WEBVTT 1 00:02.070 --> 00:03.420 Hello and welcome back. 2 00:03.420 --> 00:07.050 In this lesson, we are going to take a look at signed conditional jumps. 3 00:07.140 --> 00:11.820 So for signed conditional jumps, we are also going to use the compare instruction. 4 00:12.180 --> 00:19.590 But this time we are going to compare signed numbers instead of unsigned numbers. 5 00:20.190 --> 00:26.940 So in the same way, we also can compare something with another number, another value here. 6 00:28.080 --> 00:33.780 And then based on that, we also will jump or not jump accordingly. 7 00:33.870 --> 00:42.180 So JL means jump if less than. That means if the first parameter is less than the second one, 8 00:42.180 --> 00:43.350 then it will jump. 9 00:43.800 --> 00:51.360 JLE means jump if less or equal. It means that if the first parameter is less than or equal to the 10 00:51.360 --> 00:53.250 second one, then it will jump. 11 00:54.270 --> 01:00.540 On the other hand, JG means jump if greater. So in this case, if the first parameter 12 01:00.540 --> 01:09.120 is greater than the second parameter, it will jump. And JGE means jump if greater than or equal. 13 01:09.120 --> 01:13.530 So if the first parameter is greater than or equal to the second one, then it will jump. 14 01:13.770 --> 01:15.240 So let's take a look at this 15 01:15.240 --> 01:20.640 inside the template2, which I have opened in x64dbg. 16 01:21.210 --> 01:22.860 So I put a breakpoint here. 17 01:22.860 --> 01:31.350 And now I'm going to move some values into - and some into as an immediate. 18 01:32.220 --> 01:40.590 So let's say I move negative one into -, I hit okay. 19 01:40.590 --> 01:42.660 So negative one is 20 01:43.580 --> 01:46.100 converted into hex will be all Fs. 21 01:46.610 --> 01:51.980 And then now I am going to move another value in -. 22 01:52.160 --> 01:56.840 So I'm going to move - and I'm going to move negative two. 23 01:57.860 --> 01:59.960 Negative two in -. 24 01:59.960 --> 02:05.390 So negative two converted to hex is this value here ending with E. 25 02:05.780 --> 02:13.280 You can confirm this by opening a calculator, as we have done before, and check to make sure that 26 02:13.280 --> 02:14.450 it is correct. 27 02:15.440 --> 02:20.870 So now I'm going to put in the decimal, negative one. 28 02:21.680 --> 02:24.590 Select one and put negative in here. 29 02:24.590 --> 02:28.340 And you will see negative one is all Fs like this. 30 02:28.940 --> 02:29.660 Then I clear. 31 02:29.660 --> 02:32.510 Now I'm going to put two and I'm going to change the sign. 32 02:32.510 --> 02:33.200 Negative two. 33 02:33.200 --> 02:36.650 Negative two is all Fs ending with an E like this. 34 02:36.650 --> 02:38.030 So this is negative one. 35 02:38.030 --> 02:39.410 This is negative two. 36 02:39.890 --> 02:43.850 So now let's take a look at the compare and JL. 37 02:44.690 --> 02:47.540 So I'm going to put JL. 38 02:48.200 --> 02:50.720 But let's select a place to jump to. 39 02:50.750 --> 02:53.480 Maybe I jump here or here. 40 02:54.680 --> 02:57.440 So copy this address. 41 02:58.850 --> 03:10.070 And then over here put JL and, before I can do that, I need to compare. 42 03:11.000 --> 03:12.500 So I forgot this step. 43 03:12.500 --> 03:13.940 So excuse me. 44 03:13.940 --> 03:18.590 So we need to compare - and -. 45 03:22.680 --> 03:28.410 Then we put JL and paste the address that you want to jump to. 46 03:29.760 --> 03:33.360 Okay, so now we are going to run to hit our breakpoint. 47 03:33.360 --> 03:38.430 And we step over and we move negative one to -. 48 03:38.790 --> 03:42.630 And then we move negative two to -. 49 03:43.200 --> 03:46.590 So we are comparing two registers. 50 03:49.480 --> 03:54.760 So now it's going to compare - and - and see what happens. 51 03:54.760 --> 03:55.630 We step over. 52 03:56.620 --> 04:02.740 And then now we're going to come to this line. - is bigger than -. 53 04:02.950 --> 04:10.510 So in this case, it will not jump because JL only will jump if - is less than -. 54 04:10.840 --> 04:14.710 JL will only jump if - is less than -. 