#1
|
||||
|
||||
XED2 (x86 encoder decoder) c++ library
Hi All,
I just want to use XED2 library made by Intel for assembly encoding. According to the documentation the asm syntax differs from MASM so I have to convert all my original assemblies to XED2 assembly. The question is how? I've read all docus and found out the basic differences but call and jump instructions are pretty special. Is there MASM -> XED conversion howto somewhere? For instance how can I convert the following to XED syntax: 1. call far 0x11223344 2. call near 0x11223344 3. call dword ptr [0x11223344] 4. jmp far 0x11223344 5. jmp near 0x11223344 6. jmp dword ptr [0x11223344] Thanks in advance! BR, Ferrit |
#2
|
|||
|
|||
Quote:
if it's just up to changing 0x to ...h so regular expressions will help you here?.. |
#3
|
||||
|
||||
Maybe I was not explicit enough
This works: MASM: xor eax, eax XED2: xor eax eax Quote:
MASM: jmp far 0x11223344 XED2: jmp_far 0x11223344 XED2: jmp_far 11223344h Quote:
|
#4
|
|||
|
|||
Quote:
example 012345678h Last edited by ragdog; 01-03-2014 at 17:45. |
#5
|
|||
|
|||
Just a slight educated guess. I've read a little (scrambled) through some PDF's from various Universities mentioning xed2 keyword and found that this was made by Intel. Available at http://www.pinpoint.org
You may search there for "XED2" keyword and see if the Downloads and Discussions/Documentation help you. Seems they provide for a flavor of Operating Systems like Window$ and Linux. And here is some more research from University Code:
http://www.cs.virginia.edu/kim/publicity/pin/docs/20751/Xed/html/main.html Last edited by |roe; 01-04-2014 at 04:42. |
#6
|
|||
|
|||
Hi, the documentation at cs.virginia.edu seems outdated, take look at the documentation in the folder pin-2.13-62141-msvc10-windows\extras\xed2-ia32\doc\ref-manual\html\group__CMDLINE.html or at this site
Code:
http://software.intel.com/sites/landingpage/pintool/docs/58423/Xed/html/group__CMDLINE.html Code:
xed -e jmp "BRDISP:11223344" Code:
g:\projects\pin-2.13-62141-msvc10-windows\extras\xed2-ia32\bin>xed -e jmp "BRDISP:11223344" Request: JMP BRDISP_WIDTH:32, MODE:1, RELBR:0x11223344, SMODE:1 OPERAND ORDER: RELBR Encodable! E944332211 .byte 0xe9,0x44,0x33,0x22,0x11 for pointers: Code:
xed -e jmp "MEM4:EAX" Code:
g:\projects\pin-2.13-62141-msvc10-windows\extras\xed2-ia32\bin>xed -e jmp "MEM4: EAX" Request: JMP EASZ:2, MEM_WIDTH:4, MEM0:dword ptr [EAX], MODE:1, SMODE:1 OPERAND ORDER: MEM0 Encodable! FF20 .byte 0xff,0x20 Last edited by h8er; 01-05-2014 at 05:54. |
The Following User Gave Reputation+1 to h8er For This Useful Post: | ||
ferrit.rce (01-05-2014) |
#7
|
|||
|
|||
I can't edit the post above (don't know why), here is a jmp dword ptr [0x11223344]
Code:
xed -e jmp "MEM4:-,-,-,11223344" Code:
g:\projects\pin-2.13-62141-msvc10-windows\extras\xed2-ia32\bin>xed -e jmp "MEM4:-,-,-,11223344" Request: JMP DISP_WIDTH:32, MEM_WIDTH:4, MEM0:dword ptr [0x11223344], MODE:1, SMODE:1 OPERAND ORDER: MEM0 Encodable! FF2544332211 .byte 0xff,0x25,0x44,0x33,0x22,0x11 |
The Following 2 Users Gave Reputation+1 to h8er For This Useful Post: | ||
ferrit.rce (01-05-2014), |roe (01-10-2014) |
#8
|
||||
|
||||
Hey h8er! You're the maaan
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
LZMA1 encoder/decoder (ASM+C) | mudlord | Developer Section | 6 | 11-05-2018 01:40 |