1.9. SCANF()
Move the cursor to address.00401027(where theJNZinstruction, we have to bypass, is located), press
F3, and then type “9090” (meaning twoNOPs):
Figure 1.22:Hiew: replacingJNZwith twoNOPsThen press F9 (update). Now the executable is saved to the disk. It will behave as we wanted.
TwoNOPs are probably not the most æsthetic approach. Another way to patch this instruction is to write
just 0 to the second opcode byte (jump offset), so thatJNZwill always jump to the next instruction.
We could also do the opposite: replace first byte withEBwhile not touching the second byte (jump offset).
We would get an unconditional jump that is always triggered. In this case the error message would be
printed every time, no matter the input.
MSVC: x64
MSVC: x64
Since we work here withint-typed variables, which are still 32-bit in x86-64, we see how the 32-bit part
of the registers (prefixed withE-) are used here as well. While working with pointers, however, 64-bit
register parts are used, prefixed withR-.