Welcome to Community Server
Sign in
|
Join
|
Help
REblog
A Reverse Engineer's Blog
RSS 2.0
Atom 1.0
Home
About
<
March 2006
>
Su
Mo
Tu
We
Th
Fr
Sa
26
27
28
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
2
3
4
5
6
7
8
Search
Go
Archives
March 2008 (1)
February 2008 (1)
September 2007 (1)
August 2007 (3)
April 2007 (1)
February 2007 (1)
January 2007 (1)
September 2006 (1)
August 2006 (2)
June 2006 (1)
May 2006 (1)
March 2006 (2)
February 2006 (1)
December 2005 (1)
October 2005 (1)
September 2005 (1)
July 2005 (2)
June 2005 (3)
Friday, March 17, 2006 - Posts
Using Structure Offsets as Symbolic Constants in IDA
I was analyzing Win32/Valla.2048 today, a file infector written in x86 Assembly. It keeps almost all of its variables (file handles, API function addresses, etc.) at the end of its section and it references these variables relative to EDI:
Read More
posted
Friday, March 17, 2006 11:31 AM
by
jason
|
5 Comments