Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "Shellcode/Appendix/Alphanumeric opcode"
From NetSec
(→0x34) |
|||
(26 intermediate revisions by 3 users not shown) | |||
Line 11: | Line 11: | ||
|- | |- | ||
| 0 | | 0 | ||
− | | | + | | 0x30 |
| xor | | xor | ||
|- | |- | ||
| 1 | | 1 | ||
− | | | + | | 0x31 |
| xor | | xor | ||
|- | |- | ||
| 2 | | 2 | ||
− | | | + | | 0x32 |
| xor | | xor | ||
|- | |- | ||
| 3 | | 3 | ||
− | | | + | | 0x33 |
| xor | | xor | ||
|- | |- | ||
| 4 | | 4 | ||
− | | | + | | 0x34 |
| xor al, 0x## [byte] | | xor al, 0x## [byte] | ||
|- | |- | ||
| 5 | | 5 | ||
− | | | + | | 0x35 |
| xor eax, 0x######## [DWORD] | | xor eax, 0x######## [DWORD] | ||
|- | |- | ||
| 6 | | 6 | ||
− | | | + | | 0x36 |
| SS Segment Override | | SS Segment Override | ||
|- | |- | ||
| 7 | | 7 | ||
− | | | + | | 0x37 |
| aaa | | aaa | ||
|- | |- | ||
| 8 | | 8 | ||
− | | | + | | 0x38 |
| cmp | | cmp | ||
|- | |- | ||
| 9 | | 9 | ||
− | | | + | | 0x39 |
| cmp | | cmp | ||
|- | |- | ||
| : | | : | ||
− | | | + | | 0x3a |
| cmp | | cmp | ||
|- | |- | ||
| ; | | ; | ||
− | | | + | | 0x3b |
| cmp | | cmp | ||
|- | |- | ||
| < | | < | ||
− | | | + | | 0x3c |
| cmp al, 0x## [byte] | | cmp al, 0x## [byte] | ||
|- | |- | ||
| = | | = | ||
− | | | + | | 0x3d |
| cmp eax, 0x######## [DWORD] | | cmp eax, 0x######## [DWORD] | ||
|- | |- | ||
| > | | > | ||
− | | | + | | 0x3e |
| [undocced nop] | | [undocced nop] | ||
|- | |- | ||
| ? | | ? | ||
− | | | + | | 0x3f |
| aas | | aas | ||
|- | |- | ||
| @ | | @ | ||
− | | | + | | 0x40 |
| inc eax | | inc eax | ||
|- | |- | ||
| A | | A | ||
− | | | + | | 0x41 |
| inc ecx | | inc ecx | ||
|- | |- | ||
| B | | B | ||
− | | | + | | 0x42 |
| inc edx | | inc edx | ||
|- | |- | ||
| C | | C | ||
− | | | + | | 0x43 |
| inc ebx | | inc ebx | ||
|- | |- | ||
| D | | D | ||
− | | | + | | 0x44 |
| inc esp | | inc esp | ||
|- | |- | ||
| E | | E | ||
− | | | + | | 0x45 |
| inc ebp | | inc ebp | ||
|- | |- | ||
| F | | F | ||
− | | | + | | 0x46 |
| inc esi | | inc esi | ||
|- | |- | ||
| G | | G | ||
− | | | + | | 0x47 |
| inc edi | | inc edi | ||
|- | |- | ||
| H | | H | ||
− | | | + | | 0x48 |
| dec eax | | dec eax | ||
|- | |- | ||
| I | | I | ||
− | | | + | | 0x49 |
| dec ecx | | dec ecx | ||
|- | |- | ||
| J | | J | ||
− | | | + | | 0x4a |
| dec edx | | dec edx | ||
|- | |- | ||
| K | | K | ||
− | | | + | | 0x4b |
| dec ebx | | dec ebx | ||
|- | |- | ||
| L | | L | ||
− | | | + | | 0x4c |
| dec esp | | dec esp | ||
|- | |- | ||
| M | | M | ||
− | | | + | | 0x4d |
| dec ebp | | dec ebp | ||
|- | |- | ||
| N | | N | ||
− | | | + | | 0x4e |
| dec esi | | dec esi | ||
|- | |- | ||
| O | | O | ||
− | | | + | | 0x4f |
| dec edi | | dec edi | ||
|- | |- | ||
| P | | P | ||
− | | | + | | 0x50 |
| push eax | | push eax | ||
|- | |- | ||
| Q | | Q | ||
− | | | + | | 0x51 |
| push ecx | | push ecx | ||
|- | |- | ||
| R | | R | ||
− | | | + | | 0x52 |
| push edx | | push edx | ||
|- | |- | ||
| S | | S | ||
− | | | + | | 0x53 |
| push ebx | | push ebx | ||
|- | |- | ||
| T | | T | ||
− | | | + | | 0x54 |
| push esp | | push esp | ||
|- | |- | ||
| U | | U | ||
− | | | + | | 0x55 |
| push ebp | | push ebp | ||
|- | |- | ||
| V | | V | ||
− | | | + | | 0x56 |
| push esi | | push esi | ||
|- | |- | ||
| W | | W | ||
− | | | + | | 0x57 |
| push edi | | push edi | ||
