wow it worked, very cool :) Thanks!
I don't get it. The book I am using used it, and some tutorials.
It says it frees the stack by restoring it to its original value.
do you mean the bring the esp up, as in esp+4 on every pop?Quote:
The whole purpose of the pops is to bring esp down while moving the clobbered registers back to what they're supposed to be.
what? haha how does that happen by simply moving %ebp to %esp, crazy stuff!Quote:
If you fiddle with esp, now you're popping the old ebp into eax, the eip (i.e., where to return to from this function) into edi, probably the [11] byte of one of your strings (depending which one was loaded where) into esi, the [10] byte of that string into ebp [eep!] and then using the [9] byte of the string as the return address to jump to with ret. And that's not going to be pleasant.