Menu
I want to get the current value of the EIP register with assembly language. Is that possible?
648
Probably the simplest method of obtaining the value in EIP is Call $+5, which is a CALL to the next instruction. The value of EIP is then pulled off the stack and placed into a register. A simple form of this can be observed within the Bloxor shellcode encoder.
EIP stands for Extended Instruction Pointer and is used to track the address of the current instruction running inside the application.
The EIP Card is a Treasury-sponsored, VISA-branded, prepaid debit card that provides a safe, convenient and secure way for EIP recipients to access their Economic Impact Payments without having to go to a bank or credit union to cash a check.
ret is basically how you write pop eip (or IP / RIP) in x86, so popping into an architectural register and using a register-indirect jump is architecturally equivalent.
Assuming 32-bit x86, use the following function:
get_eip: mov eax, [esp] ret Then, to get the value of EIP in EAX, simply:
call get_eip If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
