LocalPlayer reversing

[-Bl00d-]

im a bit stuck here/
i know i probably wont get much help here,
so ill post her and at UC.
its ASM so...
I was reversing LocalPlayer
(thats where a reliable source told me to work at)
and i come across this:

Code:

loopne  near ptr dword_372CB000+7ECh
test    ds:0C8D62EF7h, edi
bound   esp, [eax-3EDE4AE9h]
les     edx, [ebx+3Ah]
cmc
lea     edx, [esi]
jo      short near ptr dword_372CB000+7F8h
jo      short loc_372CB8DF
jle     short loc_372CB853
and     ebp, 23h
db      3Eh, 64h
push    edx
test    [edx], bl
imul    esi, [ebp+7E62589h], 77h

have at it

[[MPGH]Flengo]

What were you trying to do and what exactly were you stuck at doing.

Provide some more information about the situation please.

[-Bl00d-]

i kinda figured it out.
i achieved what i set out to do.
i was just trying to figure out what
test [edx], bl
actually did.
turns out whatever it does, doesnt matter too much,
it didnt cause any damage not knowing
i understand
test [edx]
but not understanding the point of "bl" at the end

[Ch40zz-C0d3r]

Its same like

Code:

test dword ptr [eax], 2000h

It "tests" with the AND operator if the pointer EAX is pointing to a varibale value which is actually 2000h (8192d), and then set its flags

[legendy]

The real answer you are looking for is.

Code:

test    [edx], bl // Tests the value of edx with BL to see if they match.

bl comes from ebx which is a 32 bit register bx is 16 bit register so bl come from bx since bx has a bh and bl
ana base high and base low which means the high 8 bits and low 8 bits so you are using the low 8 bits of ebx which is equivalent to one byte.

8 bit register can hold up to a value of 255. so your code is comparing if(edx == bl)
and as hint the value is comparing is less than 255 since ur using an 8bit register have fun.

[-Bl00d-]

The real answer you are looking for is.

Code:

test    [edx], bl // Tests the value of edx with BL to see if they match.

bl comes from ebx which is a 32 bit register bx is 16 bit register so bl come from bx since bx has a bh and bl
ana base high and base low which means the high 8 bits and low 8 bits so you are using the low 8 bits of ebx which is equivalent to one byte.

8 bit register can hold up to a value of 255. so your code is comparing if(edx == bl)
and as hint the value is comparing is less than 255 since ur using an 8bit register have fun.

so theoretically....
in this "test"
if
exd = bl
then
continue
else
exit
.......
possibly what its for?

[legendy]

it depends on what the rest of the assembly look like but yeah it is a condition. which will set your flags and possible conditional jumps around there.
if you want add me on skype. teamnonymous i can help you out with what ever your doing since im bored and got nothing to do o:

[-Bl00d-]

it depends on what the rest of the assembly look like but yeah it is a condition. which will set your flags and possible conditional jumps around there.
if you want add me on skype. teamnonymous i can help you out with what ever your doing since im bored and got nothing to do o:

i remember the name legendy but cant remember where it was from.

[Departure]

Registers - SkullSecurity

In addition to the 8 32-bit registers available, there are also a number of 16-bit and 8-bit registers. The confusing thing about these registers it that they use the same storage space as the 32-bit registers. In other words, every 16-bit register is half of one of the 32-bit registers, so that changing the 16-bit also changes the 32-bit. Furthermore, the 8-bit registers are part of the 16-bit registers.
For example, eax is a 32-bit register. The lower half of eax is ax, a 16-bit register. ax is divided into two 8-bit registers, ah and al (a-high and a-low).
There are 8 32-bit registers: eax, ebx, ecx, edx, esi, edi, ebp, esp.
There are 8 16-bit registers: ax, bx, cx, dx, si, di, bp, sp.
There are 8 8-bit registers: ah, al, bh, bl, ch, cl, dh, dl.

[Genesis]

i remember the name legendy but cant remember where it was from.

He's a programmer/coder from like 2009.