|- | |- | ||
| X | | X | ||
− | | | + | | 0x58 |
| pop eax | | pop eax | ||
|- | |- | ||
| Y | | Y | ||
− | | | + | | 0x59 |
| pop ecx | | pop ecx | ||
|- | |- | ||
| Z | | Z | ||
− | | | + | | 0x5a |
| pop edx | | pop edx | ||
|- | |- | ||
| [ | | [ | ||
− | | | + | | 0x5b |
| pop ebx | | pop ebx | ||
|- | |- | ||
| \ | | \ | ||
− | | | + | | 0x5c |
| pop esp | | pop esp | ||
|- | |- | ||
| ] | | ] | ||
− | | | + | | 0x5d |
| pop ebp | | pop ebp | ||
|- | |- | ||
| ^ | | ^ | ||
− | | | + | | 0x5e |
| pop esi | | pop esi | ||
|- | |- | ||
| _ | | _ | ||
− | | | + | | 0x5f |
| pop edi | | pop edi | ||
|- | |- | ||
| ` | | ` | ||
− | | | + | | 0x60 |
| pushad | | pushad | ||
|- | |- | ||
| a | | a | ||
− | | | + | | 0x61 |
| popad | | popad | ||
|- | |- | ||
| b | | b | ||
− | | | + | | 0x62 |
| bound | | bound | ||
|- | |- | ||
| c | | c | ||
− | | | + | | 0x63 |
| arpl | | arpl | ||
|- | |- | ||
| d | | d | ||
− | | | + | | 0x64 |
| FS Segment Override | | FS Segment Override | ||
|- | |- | ||
| e | | e | ||
− | | | + | | 0x65 |
| GS Segment Override | | GS Segment Override | ||
|- | |- | ||
| f | | f | ||
− | | | + | | 0x66 |
| 16 Bit Operand Size | | 16 Bit Operand Size | ||
|- | |- | ||
| g | | g | ||
− | | | + | | 0x67 |
| 16 Bit Address Size | | 16 Bit Address Size | ||
|- | |- | ||
| h | | h | ||
− | | | + | | 0x68 |
| push 0x######## [dword] | | push 0x######## [dword] | ||
|- | |- | ||
| i | | i | ||
− | | | + | | 0x69 |
| imul reg/mem with immediate to reg/mem | | imul reg/mem with immediate to reg/mem | ||
|- | |- | ||
| j | | j | ||
− | | | + | | 0x6a |
| push 0x## [byte] | | push 0x## [byte] | ||
|- | |- | ||
| k | | k | ||
− | | | + | | 0x6b |
| imul immediate with reg into reg | | imul immediate with reg into reg | ||
|- | |- | ||
| l | | l | ||
− | | | + | | 0x6c |
| insb es:[edi], [dx] | | insb es:[edi], [dx] | ||
|- | |- | ||
| m | | m | ||
− | | | + | | 0x6d |
| insl es:[edi], [dx] | | insl es:[edi], [dx] | ||
|- | |- | ||
| n | | n | ||
− | | | + | | 0x6e |
| outsb [dx], dx:[esi] | | outsb [dx], dx:[esi] | ||
|- | |- | ||
| o | | o | ||
− | | | + | | 0x6f |
| outsl [dx], ds:[esi] | | outsl [dx], ds:[esi] | ||
|- | |- | ||
| p | | p | ||
− | | | + | | 0x70 |
| jo 0x## [byte relative offset] | | jo 0x## [byte relative offset] | ||
|- | |- | ||
| q | | q | ||
− | | | + | | 0x71 |
| jno 0x## [byte relative offset] | | jno 0x## [byte relative offset] | ||
|- | |- | ||
| r | | r | ||
− | | | + | | 0x72 |
| jb 0x## [byte relative offset] | | jb 0x## [byte relative offset] | ||
|- | |- | ||
| s | | s | ||
− | | | + | | 0x73 |
| jae 0x## [byte relative offset] | | jae 0x## [byte relative offset] | ||
|- | |- | ||
| t | | t | ||
− | | | + | | 0x74 |
| je 0x## [byte relative offset] | | je 0x## [byte relative offset] | ||
|- | |- | ||
| u | | u | ||
− | | | + | | 0x75 |
| jne 0x## [byte relative offset] | | jne 0x## [byte relative offset] | ||
|- | |- | ||
| v | | v | ||
− | | | + | | 0x76 |
| jbe 0x## [byte relative offset] | | jbe 0x## [byte relative offset] | ||
|- | |- | ||
| w | | w | ||
− | | | + | | 0x77 |
| ja 0x## [byte relative offset] | | ja 0x## [byte relative offset] | ||
|- | |- | ||
| x | | x | ||
− | | | + | | 0x78 |
| js 0x## [byte relative offset] | | js 0x## [byte relative offset] | ||
|- | |- | ||
| y | | y | ||
− | | | + | | 0x79 |
