ParkourPenguin I post too much Reputation: 138 Joined: 06 Jul 2014 Posts: 4275
|
Posted: Sat Apr 22, 2017 8:48 am Post subject: |
|
|
The opcode A1 addresses a memory location using an offset relative to a segment base (in the majority of contemporary cases, 0). Therefore, if you know that address must be in the module game.exe, subtract the address game.exe was loaded at from that dword to get the offset.
Basic algebra:
Code: | seg + moffs32 = game.exe + module_offset
seg = 0
module_offset = moffs32 - game.exe |
That specific example you posted isn't possible, because that would imply game.exe was loaded at a granularity of 4.
Using mgr.inz.Player's solution would be easier than calculating the module offset. It's how I (and perhaps most people) would get an address hardcoded into an instruction. _________________ I don't know where I'm going, but I'll figure it out when I get there.
|
|