Im reading thru "The Art of Exploitation" and had a quick asm question. When you grab or set data in a register like [epb-4] like when you zero it. Are you only setting a subset of the registrar? Is it just to efficiency or do I have this totally wrong.
naturally right after I post this he covers it and I was completely wrong. Thou im confused why you would want to change the address, i assume that you could overwrite data stored at that address.
Just burned his ISO
You can using different addressing modes. The above one is just one of them.
Zero it in the sense u mean Xor the registers or memmory location?? well if ur are xor ing [ebx-4] onle tht data in tht location will only get zero
If you are messing with calls and the stack, then you need to manually set EBP in your shellcode, otherwise NASM or similar does this for you.