LDS,LES,LFS,LGS,LSS directive

LDS,LES,LFS,LGS,LSS its instruction format is

LDS Reg16,mem32

The meaning is to assign both a segment register and a 16-bit general-purpose register at the same time

Specific as follows: Reg16=mem32 's low word, Ds=mem32 's high character

For example

Address 100h 101h 102h 103h

Content 00h 41h 02h 03h

If instruction LDS ax,[100h]

The result is ax=4100h ds=0302h

CS (Code Segment): Snippet register;
DS (Data Segment): segment register;
SS (Stack Segment): stack segment register;
ES (Extra Segment): Additional segment registers.

FS (Extra Segment), whose value is the segment value of the additional data segment;
GS (Extra Segment), whose value is the segment value of the additional data segment.

FS f segment or F selector (presumably F may be free?). This register can be used as a substitute for the default segment register or selector. It can be loaded into any number, similar to the DS method.
GS g segment or G selector (g is the same meaning as F, not explained in Intel's documentation). It's almost exactly the same as FS.

In a 16-bit CPU system, it has only 4 segment registers, so the program can be accessed directly at most 4 segments in use at any time, and in a 32-bit microcomputer system it has 6 segment registers, so programs developed in this environment can access up to 6 segments at the same time. 32-bit CPUs have two different ways of working: real-mode and protection. In each of these ways, the function of the segment register is different. The relevant provisions are briefly described as follows:
Real mode: The first 4 segment registers CS, DS, ES, and SS have exactly the same meaning as the corresponding segment registers in the previous CPU, and the logical address of the memory unit is still the form of "segment value: Offset". To access data within a memory segment, the offset of the segment register and the storage unit must be used.
Protection mode: In this way, the situation is much more complex, the loading segment register is no longer a segment value, but a value called "Selector".

FS Register:

fs register points to the TEB structure (thread structure) of the currently active thread
Offset   Description
000  point to SEH chain Pointer
004  Thread stack top
008  thread stack bottom
00c  subsystemtib
010  fiberdata
014  arbitraryuserpointer
018  FS Segment register mirrored address in memory
020  process PID
024  thread ID
02c  point to Thread Local storage pointer
030  PEB structure address (process structure)
034  Last error number

How to get KERNEL32.DLL base address
assume fs:nothing; open FS Register
mov eax,fs:[30h]; get PEB structure address
mov eax,[eax + 0ch]; get peb_ldr_data structure address
mov esi,[eax + 1ch]; ininitializationordermodulelist
LODSD the ininitializationordermodulelist address of the ldr_module structure where KERNEL32.DLL is located
mov edx,[eax + 8h]; get baseaddress, both Kernel32.dll base address

Turn from:

http://blog.csdn.net/tianwailaibin/article/details/7364060

http://blog.csdn.net/xbin8/article/details/2158762

For detailed register introduction and function, see the following article:

http://blog.csdn.net/ly131420/article/details/8741225

LDS,LES,LFS,LGS,LSS directive