I've a newbie question that has only basically to do with W32ASM but perhaps you can help me with this.

I'd like to insert a CALL-Instruction to an executable. So I have to insert the command as a hexadecimal.
I've disassembled some programs to see how this is done. Here an example:

:00445C78 E8B63E0000 call 00449B33

Ok "E8" is clear. This is the instruction. But how to come from "B63E0000" to the Offset "00449B33". I just have no idea how this is calculated.

Can someone help me?

Posted on 2002-01-23 09:36:56 by Compuholic
Call and jump are EIP-relative. To calculate the 32bit immediate to
these opcodes, use the following formula:

imm32 = destination - (opcodeStart + 5)
Posted on 2002-01-23 09:39:08 by f0dder
Thanks very much it works...
Posted on 2002-01-23 10:09:53 by Compuholic