Home > Articles > Programming > Windows Programming

  • Print
  • + Share This
From the author of dml_flow

dml_flow

The dml_flow command works similar to uf and displays an assembly version of the code address specified. The main difference between dml_flow and uf is that the dml_flow output contains links to related code blocks that can be traversed. An example is shown in Figure 4.

Figure 4 Example of the dml_flow command

In Figure 4, we issued the dml_flow command specifying a starting address of 0x010012d0 and a target address of 0x010012eb. The output contains the disassembly of code with a notable highlight—the last instruction (jne) and the jump address of 0x010012ff. You can see that the jump address referenced in the disassembly also appears as a link that, when clicked, jumps to the address and disassembles the code located at that address.

The dml_flow command illustrates a very common task of following the flow of instructions by simply clicking on referenced addresses rather than having to manually type one of the many disassemble commands.

  • + Share This
  • 🔖 Save To Your Account