1. ## LocalPlayer reversing

im a bit stuck here/
i know i probably wont get much help here,
so ill post her and at UC.
its ASM so...
I was reversing LocalPlayer
(thats where a reliable source told me to work at)
and i come across this:

Code:
```loopne  near ptr dword_372CB000+7ECh
test    ds:0C8D62EF7h, edi
bound   esp, [eax-3EDE4AE9h]
les     edx, [ebx+3Ah]
cmc
lea     edx, [esi]
jo      short near ptr dword_372CB000+7F8h
jo      short loc_372CB8DF
jle     short loc_372CB853
and     ebp, 23h
db      3Eh, 64h
push    edx
test    [edx], bl
imul    esi, [ebp+7E62589h], 77h```
have at it

2. What were you trying to do and what exactly were you stuck at doing.

3. i kinda figured it out.
i achieved what i set out to do.
i was just trying to figure out what
test [edx], bl
actually did.
turns out whatever it does, doesnt matter too much,
it didnt cause any damage not knowing
i understand
test [edx]
but not understanding the point of "bl" at the end

4. Its same like
Code:
`test dword ptr [eax], 2000h`
It "tests" with the AND operator if the pointer EAX is pointing to a varibale value which is actually 2000h (8192d), and then set its flags

5. ## The Following 2 Users Say Thank You to Ch40zz-C0d3r For This Useful Post:

-Bl00d- (12-04-2012),[MPGH]Flengo (12-04-2012)

6. The real answer you are looking for is.

Code:
`test    [edx], bl // Tests the value of edx with BL to see if they match.`
bl comes from ebx which is a 32 bit register bx is 16 bit register so bl come from bx since bx has a bh and bl
ana base high and base low which means the high 8 bits and low 8 bits so you are using the low 8 bits of ebx which is equivalent to one byte.

8 bit register can hold up to a value of 255. so your code is comparing if(edx == bl)
and as hint the value is comparing is less than 255 since ur using an 8bit register have fun.

7. Originally Posted by legendy
The real answer you are looking for is.

Code:
`test    [edx], bl // Tests the value of edx with BL to see if they match.`
bl comes from ebx which is a 32 bit register bx is 16 bit register so bl come from bx since bx has a bh and bl
ana base high and base low which means the high 8 bits and low 8 bits so you are using the low 8 bits of ebx which is equivalent to one byte.

8 bit register can hold up to a value of 255. so your code is comparing if(edx == bl)
and as hint the value is comparing is less than 255 since ur using an 8bit register have fun.
so theoretically....
in this "test"
if
exd = bl
then
continue
else
exit
.......
possibly what its for?

8. it depends on what the rest of the assembly look like but yeah it is a condition. which will set your flags and possible conditional jumps around there.
if you want add me on skype. teamnonymous i can help you out with what ever your doing since im bored and got nothing to do o:

9. ## The Following User Says Thank You to legendy For This Useful Post:

-Bl00d- (12-06-2012)

10. Originally Posted by legendy
it depends on what the rest of the assembly look like but yeah it is a condition. which will set your flags and possible conditional jumps around there.
if you want add me on skype. teamnonymous i can help you out with what ever your doing since im bored and got nothing to do o:
i remember the name legendy but cant remember where it was from.

11. Registers - SkullSecurity

In addition to the 8 32-bit registers available, there are also a number of 16-bit and 8-bit registers. The confusing thing about these registers it that they use the same storage space as the 32-bit registers. In other words, every 16-bit register is half of one of the 32-bit registers, so that changing the 16-bit also changes the 32-bit. Furthermore, the 8-bit registers are part of the 16-bit registers.
For example, eax is a 32-bit register. The lower half of eax is ax, a 16-bit register. ax is divided into two 8-bit registers, ah and al (a-high and a-low).
There are 8 32-bit registers: eax, ebx, ecx, edx, esi, edi, ebp, esp.
There are 8 16-bit registers: ax, bx, cx, dx, si, di, bp, sp.
There are 8 8-bit registers: ah, al, bh, bl, ch, cl, dh, dl.

12. ## The Following User Says Thank You to Departure For This Useful Post:

-Bl00d- (12-08-2012)

13. Originally Posted by -Bl00d-

i remember the name legendy but cant remember where it was from.
He's a programmer/coder from like 2009.