Reverse Engineering Software: For Loop in Bomb2.exe

Source: http://opensecuritytraining.info/

I. Multiple/Variable Argument functions

II. Array Access

mov     eax, [ebp+arg_4] ; base
add     eax, 14h         ; count*increment

III. For Loop

3-expressions for (i=0; i < 256; i++) {}
- Initialization
- Test
- Counter
Note, all parts are optional.
In most (not all) cases there will be a common variable

This is a classic for loop. Note the 3 parts of a for loop:

loc_4011D1:
mov     [ebp+var_4], 1
jmp     short loc_4011E3

loc_4011E3:
cmp     [ebp+var_4], 6
jge     short loc_401207

loc_4011DA:
mov     edx, [ebp+var_4]
add     edx, 1
mov     [ebp+var_4], edx

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this:

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…