| jns 0x## [byte relative offset] | | jns 0x## [byte relative offset] | ||
|- | |- | ||
| z | | z | ||
− | | | + | | 0x7a |
| jp 0x## [byte relative offset] | | jp 0x## [byte relative offset] | ||
− | |} | + | |} |
== 64-bit alphanumeric opcodes == | == 64-bit alphanumeric opcodes == | ||
Line 593: | Line 593: | ||
|} | |} | ||
− | == Alphanumeric | + | === Push: Alphanumeric x86_64 data === |
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''One-byte, two-byte, and four-byte quantities''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | pushw [word] | ||
+ | | \x66\x68\x##\x## | ||
+ | | fh?? | ||
+ | |- | ||
+ | | pushq [byte] | ||
+ | | \x6a\x## | ||
+ | | j? | ||
+ | |- | ||
+ | | pushq [dword] | ||
+ | | \x68\x##\x##\x##\x## | ||
+ | | h???? | ||
+ | |} | ||
+ | |||
+ | === Push: x86_64 Extended Registers === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''Push: X86_64 Extended Registers''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | push %rax | ||
+ | | \x50 | ||
+ | | P | ||
+ | |- | ||
+ | | push %rcx | ||
+ | | \x51 | ||
+ | | Q | ||
+ | |- | ||
+ | | push %rdx | ||
+ | | \x52 | ||
+ | | R | ||
+ | |- | ||
+ | | push %rbx | ||
+ | | \x53 | ||
+ | | S | ||
+ | |- | ||
+ | | push %rsp | ||
+ | | \x54 | ||
+ | | T | ||
+ | |- | ||
+ | | push %rbp | ||
+ | | \x55 | ||
+ | | U | ||
+ | |- | ||
+ | | push %rsi | ||
+ | | \x56 | ||
+ | | V | ||
+ | |- | ||
+ | | push %rdi | ||
+ | | \x57 | ||
+ | | W | ||
+ | |} | ||
+ | |||
+ | === Push: x86_64 General Registers === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''Push: X86_64 General Registers''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | push %r8 | ||
+ | | \x41\x50 | ||
+ | | AP | ||
+ | |- | ||
+ | | push %r9 | ||
+ | | \x41\x51 | ||
+ | | AQ | ||
+ | |- | ||
+ | | push %r10 | ||
+ | | \x41\x52 | ||
+ | | AR | ||
+ | |- | ||
+ | | push %r11 | ||
+ | | \x41\x53 | ||
+ | | AS | ||
+ | |- | ||
+ | | push %r12 | ||
+ | | \x41\x54 | ||
+ | | AT | ||
+ | |- | ||
+ | | push %r13 | ||
+ | | \x41\x55 | ||
+ | | AU | ||
+ | |- | ||
+ | | push %r14 | ||
+ | | \x41\x56 | ||
+ | | AV | ||
+ | |- | ||
+ | | push %r15 | ||
+ | | \x41\x57 | ||
+ | | AW | ||
+ | |} | ||
+ | |||
+ | === Push: x86_64 16 bit Registers === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''Push: X86_64 16 bit Registers''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | push %ax | ||
+ | | \x66\x50 | ||
+ | | fP | ||
+ | |- | ||
+ | | push %cx | ||
+ | | \x66\x51 | ||
+ | | fQ | ||
+ | |- | ||
+ | | push %dx | ||
+ | | \x66\x52 | ||
+ | | fR | ||
+ | |- | ||
+ | | push %bx | ||
+ | | \x66\x53 | ||
+ | | fS | ||
+ | |- | ||
+ | | push %sp | ||
+ | | \x66\x54 | ||
+ | | fT | ||
+ | |- | ||
+ | | push %bp | ||
+ | | \x66\x55 | ||
+ | | fU | ||
+ | |- | ||
+ | | push %si | ||
+ | | \x66\x56 | ||
+ | | fV | ||
+ | |- | ||
+ | | push %di | ||
+ | | \x66\x57 | ||
+ | | fW | ||
+ | |} | ||
+ | |||
+ | === Push: x86_64 16 bit General Registers === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''Push: X86_64 16 bit General Registers''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | push %r8w | ||
+ | | \x66\x41\x50 | ||
+ | | fAP | ||
+ | |- | ||
+ | | push %r9w | ||
+ | | \x66\x41\x51 | ||
+ | | fAQ | ||
+ | |- | ||
+ | | push %r10w | ||
+ | | \x66\x41\x52 | ||
+ | | fAR | ||
+ | |- | ||
+ | | push %r11w | ||
