Tuesday, October 20, 2009

Another way to jump w/o using JMP

There are quite a few ways to JUMP without using CALL or JMP. Snippet below jumps to another section without using JMP or CALL directives....


INVOKE MessageBox, NULL, CTEXT("Jumps to another section"), CTEXT("No CALL or JMP"), MB_OK



Your code in the section

invoke ExitProcess, NULL

end start

This snippet pushes the address of AREA_JUMP (which is a defined label) and allows us to jump to this location when the ret statement pops the top most element from the stack pointer.

No comments:

Post a Comment