This was one of the most thoughtful, well prepared videos on assembly I have ever seen. You have a real knack for explaining this content visually. Thank you!
Thank you very much for this. I watched 2-3 videos prior to this one, but yours made it click. Especially because you gave multiple analogies (the deck of cards one being my favorite) to explain the same thing - this approach really makes a person understand the topic by having to think about what all the analogies have in common.
it's good to mention that this could vary depending on what calling convention (__stdcall, __cdecl, __fastcall) and CPU architecture (x86, x64) you are using
I just want to say to people who don't get why SP changes : Every push and pop is implicitely modifiying SP, the person writing instruction doesn't need to manage it in this case.
what happen if we push another register in to stack when program executing the call function , at that point stack pop out that we push into the stack to EIP register ? if it does what happen to program executing instruction ?
Call macro already pushes return address for you. If you push another address before call macro. It will execute it arg1 and stack will corrupt. If you want to push custom address for return,you must do push return address then jmp function location. This is which is equal to a call macro. But keep in mind there is a high change custom return address will crash program. You need to adjust that.
This was one of the most thoughtful, well prepared videos on assembly I have ever seen. You have a real knack for explaining this content visually. Thank you!
Thank you very much for this. I watched 2-3 videos prior to this one, but yours made it click. Especially because you gave multiple analogies (the deck of cards one being my favorite) to explain the same thing - this approach really makes a person understand the topic by having to think about what all the analogies have in common.
This was hurting my brain yesterday but you made it click! Thanks! :)
I’m glad! Can’t tell you how much time I spent banging my head against the desk before it clicked for me
thank you, It was very hard to find a video that actually explains this correctly.
Great video !!! Indeed there aren't other videos that explain the concept well enough, that's why I thank you a lot!! :)
I went to a few videos, they sucked, went to copilot, it explained it nicely... but sucked, yours is good
Thanks! It's my only instructional video and only made it because I too couldn't find it anywhere else. Glad it was useful!
The best vdo. U explained so simply and easlily. I was looking for this for months 😅
it's good to mention that this could vary depending on what calling convention (__stdcall, __cdecl, __fastcall) and CPU architecture (x86, x64) you are using
Best explanation ever!
Yes this definitely helped visualize. Thanks
Well done. Excellent explanation
Great video, wish you went into recursion
What were the ESP and EBP doing through all of this?
thank you so much! although at first i kinda had a headache but rb i understand
I just want to say to people who don't get why SP changes : Every push and pop is implicitely modifiying SP, the person writing instruction doesn't need to manage it in this case.
This was a good video thank you. Do you have have any videos on what the EBP does? Thanks
educational, although I was looking for EBP basics.
Very well explained thank you
well done dude!
Strong Vid, Bro!
Very useful and detailed thanks !
when you pop, does the value goes to eip by default
Same boat as you, mate! But this helped!
What any amazing video thanks!
wow nice explanation
great !!
I wish you made more videos
I wish I stuck with low level programming! Started doing detection development instead. Now I make videos at www.youtube.com/@DailyDecrypt
Very useful thanks !
what happen if we push another register in to stack when program executing the call function , at that point stack pop out that we push into the stack to EIP register ? if it does what happen to program executing instruction ?
Call macro already pushes return address for you. If you push another address before call macro. It will execute it arg1 and stack will corrupt. If you want to push custom address for return,you must do push return address then jmp function location. This is which is equal to a call macro. But keep in mind there is a high change custom return address will crash program. You need to adjust that.
thanks alot man
Thanks a lot!
very useful
What does add/sub esp, hexValue do?
convert the hex value to decimal value then subtract (sub) that decimal value from esp or add that decimal value to esp.
Thank you so much man you save my ass!