+ | | \x66\x41\x53 | ||
+ | | fAS | ||
+ | |- | ||
+ | | push %r12w | ||
+ | | \x66\x41\x54 | ||
+ | | fAT | ||
+ | |- | ||
+ | | push %r13w | ||
+ | | \x66\x41\x55 | ||
+ | | fAU | ||
+ | |- | ||
+ | | push %r14w | ||
+ | | \x66\x41\x56 | ||
+ | | fAV | ||
+ | |- | ||
+ | | push %r15w | ||
+ | | \x66\x41\x57 | ||
+ | | fAW | ||
+ | |} | ||
+ | |||
+ | === Pop: x86_64 Extended Registers === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''Pop: X86_64 Extended Registers''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | pop %rax | ||
+ | | \x58 | ||
+ | | X | ||
+ | |- | ||
+ | | pop %rcx | ||
+ | | \x59 | ||
+ | | Y | ||
+ | |- | ||
+ | | pop %rax | ||
+ | | \x5a | ||
+ | | Z | ||
+ | |} | ||
+ | |||
+ | === Pop: x86_64 General Registers === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | |+'''Pop: X86_64 General Registers''' | ||
+ | |- | ||
+ | ! scope="col" | Assembly | ||
+ | ! scope="col" | Hexadecimal | ||
+ | ! scope="col" | Alphanumeric ASCII | ||
+ | |- | ||
+ | | pop %r8 | ||
+ | | \x41\x58 | ||
+ | | AX | ||
+ | |- | ||
+ | | pop %r9 | ||
+ | | \x41\x59 | ||
+ | | AY | ||
+ | |- | ||
+ | | pop %r10 | ||
+ | | \x41\x5a | ||
+ | | AZ | ||
+ | |} | ||
+ | |||
+ | === Prefixes === | ||
+ | {|border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Hex Value | ||
+ | ! Alpha Value | ||
+ | ! Description | ||
+ | |- | ||
+ | | 0x36 | ||
+ | | 6 | ||
+ | | %ss segment override | ||
+ | |- | ||
+ | | 0x64 | ||
+ | | d | ||
+ | | %fs segment override | ||
+ | |- | ||
+ | | 0x65 | ||
+ | | e | ||
+ | | %gs segment override | ||
+ | |- | ||
+ | | 0x66 | ||
+ | | f | ||
+ | | 16-bit operand size | ||
+ | |- | ||
+ | | 0x67 | ||
+ | | g | ||
+ | | 16-bit address size | ||
+ | |- | ||
+ | | 0x41 | ||
+ | | A | ||
+ | | 64-bit special register use (%r##) | ||
+ | |- | ||
+ | | 0x48 | ||
+ | | H | ||
+ | | 64-bit register size override | ||
+ | |- | ||
+ | | 0x40-4f | ||
+ | | B-P | ||
+ | | Special 64-bit overrides | ||
+ | |} | ||
+ | |||
+ | === x86_64 16 bit registers === | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Assembly | ||
+ | ! Hexadecimal | ||
+ | ! Alphanumeric ASCII | ||
+ | |- | ||
+ | | pop %ax | ||
+ | | \x66\x58 | ||
+ | | fX | ||
+ | |- | ||
+ | | pop %cx | ||
+ | | \x66\x59 | ||
+ | | fY | ||
+ | |- | ||
+ | | pop %dx | ||
+ | | \x66\x5a | ||
+ | | fZ | ||
+ | |- | ||
+ | | pop *%r8w | ||
+ | | \x66\x41\x58 | ||
+ | | fAX | ||
+ | |- | ||
+ | | pop *%r9w | ||
+ | | \x66\x41\x59 | ||
+ | | fAY | ||
+ | |- | ||
+ | | pop *%r10w | ||
+ | | \x66\x41\x5a | ||
+ | | fAZ | ||
+ | |} | ||
+ | |||
+ | === Operands === | ||
+ | ==== Xor Pop Operands ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Assembly | ||
+ | ! Hexadecimal | ||
+ | ! Alpha | ||
+ | |- | ||
+ | | <syntaxhighlight lang="asm">xor $0x[byte](%rax),%ebx</syntaxhighlight> | ||
+ | | \x33\x58\x## | ||
+ | | 3X? | ||
+ | |} | ||
+ | |||
+ | ==== Xor Move To %ebx ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Assembly | ||
+ | ! Hexadecimal | ||
+ | ! Alpha | ||
+ | |- | ||
+ | | <syntaxhighlight lang="asm">xor $0x[byte](%rcx),%ebx</syntaxhighlight> | ||
+ | | \x33\x59\x## | ||
+ | | 3Y? | ||
+ | |} | ||
+ | |||
+ | ==== Byte Syntax Example ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Assembly | ||
+ | ! Hexadecimal | ||
+ | ! Alpha | ||
+ | |- | ||
