Jump to content
Nytro

X86/Win32 Reverse Engineering Cheat-Sheet

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

X86/WIN32 REVERSE ENGINEERING CHEATSHEET

Instructions
GENERAL PURPOSE 32BIT
REGISTERS ADD <dest>, <source> Adds <source> to <dest>. <dest> may be a register or memory. <source> may
EAX Contains the return value of a function call. Be a register, memory or immediate value.
ECX Used as a loop counter. "this" pointer in C++. CALL <loc> Call a function and return to the next instruction when finished. <proc>
EBX General Purpose may be a relative offset from the current location, a register or memory addr.
EDX General Purpose CMP <dest>, <source> Compare <source> with <dest>. Similar to SUB instruction but does not
ESI Source index pointer Modify the <dest> operand with the result of the subtraction.
EDI Destination index pointer DEC <dest> Subtract 1 from <dest>. <dest> may be a register or memory.
ESP Stack pointer DIV <divisor> Divide the EDX:EAX registers (64?bit combo) by <divisor>. <divisor> may be
EBP Stack base pointer a register or memory.

Download:

http://shell-storm.org/papers/files/797.pdf

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...