Main page
Asm 101
My (bad) version of lstrcpy
Anatomy of a bitmap file
Anatomy of a wave file
C runtimes for asm
Minesweeper for the Casio fx-9750G calculator
Metronome in assembler
IRC chatlogger bot source
ID3 tag reader
nofrillz blog section
Magnetiser firefox addon
Asm 101
My (bad) version of lstrcpy
Anatomy of a bitmap file
Anatomy of a wave file
C runtimes for asm
Minesweeper for the Casio fx-9750G calculator
Metronome in assembler
IRC chatlogger bot source
ID3 tag reader
nofrillz blog section
Magnetiser firefox addon
Asm 101:
First off, you have a heck of a lot of registers to play around with. These are handy little places for moving info around, and some are good for storing for later use. Here goes:
EAX=general purpose register, most api's return something in this
EBX=general purpose register, often used to store offsets (BX is the only pointer available it 16-bit asm)
ECX=general purpose register, the counter
EDX=general purpose register, the data register
ESI=source index (pretty general)
EDI=destiny index (pretty general)
EBP=base pointer (not used by any apis, is great for storing a base offset you use lots)
Keep in mind that when calling a function, eax will be changed to the return value, and ecx and edx will be screwed around with. Only edi, esi, ebx and ebp will be the same. Remember that in a callback proc the assumption is made that your program will leave edi, esi, ebx and ebp as they were found aswell, I once forgot this and used ebx as part of my function without pushing it onto the stack first. The consequence of this was that my program crashed instantly.
I think that's about it, well, that's all i ever use. The general purpose registers break
down a bit further, as follows:
So if AH=3fh (3F in hexadecimal, the h lets us know its hex, ill use hex most of the time
here) and AL=15h then AX=3F15h. Also we can shift this value into the high word using SHL
EAX,16 (16 bits to the left, that's two bytes, or a word).
I thought I would put in some basic opcodes (commands, they translate DIRECTLY into machine
code) that get used a heck of alot:
MOV X,Y (X=Y, moves the value in Y or number Y into the register X)
MOV [X],Y (moves the value in Y or number Y into the part of memory X or in register
X)
MOV X,[Y] (moves the value at memory position Y into register X)
ADD X,Y (adds the value Y or value in register Y into register X)
SUB X,Y (subtracts Y from register X)
INC X (increases X by one) DEC X (decreases X by one) XOR X,X (clears register X)
PUSH X (moves value in register or memory location X onto stack)
POP X (moves highest value on stack into register or memory location X)
Here are a few curly ones:
MUL Y
This varies depending on which register is used. If you use an 8-bit register (BL, CL, DL, DH etc), it is multiplied by AL and the answer is stored in AX.
If you use a 16-bit register (BX, CX, DX, SI etc) it is multiplied by AX and the answer is stored in DX:AX (so if the answer was 12345678h then DX=1234h and AX=5678h)
If you use a 32-bit register (EBX, ECX, EDX, ESI etc) it is multiplied by EAX and the answer is stored in EDX:EAX
DIV Y
This is the opposite of MUL, and varies depending on which register is used. If you use an 8-bit register (BL, CL, DL, DH etc), it divides AX by the register, and the answer is in AL, remainder in AH
16-bit - DX:AX/register, AX=answer, DX=remainder
32-bit - EDX:EAX/register, EAX=answer, EDX=remainder
CMP X,Y
Compares two values, and sets certain flags.
JC/JE label - Jumps to the label if the carry flag is set (if CMP is equal)
JNC/JNE label - Jumps if carry flag isn't set
JA/JG label - Jumps if X is greater than/above Y
JL/JB label - Jumps is X is less than/below Y
etc etc - if you can simplify your logic down far enough, there's probably a conditional jump for you.
Email me if these descriptions aren't detailed enough, this is the second version of the tutorial by the way.
JMP X - jumps to a label in the code, so in the following code:
jmp nextline
mov eax,3
nextline: sub eax,3
we would miss the line (mov eax,3) and go straight to the (nextline) part. Labels can be
just about anything btw, so have fun.
