction should accomplish, and its length depends on the number of instructions in the instruction system.
The operand part is used to describe the operands of the instruction, such as giving the value of the operands participating in the operation, or indicating where the operands are stored and where the results of the operation should be sent.
-
Anonymous users2024-01-271. What does the opcode tell the CPU to do?
2. The operand is used to provide an operand object for the operation of the instruction. It is a supplement to the opcode, and the opcode plus the operand constitutes a complete instruction.
3. Some instructions only have opcodes but no operands, such as shutdown instructions, which can already fully express an action.
4. Most instructions have 1 to 3 operands, such as addition, subtraction, multiplication and division, and the opcode specifies the addition operation, but what to add, who and whom to add, is specified by the operand.
Internet speed refers to the speed at which you upload ** data when surfing the Internet, in short, the speed of the network. The faster the internet speed, the faster the files, movies, and smoother the online games. >>>More
RAID-0 (stripe set).
RAID-1 (mirrored volume). >>>More
Birth, an ancient thought that did not pay attention to worldly things (for example, there was a difference between entering the world and being born among the sons of the pre-Qin dynasty). It often refers to the birth of a person. Buddhism refers to freedom from the bondage of the world, which is synonymous with liberation. >>>More
This boy is not worth knowing, it is not advisable to say that the person you love is not advisable, and it is not advisable to ridicule the girl you like with other boys. So whether he has a crush on her or not, don't pay attention to it, the real love for you is not yet the age to be able to truly understand. I'll talk about love later.
When Kong Rong was ten years old, he went to Luoyang with his father. At that time, Li Yuanli was very famous and served as a lieutenant. The people who came to his house were all those who were of great intellect, of high reputation, and of their own relatives. >>>More