0

Okie... So this is what i have

[ENABLE]
004dea6a:
push [00]
jmp 004DEA6f


[DISABLE]
ret

can anyone help me figure out how to get this to return back to the original state before the jmp? I have tried many other things and still cant figure it out. I even tried this

[ENABLE]
Alloc(EatA, 4)
004dea6a:
push [00]
jmp EatA

EatA:
004dEA6A:
jmp 004DEA6f


[DISABLE]
Dealloc(EatA)
ret

any ideas? this is just basic asm i believe masm? but im not all that sure. Im kinda doing this as i go along i can do the flags and stuff but this eip jmp stuff is killing me.

2
Contributors
1
Reply
2
Views
10 Years
Discussion Span
Last Post by Ryu
0

Hmm the original state before a jump is to not do a jmp at all or patching the jmp opcodes with nop's. Obviously this isnt MASM but a dissassembled binary. If you mean restoring the state before a push, you need to add into ESP register, poping this into a register would not exactly restoring the state as a immediate value was pushed.

By the way, theres no jmp that jumps to EIP. However jumping to the same EIP address is a infinite loop.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.