Looking for programs entry point?

jamesmustain · February 22, 2021, 04:41:39 PM

#Garbage Dispatcher Edit#
#Removed Full Page Advertisement for Vaccuum Cleaner#

jj2007 · February 22, 2021, 06:51:40 PM

That's easy: mov eax, offset start

What do you need it for?

TouEnMasm · February 22, 2021, 07:04:04 PM

lea eax(rax) ,start (mai,WinMain) is more secured.
The start adress is dynamically allowed by the linker,the use of offset had good chance to be false.

jj2007 · February 22, 2021, 07:27:19 PM

Quote from: TouEnMasm on February 22, 2021, 07:04:04 PMthe use of offset had good chance to be false.

Interesting, can you post an example?

TimoVJL · February 22, 2021, 07:58:24 PM

https://docs.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization

Address of entry point is in PE-header.

BogdanOntanu · April 03, 2021, 07:13:42 AM

Quote from: TimoVJL on February 22, 2021, 07:58:24 PM
https://docs.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization

Address of entry point is in PE-header.

Not really, the offset of _start symbol will ALSO be adjusted by the PE loader IF ASLR is used on a PE :D

So

Code Select

mov eax,offset start
is safe to use with ASLR[/code]

jj2007 · April 03, 2021, 07:23:59 AM

Hi Bogdan, nice to see you

Gunther · April 03, 2021, 08:01:57 AM

I agree with Jochen: Welcome back Bogdan. We've missed you.

Gunther

six_L · April 03, 2021, 10:08:00 AM

Hi,BogdanOntanu
we are glad to see you are back.

the developer of Sol_OS/Sol_asm, the Steel Soldier.

BogdanOntanu · April 04, 2021, 02:21:00 AM

Hi all,

Thanks for your nice words ;)

The MASM Forum

News:

Looking for programs entry point?

jamesmustain

jj2007

TouEnMasm

jj2007

TimoVJL

BogdanOntanu

jj2007

Gunther

six_L

BogdanOntanu