+ | |<syntaxhighlight lang="asm">xor $0x[byte]({reg}),%ebx</syntaxhighlight> | ||
+ | | \x33\x??\x## | ||
+ | | 3*? | ||
+ | |} | ||
+ | |||
+ | === Accessing Multiple Registers === | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Assembly | ||
+ | ! Hexadecimal | ||
+ | ! Alpha | ||
+ | |- | ||
+ | | <syntaxhighlight lang="asm">xor $0x[byte]({reg64}),{reg32}</syntaxhighlight> | ||
+ | | \x33\x??\x#1 | ||
+ | | 3*1 | ||
+ | |- | ||
+ | | <source lang="asm">imul $0x[dword1],0x[byte2]({reg64}),{reg32}</source> | ||
+ | | \x69\x??\x#2\x#1\x#1\x#1\x#1 | ||
+ | | i*21111 | ||
+ | |- | ||
+ | | <source lang="asm">imul $0x[byte1],0x[byte2]({reg64}), {reg32}</source> | ||
+ | | \x6b\x??\x#2\x#1 | ||
+ | | k*21 | ||
+ | |- | ||
+ | | <source lang="asm">movslq 0x[byte1]({reg64}), {reg32}</source> | ||
+ | | \x63\x??\x#1 | ||
+ | | c*1 | ||
+ | |} | ||
+ | |||
+ | === === | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Assembly | ||
+ | ! Hexadecimal | ||
+ | ! Alpha | ||
+ | |- | ||
+ | | <source lang="asm">imul $0x[byte1],0x[byte2]({reg64}),{reg64}</source> | ||
+ | | \x48\x6b\x??\x#2\x#1 | ||
+ | | Hk*21 | ||
+ | |} | ||
+ | |||
+ | === Xor === | ||
+ | ==== xors ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Hexadecimal | ||
+ | ! Assembly | ||
+ | |- | ||
+ | | 0x34 | ||
+ | | <syntaxhighlight lang="asm">xor $0x##, %al</syntaxhighlight> | ||
+ | |- | ||
+ | | 0x35 | ||
+ | | <syntaxhighlight lang="asm">xor $0x########, %eax</syntaxhighlight> | ||
+ | |- | ||
+ | | 0x48 0x35 | ||
+ | | <syntaxhighlight lang="asm">xor $0x########, %rax</syntaxhighlight> | ||
+ | |} | ||
+ | |||
+ | ==== 0x30 ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Hexadecimal | ||
+ | ! Assembly | ||
+ | |- | ||
+ | | 0x30 | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, (%{64bit})</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, (%{64bit},%{64bit},1)</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, (%{64bit},%{64bit},2)</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, 0x[byte](%{64bit})</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, 0x[byte](,%{64bit},1)</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, 0x[byte](,%{64bit},2)</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, 0x[dword](%{64bit})</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, 0x[dword](,%{64bit},1)</syntaxhighlight> | ||
+ | |- | ||
+ | | | ||
+ | | <syntaxhighlight lang="asm">xor %{16bit}, 0x[dword](,%{64bit},2)</syntaxhighlight> | ||
+ | |} | ||
+ | |||
+ | ==== 0x31 ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Hexadecimal | ||
+ | ! Assembly | ||
+ | |- | ||
+ | | 0x31 | ||
+ | | <syntaxhighlight lang="asm">xor %{32bit}, (%{64bit})</syntaxhighlight> | ||
+ | |} | ||
+ | |||
+ | ==== 0x32 ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Hexadecimal | ||
+ | ! Assembly | ||
+ | |- | ||
+ | | 0x32 | ||
+ | | <syntaxhighlight lang="asm">xor (%{64bit}), %{16bit}</syntaxhighlight> | ||
+ | |} | ||
+ | |||
+ | ==== 0x33 ==== | ||
+ | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
+ | ! Hexadecimal | ||
+ | ! Assembly | ||
+ | |- | ||
+ | | 0x32 | ||
+ | | <syntaxhighlight lang="asm">xor (%{64bit}), %{16bit}</syntaxhighlight> | ||
+ | |} | ||
+ | |||
+ | == x86 Intercompatibility == | ||
{| class="wikitable" style="text-align:center; width:60%;" | {| class="wikitable" style="text-align:center; width:60%;" |
