There are quite a few ways to JUMP without using CALL or JMP. Snippet below jumps to another section without using JMP or CALL directives....
.code
start:
INVOKE MessageBox, NULL, CTEXT("Jumps to another section"), CTEXT("No CALL or JMP"), MB_OK
push AREA_JUMP
ret
::::::::::::::::::::::
::::::::::::::::::::::
::::::::::::::::::::::
AREA_JUMP:
:::::::::::::::::::::
Your code in the section
:::::::::::::::::::::
invoke ExitProcess, NULL
end start
This snippet pushes the address of AREA_JUMP (which is a defined label) and allows us to jump to this location when the ret statement pops the top most element from the stack pointer.
No comments:
Post a Comment