What is the EIP, how do I find it, and how is it useful?
Posted on 2004-01-31 00:07:07 by Maddox
eip = instruction pointer. It holds the address of the instruction to execute.

eip can be obtained using:



call @F
@@:
pop eax
sub eax, 5 ;value of eip in eax


or can be obtained using seh.

Generally the value in eip is only useful when you are doing code injection whereby the data are relative to the start of the code and so you can access the data relative to the start of the code. Other than that I do not really see any use of finding out the eip value.
Posted on 2004-01-31 00:16:50 by roticv
I'm actually trying to do some code injection, so it is useful to me. Thanks!
Posted on 2004-01-31 00:32:14 by Maddox