初学问:怎样把汇编指令转换成十六进制
初学问:怎样把汇编指令转换成十六进制比如下面的:
:004BA704 51 push ecx
:004BA705 8BCE mov ecx, esi
:004BA707 FF90D0010000 call dword ptr [eax+000001D0]
:004BA70D 85C0 test eax, eax
:004BA70F 0F8461050000 je 004BAC76
:004BA715 8B16 mov edx, dword ptr [esi]:004BA717 57 push edi
:004BA718 8BCE mov ecx, esi
:004BA71A FF92F4000000 call dword ptr [edx+000000F4]
:004BA720 E80BD1FCFF call 00487830
:004BA725 8BF8 mov edi, eax
:004BA727 8B06 mov eax, dword ptr [esi]
:004BA729 8BCE mov ecx, esi
:004BA72B 8B1F mov ebx, dword ptr [edi]
:004BA72D FF504C call [eax+4C]
:004BA730 50 push eax
* Possible StringData Ref from Data Obj ->"behit!"
|
:004BA731 68309A5C00 push 005C9A30
:004BA736 8BCF mov ecx, edi
:004BA738 FF93B0020000 call dword ptr [ebx+000002B0]
:004BA73E E933050000 jmp 004BAC76
:004BA743 8B16 mov edx, dword ptr [esi]
:004BA745 8BCE mov ecx, esi
:004BA715 8B16 mov edx, dword ptr [esi]
我想把“mov edx,dword ptr ds:[esi]” 修改成 “JE 004BAC76”
这个“JE 004BAC76”
的十六进制怎么换?用什么工具,麻烦介绍一下,
。。。。。。。。。还有,如果换成以后多出几个或是少几个字节怎么办??
多出来势必要覆盖下面的字节空间,可是少了又怎么办,
比如"004F2CAE 753E jne 004F2CEE"
把 “ jne 004F2CEE”换成“nop”
nop = 90,
“753E” 换成 “90 XX”,多出空间怎么办??
大侠帮帮手
