-
Notifications
You must be signed in to change notification settings - Fork 0
/
pattern_search.txt
149 lines (134 loc) · 4.86 KB
/
pattern_search.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
000xx110 mmmmmmmm (push: segment register)
000xx111 mmmmmmmm (pop: segment register)
001xx110 mmmmmmmm (segment)
100000 xx xx000xxx (add: immediate to register/memory)
100000 xx xx010xxx (adc: immediate to register/memory)
100000 xx xx011xxx (sbb: immediate from register/memory)
100000 xx xx101xxx (sub: immediate from register/memory)
100000 xx xx111xxx (cmp: immediate with register/memory)
110100 xx xx000xxx (rol)
110100 xx xx001xxx (ror)
110100 xx xx010xxx (rcl)
110100 xx xx011xxx (rcr)
110100 xx xx100xxx (shl/sal)
110100 xx xx101xxx (shr)
110100 xx xx111xxx (sar)
111101 1x xx000xxx (test: immediate and register/memory)
111101 1x xx010xxx (not)
111101 1x xx011xxx (neg)
111101 1x xx100xxx (mul)
111101 1x xx101xxx (imul)
111101 1x xx110xxx (div)
111101 1x xx111xxx (idiv)
111111 1x xx000xxx (inc: register/memory)
111111 1x xx001xxx (dec: register/memory)
100000 0x xx001xxx (or: immediate to register/memory)
100000 0x xx100xxx (and: immediate to register/memory)
110001 1x xx000xxx (mov: immediate to register/memory)
100011 11 xx000xxx (pop: register/memory)
111111 11 xx010xxx (call: indirect within segment)
111111 11 xx011xxx (call: indirect intersegment)
111111 11 xx100xxx (jmp: indirect within segment)
111111 11 xx101xxx (jmp: indirect intersegment)
111111 11 xx110xxx (push: register/memory)
1011xxxx mmmmmmmm (mov: immediate to register)
10010xxx mmmmmmmm (xchg: register with accumulator)
01000xxx mmmmmmmm (inc: register)
01001xxx mmmmmmmm (dec: register)
01010xxx mmmmmmmm (push: register)
01011xxx mmmmmmmm (pop: register)
11011xxx xxxxxxxx (esc)
000000xx xxxxxxxx (add: reg/memory with register to either)
000010xx xxxxxxxx (or: reg/memory and register to either)
000100xx xxxxxxxx (adc: reg/memory with register to either)
000100xx xxxxxxxx (test: register/memory and register)
000110xx xxxxxxxx (sbb: reg/memory and register to either)
001000xx xxxxxxxx (and: reg/memory with register to either)
001010xx xxxxxxxx (sub: reg/memory and register to either)
001100xx xxxxxxxx (xor: reg/memory and register to either)
001110xx xxxxxxxx (cmp: register/memory and register)
100010xx xxxxxxxx (mov: register/memory to/from register)
0000010x mmmmmmmm (add: immediate to accumulator)
0000110x mmmmmmmm (or: immediate to accumulator)
0001010x mmmmmmmm (adc: immediate to accumulator)
0001110x mmmmmmmm (sbb: immediate from accumulator)
0010010x mmmmmmmm (and: immediate to accumulator)
0010110x mmmmmmmm (sub: immediate from accumulator)
0011010x mmmmmmmm (xor: immediate to accumulator)
0011010x mmmmmmmm (xor: immediate to register/memory)
0011110x mmmmmmmm (cmp: immediate with accumulator)
1010000x mmmmmmmm (mov: memory to accumulator)
1010001x mmmmmmmm (mov: accumulator to memory)
1010010x mmmmmmmm (movs)
1010011x mmmmmmmm (cmps)
1010100x mmmmmmmm (test: immediate data and accumulator)
1010101x mmmmmmmm (stds)
1010110x mmmmmmmm (lods)
1010111x mmmmmmmm (scas)
1110010x mmmmmmmm (in: fixed port)
1110011x mmmmmmmm (out: fixed port)
1110110x mmmmmmmm (in: variable port)
1110111x mmmmmmmm (out: variable port)
1111001x mmmmmmmm (rep)
1000011x xxxxxxxx (xchg: register/memory with register)
00100111 mmmmmmmm (daa)
00101111 mmmmmmmm (das)
00110111 mmmmmmmm (aaa)
00111111 mmmmmmmm (aas)
01110000 mmmmmmmm (jo)
01110001 mmmmmmmm (jno)
01110010 mmmmmmmm (jb/jnae)
01110011 mmmmmmmm (jnb/jae)
01110100 mmmmmmmm (je)
01110101 mmmmmmmm (jne/jnz)
01110110 mmmmmmmm (jbe/jna)
01110111 mmmmmmmm (jnbe/ja)
01111000 mmmmmmmm (js)
01111001 mmmmmmmm (jns)
01111010 mmmmmmmm (jp/jpe)
01111011 mmmmmmmm (jnp/jpo)
01111100 mmmmmmmm (jl/jnge)
01111101 mmmmmmmm (jnl/jge)
01111110 mmmmmmmm (le/jng)
01111111 mmmmmmmm (jnle/jg)
10011000 mmmmmmmm (cbw)
10011001 mmmmmmmm (cwd)
10011010 mmmmmmmm (call: direct intersegment)
10011011 mmmmmmmm (wait)
10011100 mmmmmmmm (pushf)
10011101 mmmmmmmm (popf)
10011110 mmmmmmmm (sahf)
10011111 mmmmmmmm (lahf)
11000010 mmmmmmmm (ret: within seg adding immed to sp)
11000011 mmmmmmmm (ret: within segment)
11001010 mmmmmmmm (ret: intersegment adding immediate to sp)
11001011 mmmmmmmm (ret: intersegment)
11001100 mmmmmmmm (int: type 3)
11001101 mmmmmmmm (int: type specified)
11001110 mmmmmmmm (into)
11001111 mmmmmmmm (iret)
11010111 mmmmmmmm (xlat)
11100000 mmmmmmmm (loopnz/loopne)
11100001 mmmmmmmm (loopz/loope)
11100010 mmmmmmmm (loop)
11100011 mmmmmmmm (jcxz)
11101000 mmmmmmmm (call: direct within segment)
11101001 mmmmmmmm (jmp: direct within segment)
11101010 mmmmmmmm (jmp: direct intersegment)
11101011 mmmmmmmm (jmp: direct within segment-short)
11110000 mmmmmmmm (lock)
11110100 mmmmmmmm (hlt)
11110101 mmmmmmmm (cmc)
11111000 mmmmmmmm (clc)
11111001 mmmmmmmm (stc)
11111010 mmmmmmmm (cli)
11111011 mmmmmmmm (sti)
11111100 mmmmmmmm (cld)
11111101 mmmmmmmm (std)
10001101 xxxxxxxx (lea)
11000100 xxxxxxxx (les)
11000101 xxxxxxxx (lds)
10001100 xx0xxxxx (mov: segment register to register/memory)
10001110 xx0xxxxx (mov: register/memory to segment register)
11010100 00001010 (aam)
11010101 00001010 (aad)