James Taylor Posted June 6, 2018 Share Posted June 6, 2018 I am having trouble understanding struct in assembly from disassembly. can you please explain the code below. Disassembly pseudo code. Thanks Link to comment
evlncrn8 Posted June 6, 2018 Share Posted June 6, 2018 (edited) well you picked a terrible example... as those arent really a good example for referencing structs.. they're just doing the strcpy inline as dwords.. thats why its +4, +8 and so on, with a null terminator 4 th line in the asm for example mov dword ptr [eax] , 'orP C' mov dword ptr [eax+4], 'marg' infact the only struct usage you'll probably see is in the book id portion all the rest is just filling in strings into the structs Edited June 6, 2018 by evlncrn8 Link to comment
kao Posted June 6, 2018 Share Posted June 6, 2018 1) Get a basic book about assembly language. Read it and learn it. Then get a basic book about IDA disassembler. Read that too. That will answer all the questions you've asked so far on this forum and most of the questions you might ask in next few days. 2) If you're compiling your own example code to learn assembly language, disable all code optimizations in the compiler settings and enable PDB file generation. Make sure IDA loads the PDB file - it will make disassembly much more readable and understandable. 3) What you see in the disassembly screenshot, is inlined strcpy method. I don't want to repeat what's already be explained lots of times, so I'll just refer you to evlncrn8 's answer and https://reverseengineering.stackexchange.com/questions/18252/some-question-about-ida 1 Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now