Tuesday, October 20, 2009

Another way to jump w/o using JMP

There are quite a few ways to JUMP without using CALL or JMP. Snippet below jumps to another section without using JMP or CALL directives....


.code
start:

INVOKE MessageBox, NULL, CTEXT("Jumps to another section"), CTEXT("No CALL or JMP"), MB_OK

push AREA_JUMP
ret

::::::::::::::::::::::
::::::::::::::::::::::
::::::::::::::::::::::

AREA_JUMP:
:::::::::::::::::::::
Your code in the section
:::::::::::::::::::::

invoke ExitProcess, NULL

end start

This snippet pushes the address of AREA_JUMP (which is a defined label) and allows us to jump to this location when the ret statement pops the top most element from the stack pointer.

No comments:

Post a Comment