Ok, let's say I know the physical offset in an exe. And I know of another. Those two are A and B of the whole jump. In other words, I want to jump from A to B.

So, for the question, how do I know what jump I use... short, long, medium?

Is there some detail guide out there that'll assist me in correctly using the right jump.

BTW, this is for NetZero, and I've already patched the RasHangUpA but it gives me an illegal operation box when it exists... so, I don't consider the crack flawless.

And another thing, I proudly can say that I've managed to find a way around the 10 hour limit. Ooops, I've already said too much.

Well - as a short jump only consists of 2 bytes..

The opcode for the jump EB -> jmp or 74 -> jne etc
the other byte is the distance... 0-FF is 255d but half of it jump backward and half of it forward... (i'm to lazy to calculate that manually) So your short jumps are limited.

If it exceeds 255/2 forward or backward then you need a long
jump... I used to just write it inside HIEW and get surprised if I
need a long or short - In case it is a long jump then verify it with
SoftIce.. Hiew calculates the long jumps (most of the time) wrong

Congrats on solving the little 10 hours limit puzzle

Hello Six Black Roses !

There are several types of jumps, both in 16bit and 32bit. Let's try to explain.
All jumps are counted from the end of the jump instruction. All values after the instruction can be positive or negative, which means jump further or jump back.

16 bit

EBh
A short jump. Followed by one byte. Can jump from -128 to +127 bytes.
5000:0100 Jmp 120 (EB1E)

E9h
A near jump. Followed by two bytes. Can jump to all places in the same code segment.
5000:0100 Jmp 220 (EB1D01)

EAh
A far jump. Followed by four bytes. Can jump to any location in memory (by changing the code segment), but uses absolute addresses instead of relative ones.
5000:0100 Jmp 6000:0100 (EA00010060)

7?h
A short conditional jump. Followed by one byte. ? denotes the reason why to jump. Can jump from -128 to +127 bytes.
5000:0100 Ja 120 (771E)

0F8?h
A near conditional jump. Followed by two bytes. ? denotes the reason why to jump. Can jump from -32768 to +32767 bytes.
5000:0100 Ja 220 (0F871B01)

32 bit

EBh
A short jump. Followed by one byte. Can jump from -128 to +127 bytes.
0177:00401000 Jmp 00401020 (EB1E)

E9h
A near jump. Followed by four bytes. Can jump to all places in the same code segment.
0177:00401000 Jmp 00401120 (E91B010000)

EAh
A far jump. Followed by six bytes. Can jump to any location in memory (by changing the code segment), but uses absolute addresses instead of relative ones. It is also quite unusual.
0177:00401000 Jmp 0028:C0001000 (EA001000C02800)

7?h
A short conditional jump. Followed by one byte. ? denotes the reason why to jump. Can jump from -128 to +127 bytes.
0177:00401000 Ja 00401020 (771E)

0F8?h
A near conditional jump. Followed by four bytes. ? denotes the reason why to jump. Can jump from -2147483648 to +2147483647 bytes.
0177:00401000 Ja 00401120 (0F871A010000)

I hope this helps you more than it confuses you.
(I've calculated all jumps with my brain, so I hope there is no error in it. )
There are also many jumps to values of memory addresses (Jmp Word Ptr [BX] or Jmp DWord Ptr [EAX+4*EDX] or similar), but it would be too complicated to explain them here.