Latest revision as of 00:24, 2 December 2012
Contents
- 1 32-bit printable opcodes
- 2 64-bit alphanumeric opcodes
- 2.1 Push: Alphanumeric x86_64 data
- 2.2 Push: x86_64 Extended Registers
- 2.3 Push: x86_64 General Registers
- 2.4 Push: x86_64 16 bit Registers
- 2.5 Push: x86_64 16 bit General Registers
- 2.6 Pop: x86_64 Extended Registers
- 2.7 Pop: x86_64 General Registers
- 2.8 Prefixes
- 2.9 x86_64 16 bit registers
- 2.10 Operands
- 2.11 Accessing Multiple Registers
- 2.12
- 2.13 Xor
- 3 x86 Intercompatibility
32-bit printable opcodes
ASCII Value | Hex Opcode | Assembly Equivalent |
---|---|---|
0 | 0x30 | xor |
1 | 0x31 | xor |
2 | 0x32 | xor |
3 | 0x33 | xor |
4 | 0x34 | xor al, 0x## [byte] |
5 | 0x35 | xor eax, 0x######## [DWORD] |
6 | 0x36 | SS Segment Override |
7 | 0x37 | aaa |
8 | 0x38 | cmp |
9 | 0x39 | cmp |
: | 0x3a | cmp |
; | 0x3b | cmp |
< | 0x3c | cmp al, 0x## [byte] |
= | 0x3d | cmp eax, 0x######## [DWORD] |
> | 0x3e | [undocced nop] |
? | 0x3f | aas |
@ | 0x40 | inc eax |
A | 0x41 | inc ecx |
B | 0x42 | inc edx |
C | 0x43 | inc ebx |
D | 0x44 | inc esp |
E | 0x45 | inc ebp |
F | 0x46 | inc esi |
G | 0x47 | inc edi |
H | 0x48 | dec eax |
I | 0x49 | dec ecx |
J | 0x4a | dec edx |
K | 0x4b | dec ebx |
L | 0x4c | dec esp |
M | 0x4d | dec ebp |
N | 0x4e | dec esi |
O | 0x4f | dec edi |
P | 0x50 | push eax |
Q | 0x51 | push ecx |
R | 0x52 | push edx |
S | 0x53 | push ebx |
T | 0x54 | push esp |
U | 0x55 | push ebp |
V | 0x56 | push esi |
W | 0x57 | push edi |
X | 0x58 | pop eax |
Y | 0x59 | pop ecx |
Z | 0x5a | pop edx |
[ | 0x5b | pop ebx |
\ | 0x5c | pop esp |
] | 0x5d | pop ebp |
^ | 0x5e | pop esi |
_ | 0x5f | pop edi |
` | 0x60 | pushad |
a | 0x61 | popad |
b | 0x62 | bound |
c | 0x63 | arpl |
d | 0x64 | FS Segment Override |
e | 0x65 | GS Segment Override |
f | 0x66 | 16 Bit Operand Size |
g | 0x67 | 16 Bit Address Size |
h | 0x68 | push 0x######## [dword] |
i | 0x69 | imul reg/mem with immediate to reg/mem |
j | 0x6a | push 0x## [byte] |
k | 0x6b | imul immediate with reg into reg |
l | 0x6c | insb es:[edi], [dx] |
m | 0x6d | insl es:[edi], [dx] |
n | 0x6e | outsb [dx], dx:[esi] |
o | 0x6f | outsl [dx], ds:[esi] |
p | 0x70 | jo 0x## [byte relative offset] |
q | 0x71 | jno 0x## [byte relative offset] |
r | 0x72 | jb 0x## [byte relative offset] |
s | 0x73 | jae 0x## [byte relative offset] |
t | 0x74 | je 0x## [byte relative offset] |
u | 0x75 | jne 0x## [byte relative offset] |
v | 0x76 | jbe 0x## [byte relative offset] |
w | 0x77 | ja 0x## [byte relative offset] |
x | 0x78 | js 0x## [byte relative offset] |
y | 0x79 | jns 0x## [byte relative offset] |
z | 0x7a | jp 0x## [byte relative offset] |
64-bit alphanumeric opcodes
ASCII | Hex | Assembler Instruction |
---|---|---|
0 | 0x30 | xor %{16bit}, (%{64bit}) |
1 | 0x31 | xor %{32bit}, (%{64bit}) |
2 | 0x32 | xor (%{64bit}), %{16bit} |
3 | 0x33 | xor (%{64bit}), %{32bit} |
4 | 0x34 | xor [byte], %al |
5 | 0x35 | xor [dword], %eax |
6 | 0x36 | %ss segment register |
7 | 0x37 | Bad Instruction! |
8 | 0x38 | cmp %{16bit}, (%{64bit}) |
9 | 0x39 | cmp %{32bit}, (%{64bit}) |
ASCII | Hex | Assembler Instruction |
---|---|---|
A | 0x41 | 64 bit reserved prefix |
B | 0x42 | 64 bit reserved prefix |
C | 0x43 | 64 bit reserved prefix |
D | 0x44 | 64 bit reserved prefix |
