Random notes and oppinions from Georg 'oxff' Wicherski, covering my travels around the world due to my job(s) as Software Engineer to various conferences and other stuff on my mind.
Mayday 2008 was a total blast, DJ Korsakoff made a hell of a performance. Eventhough I didn't sleep the last 30 hours or so, I'm still rather awake due to the coffinated water they sold. I'll update this blog post with some own trashy mobile phone video later.
We are still here!
Labels: personal
Working on some debugger like automation code for EmsiSoft, I recently discovered a funny property when single stepping REPNZ prefixed SCAS and CMPS instructions using the TF bit set in EFLAGS. As expected, for each single byte / word / doubleword, a debug event occurs. However, the EFLAGS register's status bits (e.g. ZF) are not correct for each single iteration but the last.
I tested this in Windows XP in a VmWare, didn't have the time to reproduce on a physical machine yet. Let me know if you run over this quirk, too.
Labels: assembly
You can now upload your samples to the Alliance manually, without being a member of the mwcollect Alliance. Submissions are correlated with automatically collected samples:
Labels: alliance
Subscribe to
Posts [Atom]
