Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Question on indexing mode in assembly?

James Taylor
James Taylor
in Programming and Coding

Featured Replies

Posted

i am new to assembly programming. First i thank to member of tuts4you for being helpful in needy times. 

I am learning assembly from online and books.

i am stuck on point. I am having problem using 

1. lea eax, [esp-04h*2]

2. mov [ebx-04h], bp ;

3. cmp [esi+eax-06h], 'KCUF'

4. cmp word ptr [ebx+18h], 01h

5. cmp dword ptr [esi], 00455000h

or similar code snippet.

Thanks, I know this is very basic question to ask but i wanna learn from here as well.

Please take some moment and explain what address mode it is and what does the code do. 

Thanks 

Edited by James Taylor

1. lea eax, [esp-04h*2]
lea stands for load effective address so it evaluate esp-04h*2 and it will place the result in eax
 2. mov [ebx-04h], bp ;
mov = move; but actually in assembler is just set the first operand with second operand:
so it will set the word (1 word = 2 bytes) from the evaluated address [ebx-04h] with bp register
3. cmp [esi+eax-06h], 'KCUF'
cmp = compare; will compare the dword from the address [esi+eax-06h] with 'KCUF'
I assume that first operand is a dword due to size of second: which has 4 chars = 4 bytes = 1 dword!
4. cmp word ptr [ebx+18h], 01h
compare the word from the address [ebx+18h] with 1
5. cmp dword ptr [esi], 00455000h
compare the dword from the address given by esi with 00455000
h - stand for hexadecimal value!
 

Edited by CodeExplorer

  • Author

1. lea eax, [esp-04h*2]

I understand what lea mean. I want to understand

 [esp-04h*2]

 [esi+eax-06h] 

Thanks 

its maths..  [esi+eax-06h] would be the same as [a+b-6] .. do the substitition

get the value in esi

add eax to it

subtract 6

come on.. you arent even trying and this is getting REALLY tedious

 

  • Author
3 hours ago, evlncrn8 said:

its maths..  [esi+eax-06h] would be the same as [a+b-6] .. do the substitition

get the value in esi

add eax to it

subtract 6

come on.. you arent even trying and this is getting REALLY tedious

 

in your opinion esi+eax these will be added and then 6 will be subtracted as order or precedence of operation?

Then what's the memory adddress.?

i give up.. its maths dude.. simple math

in the debugger see what esi is, and what eax are and so some simple math, infact the debugger might even do it for you

do some damn homework yourself, and answer your own questions

now please

stop quoting me, i have simply realised you are beyond help and thus.. i give up 

 

Edited by evlncrn8

  • Author
7 minutes ago, evlncrn8 said:

i give up.. its maths dude.. simple math

in the debugger see what esi is, and what eax are and so some simple math, infact the debugger might even do it for you

do some damn homework yourself, and answer your own questions

now please

stop quoting me, i have simply realised you are beyond help and thus.. i give up 

 

please don't get mad. from now ono will try first and ask later

Thanks i am debugging now.

 

and yet you quote me...

does stupidity come naturally to you ? or is it just ignorance ?

  • Author

Not by naturally. 

1 hour ago, James Taylor said:

in your opinion esi+eax these will be added and then 6 will be subtracted as order or precedence of operation?

Then what's the memory adddress.?

operations are computed in the order in which they are written;
[esi+eax-06h]
: first you do esi+eax then you substract from it 06.

esi, eax, etc. are registers: most important difference between memory and registers are that CPU registers are much faster!
CPU registers and memory are used for holding data!
memory address = pointer = any value is accessed by this;
in compiled exes they are no names for variables (names are lost) instead of names are replaced by their addresses.
 

Edited by CodeExplorer

Hi,

I see you 2 will be best friends forever. :hug:

Hint: Check out IA-32 Opcode Map 1.5 by Yury Lukach so there you have many infos about opcodes at once...

2018-08-01_213651.png.085a9e41c23dd2eff7d0f12923c58b72.png

...about the LEA command.Yes,the memory address is the result of [X] like the others said already eax+esi-6 = address.Its diffrent to mov command what moves the source and lea not also if both using brackets.Just keep the brackets away in your head for this example...

2018-08-01_214613.png.4fd0d62cc1ba85ee56bbade76bae1e5c.png

...in OllyDBG you can see the result address on fly in pane window.Just play a little around.

greetz

  • Author
30 minutes ago, LCF-AT said:

Hi,

I see you 2 will be best friends forever. :hug:

Hint: Check out IA-32 Opcode Map 1.5 by Yury Lukach so there you have many infos about opcodes at once...

2018-08-01_213651.png.085a9e41c23dd2eff7d0f12923c58b72.png

...about the LEA command.Yes,the memory address is the result of [X] like the others said already eax+esi-6 = address.Its diffrent to mov command what moves the source and lea not also if both using brackets.Just keep the brackets away in your head for this example...

2018-08-01_214613.png.4fd0d62cc1ba85ee56bbade76bae1e5c.png

...in OllyDBG you can see the result address on fly in pane window.Just play a little around.

greetz

Thanks a lot i really appreciate it. You guy make this forum great.

one more question what will be the c pseudo code for this?  

Thanks 

Edited by James Taylor

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.