I want to inject x-code into the PE header (for the sake of experience) that outputs the string to the console. I almost reached my goal, there was only one touch left... I want to put offset of the string I want to output to the dx register. I've already been able to put the line itself in .data section.data section. I don't understand how to specify an offset, or rather calculate it (I work in the hiew program)
Everything I tried didn't help me much.
Since you mention putting the address into the dx register, I assume you are on 64 bit windows and want to use WriteFile which happens to take the buffer address in rdx.
Although you say you already have the string in the .data section it is actually simplest to put it into the .text section beside your code and use rip relative addressing:
lea rdx, [rel string]
call WriteFile
call ExitProcess
string: db "Hello world!", 10, 13
(nasm syntax, and I assume you have the other arguments and the stack layout already taken care of). The lea rdx, [rel string] in this case produces the machine code 48 8D 15 0A 00 00 00 since the offset to the string is 10 bytes from the start of the following instruction.
If you instead want to have your string in the data section, proceed as follows:
address_of_data = 0x403000address_of_text = 0x401000file_offset_of_data = 0x2400file_offset_of_text = 0x0600file_offset_of_string - file_offset_of_data + address_of_data e.g. address_of_string = 0x2410 - 0x2400 + 0x403000 = 0x403010lea instruction by doing file_offset_of_lea - file_offset_of_text + address_of_text, e.g. address_of_lea = 0x0bcf - 0x600 + 0x401000 = 0x4015cfaddress_of_string - address_of_lea - size_of_lea, e.g. 0x403010 - 4015cf - 7 = 0x1a3aThis is what you need to put into the lea, e.g. 48 8D 15 3a 1a 00 00.