1.the stack address and new buffer address is automatic, so they can't be used them in code.
we should use
registers which store the useful information in code.
jmp eax,ecx,esi,edi...
lea ebp,dowrd ptr[esp+XX] to restore stack.
mov ecx,0040xxx
jmp ecx
the same as:
push 0040xxx
ret
mov [0040xx],xxx
posted on 2008-08-05 13:10
R.Zeus 阅读(267)
评论(0) 编辑 收藏 所属分类:
ASM-MACRO