| |
| |
| |
|
<eedy31> Mr et Mme deuf ont un fils...
<MrPrimate> does anyone know what RingZero means? I have had someone refer to this as some level of processor security?
<wcstok> on x86 (and probably others) it's the most privileged access level on the cpu
<wcstok> normally the OS runs in that mode
<eedy31> OS kernel yes
<DarKPhoeniX> bn all
<wcstok> 'course sane procs call it supervisor mode or something...x86 has to be different 'cause its got 4 levels instead of 2
<MrPrimate> hmm, nice
<MrPrimate> so all windows or linux kernel level drivers are at ring 0
<eedy31> yes
<DarKPhoeniX> listen to eedy31, he's a ****in r0x0r :)
<eedy31> lol
<Bigbang> but frog :/
<wcstok> unless they're running under some sort of funky emulator heh
<imaginator> is there a reason to not use 'leave' in the epilogue of a procedure in x86 asm? I wonder why I see some people do movl %ebp,%esp ; popl %ebp ; ret
<eedy31> good night everybody
<imaginator> simple instructions instead."
<wcstok> that's why =P
<imaginator> I made the mistake of using loopnz and so on, and now I guess I should learn to avoid leave too, or make a macro :)
<ilpavox> is intel or at&t syntax more common?
<xark> ilpavox: Probably Intel. But its a "when in Rome, do as the Roman's do", kind of thing. So typically use AT&T if using GNU tools, and Intel when using other tools.
<xark> (Or AT&T with Solaris x86 tools too, I guess :)
<ilpavox> learning asm in school now.. they teach intel. how different are the two syntaxes?
<xark> ilpavox: In general no two ***emblers are typically fully compatible. So, you mostly have to tweak code for the ***embler you are using (i.e., no such thing as "official" Intel ***embler, even though there are "Intel style" mnenonics).
<ilpavox> got ya
<xark> ilpavox: Newer GNU tools support Intel opcodes as well (-Masm=intel for gcc or .intel_syntax in gas files).
<xark> However, don't think this makes them compatible with masm or nasm (for example)/
<xark> .
<xark> (It makes them much closer though)
<ilpavox> nasm supports intel. right?
<xark> ilpavox: Yes, I suggest using nasm or yasm .
<xark> (yasm is basically a rewrite of nasm)
<xark> ilpavox: Its Intel style (but not MASM compatible if that is what your teacher is using(.
<ilpavox> he is actually using a really old ***embler (dewar ***embler) that only supports 16 bit code. we transition to nasm soon
<xark> OK, then nasm sounds good. Nasm also has nice documentation (and x86 reference).
<ilpavox> cool.
<ilpavox> thanks
<ilpavox> is it a few hours reading to transition to at&t or is it much different?
<xark> Mostly its opcode source, dest instead of opcode dest, source but there are some differences in addressing modes too (e.g., (%eax,%ecx,4) instead of [eax+ecx*4] etc.)
<xark> ilpavox: Google will have some hints on AT&T <-> Intel.
<xark> Here is the "official" doc on AT&T syntax (and there is a paragraph describing differences with Intel standard IIRC) -> http://docs.sun.com/app/docs/doc/817-5477/6mkuavhr5?a=view
<ilpavox> ty
<iojkl> hello
<mab> "Input the origin of the code (in decimal value). In other words the offset in memory where the code is supposed to be run from"
<mab> what is that?
<mab> anyone idea?
<skuggi> in what context?
<mab> ***embly program
<mab> I open an exe
<mab> and it asks that
<skuggi> what exe?
<mab> just an exe, it says that for all exes
<skuggi> what does this have to do with ***embly programming?
<mab> what is origin of the code?
<edcba> the entrypoint
<edcba> where the execution begins
<mab> and how can i determine that?
<edcba> in the header
<mab> aha
<mab> i'm making progress
<mab> hmmz
<mab> edcba, this may sound very trivial and stupid to you
<mab> but how to get in the header of an exe
<edcba> what tools do you have ?
<mab> An open source ***embler
<mab> but i have also ollydbg
<mab> if i could find it with that maybe?
<mab> is it possible, edcba
<edcba> is it a win32 exe ?
<mab> yes
<mab> edcba, idea?
<edcba> then load it with ollydbg
<edcba> and look at the pe header
<zars> mab: i prefer lordPE
<zars> mab: http://mitglied.lycos.de/yoda2k/LordPE/info.htm
<DarKPhoeniX> gn
Return to asm
or
Go to some related
logs:
huge web "add.php"
ircnet #domian logs
beginner
|
|