Hosting Provided By

Re: GetPC code (was: Shellcode from ASCII)

From: Roland Postle <mail(at)blazde.co.uk>
Date: Thu Jun 26 2003 - 16:28:40 EDT

On Thu, 26 Jun 2003 20:40:30 +0100, Roland Postle wrote:

>B9 D0FEFD7F MOV ECX,7FFDFED0
Oops, as Gera just pointed out to me I used a relative call in my haste. I intended to use the absolute call (opcode 9A), only Olly didn't compile it how I wanted. However the problem with that is that you need to specify the segment, and on windows at least, the only usuable one contains a null (0x001B). Perhaps there are systems where it'll work, but for NT I'll have to keep thinking :)

Blazde

Received on Thu Jun 26 18:53:51 2003

This message: [ Message body ]
Next message: Hyperion: "Starting on Assembly under win32"
Previous message: Gerardo Richarte: "Re: GetPC code (was: Shellcode from ASCII)"
In reply to Roland Postle: "Re: GetPC code (was: Shellcode from ASCII)"
Next in thread: Berend-Jan Wever: "Re: GetPC code (was: Shellcode from ASCII)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT