|
|
|
|
|
|
by userbinator
4159 days ago
|
|
|
I believe you could get around the problem of finding the address of the string by pushing 4 (8?)-byte pieces of it onto the stack and then doing "mov esi, esp". On the topic of "executable ASCII", the EICAR test file is an interesting example: http://en.wikipedia.org/wiki/EICAR_test_file |
|
|
Place your string after a "call" instruction, then when you are inside the call, the address of the string is on the stack, you can pop it in any register you want.