1

I'm trying to learn Assembly as I feel it will be helpful when I start my CS courses that deal with lower level languages and material down the road (C is the lowest I've learned so far).

To do this, I'm using CE and looking at memory addresses and Assembly commands from some older, simple games. Basically learning Assembly by hacking old games.

There's one command that looks like this:

add [eax], ecx

From my understanding add will add the two arguments together and store them into the first argument and [ ] essentially acts as a deference.

So will it add the value of eax and the address of ecx and store them into eax, or will it store them into the address that eax is holding?

If it will help here are the addresses:

eax =   00EFA188
ecx =   00000014
  • 3
    It will increment the contents of memory at the address in `eax` by the value of `ecx`. You should spend some time learning how to read an `x86` instruction reference. – Gene Jan 15 '18 at 04:23
  • first link from google on "x86 assembly beginner" lead to this: http://www.cs.virginia.edu/~evans/cs216/guides/x86.html ... I gave it a quick look, and it looks like tremendous quick kick off material. Not truly comprehensive (there are some MASM syntax intricacies unexplained), which makes it at least lot more compatible with other assemblers, but you will need at least one or two more resources (your assembler documentation is one obvious, Intel's docs and their web shortened versions with instructions only is second, and well, you need 1-2 more to these) to fill up on details. – Ped7g Jan 15 '18 at 11:14
  • And I never seen Cheat Engine in action, but expect it a bit rough, as it's focused on accomplishing something else than fully programming in x86 assembly, so don't hesitate to cross-check with other things, get also some decent full development tools for trying out some examples. From CE usage it looks like you are still on windows OS, so I have no idea what are the options there (I think some Visual Studio edition is now free for personal use, but not sure what parts of SDKs to suggest for full asm support), but there must be some, some people sort of still use windows even for development. – Ped7g Jan 15 '18 at 11:18
  • A minor stylistic note: *command* is not the right term. In assembly, you have *instructions.* Try using the correct terms. – fuz Jan 15 '18 at 12:38
  • depends on whether this is intel or AT&T syntax as to which is the destination (left or right). Looking at other instructions in this source or disassembly will tell, if there is a constant add eax,12h or add 12h,eax with whatever other syntax required for a constant in that assembly language will clue you in. from the values it does appear that your understanding is correct. – old_timer Jan 15 '18 at 13:52
  • x86 is a very bad first instruction set to learn. there are a number of other better ones. can also take the approach of compiling simple C functions and then disassembling the object. with clang/llvm being out of the box multi-target you can examine many different instruction sets. with gcc you can build many compilers for different targets and examine each. pdp-11 is one of the best first instruction sets but the gnu port syntax doesnt match what you will find in dec docs. msp430 somewhat of a clone, good first one. arm/thumb. mips for a different view on things. – old_timer Jan 15 '18 at 13:57

1 Answers1

5

It reads the value in memory at 00EFA188, adds 14 to that value, and stores the sum back into memory at 00EFA188.

prl
  • 11,716
  • 2
  • 13
  • 31