opcode calculator??

[Vinnie]

Hi,

I need the hex value for: jmp short loc_0040149D
or in OllyDbg: jmp short Wpp.0040149D

Is there anyone that knows how to calculate those values, or has any url's
with info on opcodes and how to calculate to hex??

Thanks!!

[Tim Roberts]

The short jmp instruction is E9, but it is a relative instruction: the
operand is the offset to the destination. Thus, the actual instruction
will depend on the instruction's location.
--
- Tim Roberts, ti...@probo.com
Providenza & Boekelheide, Inc.

[Markus Humm]

Under DOS opcodes in hex can be determinated by DEBUG.EXE I think...
Afaik it's even there on WIndows 9x/2000 but nt tested, maybe in some
dusty corner of the installation CD...

Greetings

Markus

[René Kjellerup]

Tim Roberts wrote:

illu...@hotmail.com (Vinnie) wrote:
  

I need the hex value for: jmp short loc_0040149D
                          or in OllyDbg:  jmp short Wpp.0040149D

Is there anyone that knows how to calculate those values, or has any url's 
with info on opcodes and how to calculate to hex??
    

The short jmp instruction is E9, but it is a relative instruction: the
operand is the offset to the destination.  Thus, the actual instruction
will depend on the instruction's location.
  

I think you err about the opcode,

she asked about the 'jmp short' instruction and let me qoute both
the Intel Reference Manual and the nasm Documentation:

Intel>>>>>
"EB cb JMP rel8 Jump short, relative"(cut to fit on 1 line)
"E9 cw JMP rel16 Jump near, relative"(cut to fit on 1 line)
"E9 cd JMP rel32 Jump near, relative"(cut to fit on 1 line)
<<<<<

NASM>>>>>
"B.4.130 JMP: Jump
JMP imm        ; E9 rw/rd  [8086]
JMP SHORT imm  ; EB rb     [8086]"
<<<<<

which leads me to the conclusion that the answer to the question would
be:

'jmp short' opcode is EB, but its distination is a relative offset just 1 byte large which means it ranges from -128 to 127 bytes.

the nasm documentation can be found here:
http://nasm.sourceforge.net/

and the Intel reference manual can be found here:
http://www.intel.com/design/PentiumIII/documentation.htm

R. Kj.
--- as life grows older, I gain Experience.

[rjb]

"Vinnie" <illu...@hotmail.com> wrote in message
news:d002f09d.04052...@posting.google.com...

40149d=9CD5h - if that's what you're asking. On the other hand you might be
asking how the instruction's bytes are calculated. If so, look at the
address of the next instruction after the call. Subtract that address from
009CD5h. That's what you'll see in the disassembly. It's bound to come out
as <=7F or >= -80, or else the instruction would have been refused at
assembly time.

rjb

[Warwick Barnes]

A86 assembler manual has quite a good section on opcodes and addressing,
available as part of shareware package for 8086 version but you need to
register for version that assembles later 386 plus opcodes.

--
If you received this through the miracle of modern technology then all
is well; if not then situation normal.
Chris father of :-) ( also at chrisj...@openlink.org )
www.users.zetnet.co.uk/barnes_firsnorton

[Vinnie]

This is some code I got from a program. It's a legacy program, but
some machines in our factory still use it.
the command on address 00401474 is: JNZ SHORT Wpp.0040149D
however i need it to jump to 0040149D no matter the condition.
how would i do this?

00401472 . 84C0 TEST AL,AL
00401474 . 75 27 JNZ SHORT Wpp.0040149D
00401476 . B8 01000000 MOV EAX,1
0040147B . 50 PUSH EAX
0040147C . 6A 02 PUSH 2
0040147E . 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
00401481 . 52 PUSH EDX
00401482 . E8 1AA10800 CALL <JMP.&OWL501t.@TModuleVersionInfo@$>
00401487 . 83C4 08 ADD ESP,8
0040148A . 58 POP EAX
0040148B . 8B95 18FFFFFF MOV EDX,DWORD PTR SS:[EBP-E8]
00401491 . 64:8915 000000>MOV DWORD PTR FS:[0],EDX
00401498 . E9 5F010000 JMP Wpp.004015FC
0040149D > 66:C785 28FFFF>MOV WORD PTR SS:[EBP-D8],20
004014A6 . 8D4D F0 LEA ECX,DWORD PTR SS:[EBP-10]

[Vinnie]

Thank you for all the replies. I thought it was a simple number, but I
guess I will then have to calculate it the way rjb describes. Hope I
don't crash anything though ;)

Thx again!

[Charles A. Crayne]

On Wed, 2 Jun 2004 06:11:50 +0000 (UTC)
illu...@hotmail.com (Vinnie) wrote:

:00401474 . 75 27 JNZ SHORT Wpp.0040149D

Change the 75 to EB.

[rjb]

Your last message makes it clear that no calculation is needed. It's just an
unconditional jump to the same address as before, instead of a conditional
one. In that case, just do what Charles Crayne suggested. Change 75 into EB.
That changes the instruction from

jnz Address ;jump if zf not set
to
jmp short Address ;jump anyway

rjb

"Vinnie" <illu...@hotmail.com> wrote in message

news:d002f09d.04060...@posting.google.com...

[Ahmed Hossam]

i am sorry mr humm i have made a severe and continious laps of my judgement

[Frank Kotler]

2004?
I think you will find that DOS. etc. does not run anymore. Perhaps I
don't understand the question.

Best,
Frank

[wolfgang kern]

On 25/03/2022 04:11, Frank Kotler wrote:
> On 03/24/2022 06:21 PM, Ahmed Hossam wrote:
>> On Sunday, May 30, 2004 at 8:54:25 AM UTC-2:30, Markus Humm wrote:
>>> Under DOS opcodes in hex can be determinated by DEBUG.EXE I think...
>>> Afaik it's even there on WIndows 9x/2000 but nt tested, maybe in some
>>> dusty corner of the installation CD...
>>> Greetings
>>> Markus
>> i am sorry mr humm i have made a severe and continious laps of my
>> judgement

> 2004?

:) time travelers are always late!

> I think you will find that DOS. etc. does not run anymore. Perhaps I
> don't understand the question.

perhaps we still can use DOS-box ? It works at least on my win10.
__
wolfgang