From: nowhere@never.at   
      
   Kerr Mudd-John wrote:   
      
   a new thread is welcome anyway :)   
      
   >> 14c sub al,21      ;c5-21=a4   
   >> 14d inc ax  dup2   ;a6 xor 65 = c3   
   >> 14f xor [bx+7e],al ;create a RET in   
      
   > I see the sub as being 2 bytes, the counts look off by 1 after this   
   > for me.   
      
   Yes thanks. I just typed it in and moved things around lateron. So the   
   last unused byte at 0160 is gone yet and the branches were altered.   
   There was one more error in my post: push 56 for CX read now 38 and   
   I still wonder how a decimal could enter my Hex-world.   
      
   hope it's correct typed in yet:   
      
   100 pop cx   
   101 push cx   
   102 push cx        ;ax=0   
   103 push byte 038  ;cx=0038 (56 byte)   
   105 push 4130      ;dx=4130 to find my first byte with DH   
   108 pop ax   
   109 push ax   
   10a xor ax,4030   
   10d push ax        ;bx=0100   
   10e push cx  dup2  ;sp,bp=0   
   110 sub al,7e      ;   
   112 push ax        ;si=0182   
   113 push byte 044  ;di=0044   
   115 popa           ;   
   116 push BX        ;for ret   
   117 push DI        ;for ret   
   118 sub ax,5873    ;-> a78d xor 6666 = EB C1   
   11b xor [bx+5D],ax ;make a back-branch to 0120   
   11e jnc 0142       ;=jmp always after xor (73 22)   
      
   120 cmp [si],dh    ;search my first byte (41)   
   122 jnz 015a       ;skip   
   124 3636 REP MOVSB ;   
   126 sub [bp+7a],ax ;ax= 7761 [07a] was 404c   
   129 sub [bp+74],al ;         [074] was 22   
   12c sub [bp+71],ax ; and so on...   
   13f sub [bb+6e],ax   
   132 sub [bp+6b],ax   
   135 sub [bp+69],ax   
   138 sub [bp+66],ax   
   13b sub [bp+60],ax   
   13e jnz 0161       ;=jmp always 75 21   
   140 0d 0a   
      
   142 36 36   
   144 push bp   
   145 pop ax   
   146 sub ax,6d3b    ;92c5 xor 3636 = A4F3   
   149 xor [bx+24],ax ;create REP MOVS   
   14c sub al,21      ;c5-21=a4   
   14e inc ax  dup2   ;a6 xor 65 = c3   
   150 xor [bx+7e],al ;create a RET in a field of 65 nops   
   153 push bx   
   154 pop di   
   155 push 7761   
   158 pop ax   
   159 dec si   
   15a 36 36          ;slide nops   
   15c inc si   
   15d 6666 JMP 120   ;become eb c1   
   15f 6666   
      
   161 sub [bp+5e],al   
   164 sub [bp+5c],al   
   167 sub [bp+5a],ax   
   16a sub [bp+55],ax   
   16d sub [bp+51],al   
   170 sub [bb+4d],ah   
   173 363636         ;free for two more   
   176 363636         ;   
   179 sub al,7a      ;   
   17b sub [bp+4b],ax ;   
   17e 6565           ;the return goes here   
   180 6565           ;or there   
   182 0d0a   
   184 3636           ;two are enough with scan start at 0182   
   186 41414141 ...   ;raw string starts here immediate followed by B64   
   __   
   wolfgang   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)