E | 0x45 | 64 bit reserved prefix |
F | 0x46 | 64 bit reserved prefix |
G | 0x47 | 64 bit reserved prefix |
H | 0x48 | 64 bit reserved prefix |
I | 0x49 | 64 bit reserved prefix |
J | 0x4a | 64 bit reserved prefix |
K | 0x4b | 64 bit reserved prefix |
L | 0x4c | 64 bit reserved prefix |
M | 0x4d | 64 bit reserved prefix |
N | 0x4e | 64 bit reserved prefix |
O | 0x4f | 64 bit reserved prefix |
P | 0x50 | push %rax |
Q | 0x51 | push %rcx |
R | 0x52 | push %rdx |
S | 0x53 | push %rbx |
T | 0x54 | push %rsp |
U | 0x55 | push %rbp |
V | 0x56 | push %rsi |
W | 0x57 | push %rdi |
X | 0x58 | pop %rax |
Y | 0x59 | pop %rcx |
Z | 0x5a | pop %rdx |
ASCII | Hex | Assembler Instruction |
---|---|---|
a | 0x61 | Bad Instruction! |
b | 0x62 | Bad Instruction! |
c | 0x63 | movslq (%{64bit}), %{32bit} |
d | 0x64 | %fs segment register |
e | 0x65 | %gs segment register |
f | 0x66 | 16 bit operand override |
g | 0x67 | 16 bit ptr override |
h | 0x68 | push [dword] |
i | 0x69 | imul [dword], (%{64bit}), %{32bit} |
j | 0x6a | push [byte] |
k | 0x6b | imul [byte], (%{64bit}), %{32bit} |
l | 0x6c | insb (%dx),%es:(%rdi) |
m | 0x6d | insl (%dx),%es:(%rdi) |
n | 0x6e | outsb %ds:(%rsi),(%dx) |
o | 0x6f | outsl %ds:(%rsi),(%dx) |
p | 0x70 | jo [byte] |
q | 0x71 | jno [byte] |
r | 0x72 | jb [byte] |
s | 0x73 | jae [byte] |
t | 0x74 | je [byte] |
u | 0x75 | jne [byte] |
v | 0x76 | jbe [byte] |
w | 0x77 | ja [byte] |
x | 0x78 | js [byte] |
y | 0x79 | jns [byte] |
z | 0x7a | jp [byte] |
Push: Alphanumeric x86_64 data
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
pushw [word] | \x66\x68\x##\x## | fh?? |
pushq [byte] | \x6a\x## | j? |
pushq [dword] | \x68\x##\x##\x##\x## | h???? |
Push: x86_64 Extended Registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
push %rax | \x50 | P |
push %rcx | \x51 | Q |
push %rdx | \x52 | R |
push %rbx | \x53 | S |
push %rsp | \x54 | T |
push %rbp | \x55 | U |
push %rsi | \x56 | V |
push %rdi | \x57 | W |
Push: x86_64 General Registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
push %r8 | \x41\x50 | AP |
push %r9 | \x41\x51 | AQ |
push %r10 | \x41\x52 | AR |
push %r11 | \x41\x53 | AS |
push %r12 | \x41\x54 | AT |
push %r13 | \x41\x55 | AU |
push %r14 | \x41\x56 | AV |
push %r15 | \x41\x57 | AW |
Push: x86_64 16 bit Registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
push %ax | \x66\x50 | fP |
push %cx | \x66\x51 | fQ |
push %dx | \x66\x52 | fR |
push %bx | \x66\x53 | fS |
push %sp | \x66\x54 | fT |
push %bp | \x66\x55 | fU |
push %si | \x66\x56 | fV |
push %di | \x66\x57 | fW |
Push: x86_64 16 bit General Registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
push %r8w | \x66\x41\x50 | fAP |
push %r9w | \x66\x41\x51 | fAQ |
push %r10w | \x66\x41\x52 | fAR |
push %r11w | \x66\x41\x53 | fAS |
push %r12w | \x66\x41\x54 | fAT |
push %r13w | \x66\x41\x55 | fAU |
push %r14w | \x66\x41\x56 | fAV |
push %r15w | \x66\x41\x57 | fAW |
Pop: x86_64 Extended Registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
pop %rax | \x58 | X |
pop %rcx | \x59 | Y |
pop %rax | \x5a | Z |
Pop: x86_64 General Registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
pop %r8 | \x41\x58 | AX |
pop %r9 | \x41\x59 | AY |
pop %r10 | \x41\x5a | AZ |
Prefixes
Hex Value | Alpha Value | Description |
---|---|---|
0x36 | 6 | %ss segment override |
0x64 | d | %fs segment override |
