I was using a debugger the other day to see what the contents of a small program I made in C++ looked like. I noticed that asm instructions were saved in the form of hex numbers. For example, "PUSH EAX" is 0x50, and "MOV EAX,EBX" is 0x8BC3. This would be a cool idea if I wanted to inject code into my program. But if I wanted to, how am I supposed to know what "POP EAX" or "INC EAX" would be? Is there a site that shows what the hex equivalent of asm instructions are?
tommy,
read the rules in terms of activities like code injection and keep this stuff out of here.
All binary executable files store code in the same manner, as opcodes, not as mnemonics or hex or otherwise. P-code is hybrid and script languages usually store text.
The Intel manuals tell you this, but be careful of what you want to do with such information (mentioning things like "code injection" tend to ring alarm bells around here). Read the DMC thread that has been going on here (http://www.masm32.com/board/index.php?topic=4869.0) for some extra info on instruction encodings.
But I'll just say that the encoding of instructions is not as straight forward as you might think.
Ossa
QuoteThis would be a cool idea if I wanted to inject code into my program
Yes...it would be cool...but you know something even cooler??? How about looking at it this way... "Creation more difficult than destruction" and so how about trying to "create" something before moving on to the above mentioned activities? :)
Hope you take the criticism constructively!!! :)
Regards,
Shantanu Gadgil
How funny and pathetic is that...
He has no idea what opcodes are, what binary format is all about, no clue at all, but he wants to "inject code" :cheekygreen:
Standard "newbie wants to be a hacker" issue..
Eugen
To Eugen,
I agree, but I also think that instead of drubbing a newbie for having some "cool" idea, we should tell him that the "way" he is thinking might not be the best, and try to show him the right way! :bg :bg
Say what?
Of course, you are right, but i just could not help myself :bdg
Eugen
well, thanks for all the people who gave me positive remarks. I do not intend to be a hacker! Ha! that is actually laughable (I nearly fell off my chair). I was just experimenting with my debugger. I wouldn't call myself a newbie, but I wouldn't not either (if that makes sense). I am a newbie, however, when it comes to binary formats.
QuoteI do not intend to be a hacker!
Cool! :cheekygreen: :cheekygreen:
<philosophical rant>
Buuuut...on a side node...technically a "hacker" is a person who "finds out" how things work as opposed to a c**cker who does stuff with malicious intent....(blah..blah...you know) :lol :lol
</philosophical rant>
Anyway...thats all for now from me!!! :bg :bg
I have a problem with how everyone is responding to tommmy77's thread. Who in this forum did not one way or another has asked that question? i.e.
Quotehow am I supposed to know what "POP EAX" or "INC EAX" would be?
Anyone who has dissasembles ANY prog will naturally ask that question. As this is the key of how any progamming language is translated so the machine understands. The only mistake that he did was to mention the word:
Quoteinject code
which MIGHT reflect his intent. By asking the question it shows:
1. He is naive as he did not know what others do with code injection.
2. He is trying to understand asm from the heart
Given his understanding of asm, he is far from being hacker/cr**acker. Instead, he is simply sharing his experience in asm learning and reflecting. The fact that he is TRYING to understand, yet in return the forum attacks him like he is cr*cker. Any language can be used to hack/cr*ck, and trends tells us that most of these are done in C/C++.
Quote from: shantanu_gadgil"Creation more difficult than destruction"
I give you: criticism is much much EASIER than encouragement.
Sometimes, when ppl are at the top of the hill, they look down and see how the others are climbing. Some simply sits and giggle at other's mistakes, if only they had a video of their own venture. Some walk back and forth at the top displaying their might and this flicks little pebbles stumbling the ones still climbing. Some, see others repeating the same mistake they would go back down and lead them in the right direction. The strong ones would carry them one their shoulders and they would repeat this until they cannot do so.
very very well put @ paranoidx, gonna save that last paragraph. im afraid im not much help in where to go to learn inc/pop, but im sure if you gave us more examples of the terms you wish to learn we could explain one by one.
Guys,
Understand this much that the rules of this forum are not subject to co-ercion from new members. Collectively there are hundreds of years experience floating around this forum and the rules of the forum are enforced by both the admin team and our members. Code injection techniques are a NO NO here because the legal stuff cannot be seperated from the rest.
After having many new members try and post stuff here that is not allowed, we exercise the policy where we shoot first and ask questions later and while we will unlock threads if the member responds to the question promptly and are doing something sensible, we will not tolerate any nonsense in here.
