Jump to content
Un_Known

Help me With Instruction logic

Recommended Posts

Posted (edited)
On 6/27/2019 at 2:30 AM, Un_Known said:

Why pc is pointing to 0x8 shouldn't it be pointing to  0x4 from current address! 

As next  instruction would always be at 0x4 from current address

as instructions are of 32 bits (exclude thumb instruction set here )@saiaapiz

So finally I Got answer to this thnx to @saiaapiz .

Posting Answer here because it can help many!

The Program Counter is automatically incremented by the size of the instruction executed. This size is always 4 bytes in ARM state and 2 bytes in THUMB mode. When a branch instruction is being executed, the PC holds the destination address. During execution, PC stores the address of the current instruction plus 8 (two ARM instructions) in ARM state, and the current instruction plus 4 (two Thumb instructions) in Thumb(v1) state. This is different from x86 where PC always points to the next instruction to be executed. 

Edited by Un_Known

Share this post


Link to post
Share on other sites

Posted (edited)
9 hours ago, Un_Known said:

So finally I Got answer to this thnx to @saiaapiz .

Posting Answer here because it can help many!

The Program Counter is automatically incremented by the size of the instruction executed. This size is always 4 bytes in ARM state and 2 bytes in THUMB mode. When a branch instruction is being executed, the PC holds the destination address. During execution, PC stores the address of the current instruction plus 8 (two ARM instructions) in ARM state, and the current instruction plus 4 (two Thumb instructions) in Thumb(v1) state. This is different from x86 where PC always points to the next instruction to be executed. 

If above Answer is confusing this might be better explanation:

In ARM State:

PC (Program counter , R15). stores the address of the current instruction plus 8 (two ARM instructions) in ARM state.

In Thumb State:

For B, BL, CBNZ, and CBZ instructions, the value of the PC is the address of the current instruction plus 4 bytes.

For all other instructions that use labels, the value of the PC is the address of the current instruction plus 4 bytes, with bit[1] of the result cleared to 0 to make it word-aligned.

Edited by Un_Known

Share this post


Link to post
Share on other sites
On 6/26/2019 at 3:02 AM, Un_Known said:

Can anybody explain logic here 

It's ARM instruction set:

Here dword_36BD38 is uninitialized variable in .bss section

LDR       R3, =(dword_36BD38 - 0x19D86C) 

ADD      R3, PC, R3  ; dword_36BD38

CMP      R0, #0

STR       R0, [R3]

MOVLT   R2, #0x7FFFFFFF

STRLT     R2, [R3]

I have a little idea what's happening here but couldn't understand whole logic!

What is that for?

Share this post


Link to post
Share on other sites
Posted (edited)

It's for understanding game logic and then modding the game!

 

Edited by Un_Known

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By Anonymous11
      Hi Guyzz.today I will indroduce myself I will joined and I will make VIP SCRIPTS AND MOD MENUS for fps games like PUBG MOBILE AND PUBG MOBILE LITE and I will uploaded here so follow me and stay updated.....
    • By Un_Known
      I found a value in Game located at  libgame.so + 0x8AE13.
      But when I would open lib in IDA what should be base address to which I have to add this offset to find that value?
      would it be 0000000 OR something else
    • By Un_Known
      While lib files on android can be analysed statically very easily but dynamic lib debugging is also another option to get to know what is happening during runtime.
      When static analysis may take up alot of time dynamic analysis is always a better option!
      So how to debug libs?
      lib files are not independent they need a running process to be debugged.
      Let's Start:
      Perquisites:
      IDA PRO
      ADB 
      Rooted Device
      USB cable
      Note: Enable usb debugging
      And don't select Filetransfer mode select PTP mode otherwise device won't be listed by ADB
      Google if you don't Know how to Connect  to PC using ADB
      Now
      Load lib in IDA PRO first which is to be analysed.
      Now connect your device to PC over ADB 
      Go to IDA PRO installation directory and from folder dbgsrv copy file android_server to adb folder
      And execute following commands:
      adb devices  [To make sure device is connected ]
      adb push android_server /local/data/tmp
      adb shell
      su
      cd /data/local/tmp
      ll [To Get list of files incurrent  directory]
      chmod 755 android_server 
      ./android_server
      Minimizethe windows where android_server is running and open a new command prompt window and run following command:
      adb forward tcp:23946 tcp:23946
       
      select the "Remote ARM Linux/Android debugger", go into "ProcessOptions" in the debugger menu, and set the hostname to localhost.And port : 23946
      Now Run the apk on your device from which this lib was extracted!
      And In IDA go to:
      Debugger menu Choose attach to process and from list of processes select the process of your apk.
      Thnx 
      Any correction and suggetion would be welcomed!
       
    • By Un_Known
      Can somebody explain following post indexing example from ARM 
      instruction set
      LDR  r0, [r1] ,r2,  lsl#3
×
×
  • Create New...