0x65 | e | %gs segment override |
0x66 | f | 16-bit operand size |
0x67 | g | 16-bit address size |
0x41 | A | 64-bit special register use (%r##) |
0x48 | H | 64-bit register size override |
0x40-4f | B-P | Special 64-bit overrides |
x86_64 16 bit registers
Assembly | Hexadecimal | Alphanumeric ASCII |
---|---|---|
pop %ax | \x66\x58 | fX |
pop %cx | \x66\x59 | fY |
pop %dx | \x66\x5a | fZ |
pop *%r8w | \x66\x41\x58 | fAX |
pop *%r9w | \x66\x41\x59 | fAY |
pop *%r10w | \x66\x41\x5a | fAZ |
Operands
Xor Pop Operands
Assembly | Hexadecimal | Alpha |
---|---|---|
<syntaxhighlight lang="asm">xor $0x[byte](%rax),%ebx</syntaxhighlight> | \x33\x58\x## | 3X? |
Xor Move To %ebx
Assembly | Hexadecimal | Alpha |
---|---|---|
<syntaxhighlight lang="asm">xor $0x[byte](%rcx),%ebx</syntaxhighlight> | \x33\x59\x## | 3Y? |
Byte Syntax Example
Assembly | Hexadecimal | Alpha |
---|---|---|
<syntaxhighlight lang="asm">xor $0x[byte]({reg}),%ebx</syntaxhighlight> | \x33\x??\x## | 3*? |
Accessing Multiple Registers
Assembly | Hexadecimal | Alpha |
---|---|---|
<syntaxhighlight lang="asm">xor $0x[byte]({reg64}),{reg32}</syntaxhighlight> | \x33\x??\x#1 | 3*1 |
imul $0x[dword1],0x[byte2]({reg64}),{reg32} |
\x69\x??\x#2\x#1\x#1\x#1\x#1 | i*21111 |
imul $0x[byte1],0x[byte2]({reg64}), {reg32} |
\x6b\x??\x#2\x#1 | k*21 |
movslq 0x[byte1]({reg64}), {reg32} |
\x63\x??\x#1 | c*1 |
Assembly | Hexadecimal | Alpha |
---|---|---|
imul $0x[byte1],0x[byte2]({reg64}),{reg64} |
\x48\x6b\x??\x#2\x#1 | Hk*21 |
Xor
xors
Hexadecimal | Assembly |
---|---|
0x34 | <syntaxhighlight lang="asm">xor $0x##, %al</syntaxhighlight> |
0x35 | <syntaxhighlight lang="asm">xor $0x########, %eax</syntaxhighlight> |
0x48 0x35 | <syntaxhighlight lang="asm">xor $0x########, %rax</syntaxhighlight> |
0x30
Hexadecimal | Assembly |
---|---|
0x30 | <syntaxhighlight lang="asm">xor %{16bit}, (%{64bit})</syntaxhighlight> |
<syntaxhighlight lang="asm">xor %{16bit}, (%{64bit},%{64bit},1)</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, (%{64bit},%{64bit},2)</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, 0x[byte](%{64bit})</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, 0x[byte](,%{64bit},1)</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, 0x[byte](,%{64bit},2)</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, 0x[dword](%{64bit})</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, 0x[dword](,%{64bit},1)</syntaxhighlight> | |
<syntaxhighlight lang="asm">xor %{16bit}, 0x[dword](,%{64bit},2)</syntaxhighlight> |
0x31
Hexadecimal | Assembly |
---|---|
0x31 | <syntaxhighlight lang="asm">xor %{32bit}, (%{64bit})</syntaxhighlight> |
0x32
Hexadecimal | Assembly |
---|---|
0x32 | <syntaxhighlight lang="asm">xor (%{64bit}), %{16bit}</syntaxhighlight> |
0x33
Hexadecimal | Assembly |
---|---|
0x32 | <syntaxhighlight lang="asm">xor (%{64bit}), %{16bit}</syntaxhighlight> |
x86 Intercompatibility
Hex | ASCII | Assembler Instruction |
---|---|---|
0x64, 0x65 | d,e | [fs | gs] prefix |
0x66, 0x67 | f,g | 16bit [operand | ptr] override |
0x68, 0x6a | h,j | push |
0x69, 0x6b | i,k | imul |
0x6c-0x6f | l-o | ins[bwd], outs[bwd] |
0x70-0x7a | p-z | Conditional Jumps |
0x30-0x35 | 0-5 | xor |
0x36 | 6 | %ss segment register |
0x38-0x39 | 8,9 | cmp |
0x50-0x57 | P-W | push *x, *i, *p |
0x58-0x5a | XYZ | pop [*ax, *cx, *dx] |