Now rather than try and work against us, make use of the very large number of skilled people who are members here and you will do well but understand that with the level of experience available with the members and team, there will be no stunts pulled in here.
I would suggest you to learn more on theory of compillation and assemblers, instruction set and opcodes. It isn't illegal but informative!
Quote from: paranoidx on June 21, 2006, 05:06:08 AM
I have a problem with how everyone is responding to tommmy77's thread. Who in this forum did not one way or another has asked that question?
1. We have answered those questions for ourselves. Because when we did it, we did our homework for ourselves.
2. There is not enough information to go on here. How many times can we count the h*ch*rs & cr*ck*rs who have tried.
3. Law suit are becoming more common now. Who wants to be a party to one of those ignorantly?
4. There are plenty of websites to answer these basic questions. So is He Google illiterate? Is 'Search' that hard to use? So he asked a question, that he could look up himself. You get no help, then you find help for yourself. Grow up! Your entitled to find the answer yourself, but not demand one.
Most professionals need to move on for simple stuff like this. If you want to help, go ahead and help him.
Regards, P1 :8)
Quote from: paranoidx on June 21, 2006, 05:06:08 AMSometimes, when ppl are at the top of the hill, they look down and see how the others are climbing. Some simply sits and giggle at other's mistakes, if only they had a video of their own venture. Some walk back and forth at the top displaying their might and this flicks little pebbles stumbling the ones still climbing. Some, see others repeating the same mistake they would go back down and lead them in the right direction. The strong ones would carry them one their shoulders and they would repeat this until they cannot do so.
The struggle to find an answer is more valuable than being given the answer. Because if your going out on the leading edge, there is no one to show you where to go. That is what maps are about. So go buy one, if you don't want to be lost.
Experience is about generating answers for yourself.
Been there, done that. :U
Regards, P1 :8)
Quote from: P1 on June 21, 2006, 06:24:57 PM
Experience is about generating answers for yourself.
I couldnt agree more.
I may have been a little too harsh, but the combination between total ignorance of binary format/opcodes and the desire for 'code injection' was simply too extreme for me, i just had to say something ::).
tommmy77, good luck with opcodes understanding, and also with code injection understanding, because basically any knowledge is not good or evil, is neutral. Its
what you do with that knowledge that is relevant, and especially
why you do it.
Eugen
Well said Eugen :clap: :clap:
Quote...any knowledge is not good or evil, is neutral.
Quote from: P1 on June 21, 2006, 06:24:57 PM
Experience is about generating answers for yourself.
Hmm, I think I'll save that in my list of favorite quotes. :U
i believe we satisfied the questions of what and why about 10 posts ago :dazzled:, care to move on? :boohoo:
Ok. First, I do appreciate all critacism. At least now I realise some of the rules of this forum. I promise it will not happan again. Also, why do the words "code inj******" always result in a false assumption? All of you seem to know what it is - and so do I. I know just as much as you all do when it comes to that topic, and nothing more. I first read a tutorial about it and it never stated that it was used for hacking/cra***** purposes. Now I know.
Tommy,
If you read my posting, its a problem for admin of having no way of telling if its legal purpose or illegal purpose and for that reason alone the topic will not be allowed in this forum. In this forum there are many people who well know how to write direct binary code but they have learnt it in a context that is far wider than a narrow and suspicious range of interest and this ranges from compiler/assembler design to various binary file formats.
We deliberately shoot first and ask questions later as far too many new members have tried to bypass the forum rules with their pet theories and desire to get help in an area that is not allowed here but with the range of experience of members in this forum, no-one will get away with a stunt of this type as they get picked very quickly and closed down. What I suggested to you is work with us and you will be able to learn many useful things from the very wide number of people who are members here who help out where they can.
Oh, this question is so difficult to discuss indeed! Imagine a software security developer or developer of antiviruses... Do they do bad things? NO. But the deal they do require special knowledge on all what "bad guys" know and use... Is it illegal? Knowledge is absolute, but it is matter how to use the knowledge you have. Should we avoid knowledge like that? I think no. But should we avoid people that use it wrong. YES!
yes, it's a good idea and code injection is available, but it's too difficult'
[Don't post links to code that is not allowed in this forum] 1st and last warning.
alright, my mouth is shut.
Quote from: tommmy77 on June 29, 2006, 10:54:55 PMalright, my mouth is shut.
But that will not stop you from typing, will it? :lol
Regards, P1 :8)