Reverse Engineering Software: For Loop in Bomb2.exe




I. Multiple/Variable Argument functions

  • sscanf
  • Highlight push before calls for context

II. Array Access

  • Commonly found within for loops
  • General form: [base+count*increment]
mov     eax, [ebp+arg_4] ; base
add eax, 14h ; count*increment

III. For Loop
  • 3-expressions for (i=0; i < 256; i++) {}
    • Initialization
    • Test
    • Counter
  • Note, all parts are optional.
  • In most (not all) cases there will be a common variable



This is a classic for loop. Note the 3 parts of a for loop:

  • Initialization
loc_4011D1:
mov [ebp+var_4], 1
jmp short loc_4011E3
  • Test expression
loc_4011E3:
cmp [ebp+var_4], 6
jge short loc_401207
  • Counter
loc_4011DA:
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s