I am trying to write some shellcode, which will eventually be in the form of an English paragraph. This means that I'm mostly limited to instructions that have opcodes that are evaluated by alphanumeric characters or punctuation. This actually leaves me with many different transition commands, including: jo , jno , jb , jae , je , jno , jb , ja , js , jns , and jp (which correspond to the letters pz ). Each of these jumps performs a test before it decides to jump or not. In most cases, I can combine the jump plus its reverse to ensure that the jump will take place in shellcode (for example, using jo , then jno or je , then jne ), but I can not do this in the case of jb . The test for jb is CF=1 .
My question is, is there any series of alphanumeric instructions, functionally NOP, but also guarantee that CF=1 ? CF is the carry flag, so any operations guaranteed to set the carry flag will suffice.
Also, to ensure jae , in any case, make sure CF=0 ?
source share