not so secret?

im new at assembly (in english too) and i have a question as you may guess: can i add new lines of code to exe file? its just for experimental causes not for hack, crack or something like that. i wanna protect my software. so i mean if i open exe with hex editor, and insert few bytes (for example opcode of mov command and operand) is program works fine? (okay im sure its bad, very bad grammar. sorry for that) if it can be done, we're not safe at all. anyway, thanks for your helps.


  • Hello newbie coder,
    I am 3y3ty.
    To answer your question with some info Vortex Reign will
    be very pleased by barrels of toxic waste.

    Inserting bytes into a binary image will affect control transfer

    103 EBFB JMP 0100
    105 CD20 INT 20

    Take a look at the instruction at 103,
    it is opcode EB (short jump) with a displacement of FB.
    FB is a negative displacement since the most significant bit
    is set to 1, it is in two's complement.
    F. B.
    / /
    - 1 subtract one
    ~11111010 invert bits
    00000101 now we have 5.

    So we know that FB will decrement the instruction pointer (IP)
    by 5 to reach the instruction at 100.
    This is because when the JMP 0100 at 103 is pulled in by
    the processor IP will point at 105 and 105 + -5 = 100
    because IP is incremented by the size of the instruction
    pulled in to point to the next instruction.
    For example,
    MOV AX,DEAD at 100 is three bytes and the next instruction
    is at 103.

    Watch what happens when we insert a new instruction a byte at
    a time without adjusting the jump.

    103 BBADED MOV BX,EDAD < inserted instruction
    106 EBFB JMP 0103 < same instruction but jumps
    to a different location
    And this will happen to every control transfer instruction
    past where you inserted a instruction.

    It will also affect the offset of memory variables past
    where you inserted the instruction since instructions
    take up space in the binary image it will push the memory
    variables farther down in memory changing their offsets.

    This is some of the examples of the complications
    of just inserting some bytes with a hex editor.

    THE SOLUTION --> Dissassemble the binary file!
    If you dissassemble the binary file and change the offsets to
    labels the assembler will handle calculating offsets,
    and since they are labels and not direct offsets you will
    be able to insert an instruction anywhere!

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


In this Discussion