INVOKE APINAME,VAR1,VAR2,etc
This is used for calling the api, which have had their libs and incs loaded. This is all for
now, just so i can get this up on the net, email me nofrilz@hotmail.com with what you want
to see in the next tutorial, and ill see what i can do
Sweet as
NoFriLLz
First off, you have a heck of a lot of registers to play around with. These are handy little places for moving info around, and some are good for storing for later use. Here goes:
EAX=general purpose register, most api's return something in this
EBX=general purpose register, often used to store offsets (BX is the only pointer available it 16-bit asm)
ECX=general purpose register, the counter
EDX=general purpose register, the data register
ESI=source index (pretty general)
EDI=destiny index (pretty general)
EBP=base pointer (not used by any apis, is great for storing a base offset you use lots)
Keep in mind that when calling a function, eax will be changed to the return value, and ecx and edx will be screwed around with. Only edi, esi, ebx and ebp will be the same. Remember that in a callback proc the assumption is made that your program will leave edi, esi, ebx and ebp as they were found aswell, I once forgot this and used ebx as part of my function without pushing it onto the stack first. The consequence of this was that my program crashed instantly.
I think that's about it, well, that's all i ever use. The general purpose registers break
down a bit further, as follows:
EAX
high word | AX
AH | AL
high word | AX
AH | AL
So if AH=3fh (3F in hexadecimal, the h lets us know its hex, ill use hex most of the time
here) and AL=15h then AX=3F15h. Also we can shift this value into the high word using SHL
EAX,16 (16 bits to the left, that's two bytes, or a word).
I thought I would put in some basic opcodes (commands, they translate DIRECTLY into machine
code) that get used a heck of alot:
MOV X,Y (X=Y, moves the value in Y or number Y into the register X)
MOV [X],Y (moves the value in Y or number Y into the part of memory X or in register
X)
MOV X,[Y] (moves the value at memory position Y into register X)
ADD X,Y (adds the value Y or value in register Y into register X)
SUB X,Y (subtracts Y from register X)
INC X (increases X by one) DEC X (decreases X by one) XOR X,X (clears register X)
PUSH X (moves value in register or memory location X onto stack)
POP X (moves highest value on stack into register or memory location X)
Here are a few curly ones:
MUL Y
This varies depending on which register is used. If you use an 8-bit register (BL, CL, DL, DH etc), it is multiplied by AL and the answer is stored in AX.
If you use a 16-bit register (BX, CX, DX, SI etc) it is multiplied by AX and the answer is stored in DX:AX (so if the answer was 12345678h then DX=1234h and AX=5678h)
If you use a 32-bit register (EBX, ECX, EDX, ESI etc) it is multiplied by EAX and the answer is stored in EDX:EAX
DIV Y
This is the opposite of MUL, and varies depending on which register is used. If you use an 8-bit register (BL, CL, DL, DH etc), it divides AX by the register, and the answer is in AL, remainder in AH
16-bit - DX:AX/register, AX=answer, DX=remainder
32-bit - EDX:EAX/register, EAX=answer, EDX=remainder
CMP X,Y
Compares two values, and sets certain flags.
JC/JE label - Jumps to the label if the carry flag is set (if CMP is equal)
JNC/JNE label - Jumps if carry flag isn't set
JA/JG label - Jumps if X is greater than/above Y
JL/JB label - Jumps is X is less than/below Y
etc etc - if you can simplify your logic down far enough, there's probably a conditional jump for you.
Email me if these descriptions aren't detailed enough, this is the second version of the tutorial by the way.
JMP X - jumps to a label in the code, so in the following code:
jmp nextline
mov eax,3
nextline: sub eax,3
we would miss the line (mov eax,3) and go straight to the (nextline) part. Labels can be
just about anything btw, so have fun.
INVOKE APINAME,VAR1,VAR2,etc
This is used for calling the api, which have had their libs and incs loaded. This is all for
now, just so i can get this up on the net, email me nofrilz@hotmail.com with what you want
to see in the next tutorial, and ill see what i can do
Sweet as
NoFriLLz
