Toggling bits in FLAGS ?

Slugsnack · June 08, 2008, 12:50:46 PM

I was curious as to how I might read and write bits from the EFLAGS register after a certain instruction had executed (at a given virtual address).

I was thinking GetThreadContext/SetThreadContext, have I got my head turned in the right direction ?

jj2007 · June 08, 2008, 03:30:48 PM

pushfd
pop eax
bt eax, n

Slugsnack · June 08, 2008, 05:30:14 PM

Thanks, I have not come across bit instructions like this before so I'll need to do a bit of reading ::)

Do you have any idea how I could do this for another thread without "hooking" it with a JMP ?

jj2007 · June 08, 2008, 05:39:56 PM

OllyDbg shows the flags.

Slugsnack · June 08, 2008, 05:59:34 PM

Yeap, that's exactly what I want to reproduce. Olly is able to step onto any instruction and then you can change flag states at that point. I was hoping to do the same thing but not sure how to go about doing it.

News:

Toggling bits in FLAGS ?

Slugsnack

jj2007

Slugsnack

jj2007

Slugsnack