55 04:14.710 --> 04:21.820 So in this case, because - is negative one, it is larger than -, which is negative two. 56 04:21.850 --> 04:23.140 Therefore, it won't jump. 57 04:23.140 --> 04:28.390 That's why you see the arrow is grayed out instead of red in color. 58 04:28.690 --> 04:31.720 So if you step over, you can see that it continues straight. 59 04:32.950 --> 04:34.810 Okay, now let's do another test. 60 04:34.840 --> 04:37.000 We put this time JG. 61 04:37.960 --> 04:44.140 JG, and we paste the same address and see what happens. 62 04:45.640 --> 04:53.590 So in this case, you will see that it will jump because - is indeed larger than -. 63 04:53.590 --> 04:55.960 Therefore, jump if greater is true. 64 04:55.960 --> 04:56.710 So it will jump. 65 04:56.710 --> 04:58.780 So it will jump to this location here. 66 04:59.650 --> 05:04.690 So the same way, JLE and JGE also work in a similar way. 67 05:04.720 --> 05:11.020 It's just that JLE means that it will jump if equal as well, and JGE also jumps if equal. 68 05:11.020 --> 05:15.400 So for that, let's try. We are going to reset everything. 69 05:16.990 --> 05:25.480 This time we are going to move a value of negative three into -. 70 05:26.110 --> 05:32.500 And we are also going to move the value negative three into -. 71 05:32.500 --> 05:33.370 Negative three. 72 05:37.340 --> 05:45.260 Then we run to our breakpoint and we step over and we move the two values, one into - and one to 73 05:45.260 --> 05:45.650 -. 74 05:45.650 --> 05:47.270 So both are negative three. 75 05:47.270 --> 05:52.310 And you can use your calculator to confirm that in the way that I taught you earlier. 76 05:52.730 --> 05:59.900 So now we are going to do a comparison, CMP - and -. 77 06:02.270 --> 06:10.730 And then after the comparison, we are going to do a jump if less than or equal to, and then we're 78 06:10.730 --> 06:12.200 going to paste our address. 79 06:14.880 --> 06:15.450 Like this. 80 06:15.720 --> 06:19.800 So now we step over and let it do the comparison. 81 06:19.800 --> 06:21.330 And now it comes to this. 82 06:21.420 --> 06:26.400 JLE, you notice the red arrow lights up, meaning that it will jump. 83 06:26.580 --> 06:27.090 Why? 84 06:27.120 --> 06:29.790 Because - and - are equal. 85 06:30.240 --> 06:33.870 And this is testing whether they are less than or equal. 86 06:33.870 --> 06:35.400 So since they are equal, it will jump. 87 06:35.790 --> 06:41.070 So the same way also applies to JGE. JGE, yes. 88 06:41.070 --> 06:48.270 So we can try that. Reset now and then we go and put -. 89 06:48.270 --> 06:54.300 We put negative two into -, and then we put 90 06:57.550 --> 07:00.070 also negative two into -. 91 07:00.850 --> 07:02.260 And then we compare 92 07:04.960 --> 07:06.790 - with -. 93 07:08.800 --> 07:09.640 And then 94 07:09.940 --> 07:11.410 now we're going to put JGE. 95 07:13.720 --> 07:15.160 And paste our address. 96 07:16.570 --> 07:16.990 Okay. 97 07:16.990 --> 07:20.170 Let's run now to hit our breakpoint and step over. 98 07:22.000 --> 07:25.120 And now we compare - and -, and they are equal. 99 07:25.120 --> 07:27.460 And you notice when you come to the JGE, 100 07:27.910 --> 07:34.540 the arrow lights up in red, meaning that it will jump, and it's also shown here. 101 07:34.540 --> 07:35.620 Jump is taken. 102 07:35.740 --> 07:37.150 So why is that? 103 07:37.150 --> 07:39.160 Because JGE is true. 104 07:39.250 --> 07:42.370 It will jump if it's greater than or equal. 105 07:42.370 --> 07:45.130 So in this case, because - and - are equal, 106 07:45.130 --> 07:46.150 so it will jump. 107 07:46.690 --> 07:47.080 Okay. 108 07:47.080 --> 07:51.220 So this is how we can use the conditional jump. 109 07:51.220 --> 07:59.350 So this JL, JLE, JG, JGE are used for testing signed jumps. 110 07:59.590 --> 08:05.200 The signed jumps means that the values are negative, have negative numbers. 111 08:05.440 --> 08:09.520 That means you are treating the numbers here as negative or positive numbers. 112 08:10.270 --> 08:13.930 The previous one where we did JE and JNE, 113 08:13.960 --> 08:16.180 those are for unsigned numbers. 114 08:16.780 --> 08:18.940 So that's the difference between the two. 115 08:18.970 --> 08:20.680 So that's all for this video. 116 08:20.680 --> 08:22.000 Thank you for watching.