General Information

GENERAL PURPOSE REGISTERS

• EAX (accumulator): Arithmetical and logical instructions

• EBX (base): Base pointer for memory addresses

• ECX (counter): Loop, shift, and rotation counter

• EDX (data): I/O port addressing, multiplication, and division

• ESI (source index): Pointer addressing of data and source in string copy operations

• EDI (destination index): Pointer addressing of data and destination in string copy operations

ESP - THE STACK POINTER

Stack pointer is used for:

• Storage of data

• Pointers

• Arguments

The stack pointer keeps ‘track’ of the most recently referenced location/memory address, by storing a pointer to it

EBP - THE BASE POINTER

Stores a pointer at the top of its own stack frame, storing the required arguments, variable and return address. Easy to call during execution

EIP – THE INSTRUCTION POINTER

Directs the flow of program - crucial

DEP – DATA EXECUTION PREVENTION

Hardware and software that performs additional checks on memory to help prevent malicious code form executing - raises exception when code execution from data pages is detected

ASLR – ADDRESS SPACE LAYOUT RAMDOMIZATION

Randomises base address of loaded applications and DLL’s (not implemented on XP)

CFG – CONTROL FLOW GUARD

Prevents overwrites of function pointers