| View previous topic :: View next topic |
| Author |
Message |
sylvanus
Advanced Cheater
![]() Reputation: 0
Joined: 09 May 2006
Posts: 68
|
 Posted: Sat Sep 13, 2008 12:22 pm Post subject: Question basis of __asm command |
 |
|
help please :
if i am patch this address : 00AAAAAA = nop
DWORD address = 0x00AAAAAA
*(BYTE*)address = 0x90
but, other method, in asm for example
this correct?
__asm {
cs:00AAAAAA NOP
}
??
i look a example in this forum with __asm patching memory, but can't found,
|
|
| Back to top |
|
 |
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sat Sep 13, 2008 12:25 pm Post subject: |
|
|
Haven't really touched ASM but wouldn't it be something like this?
| Code: |
_asm {
mov DWORD PTR DS:[0x00AAAAAA], 0x90
}
|
I'm not sure if you need the hex notation though.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
sylvanus
Advanced Cheater
![]() Reputation: 0
Joined: 09 May 2006
Posts: 68
|
| Posted: Sat Sep 13, 2008 12:29 pm Post subject: |
|
|
| yes, thanks!!
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sat Sep 13, 2008 12:30 pm Post subject: |
|
|
No problem 
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
GMZorita
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 21 Mar 2007
Posts: 1361
|
| Posted: Sat Sep 13, 2008 12:36 pm Post subject: |
|
|
| oib111 wrote: | Haven't really touched ASM but wouldn't it be something like this?
| Code: |
_asm {
mov DWORD PTR DS:[0x00AAAAAA], 0x90
}
|
I'm not sure if you need the hex notation though. |
Wouldnt it be BYTE?
I know 0x00AAAAAA is DWORD but i got curious the xxx in:
| Code: |
mov xxx PTR DS:[0x00AAAAAA], 0x90 |
Is for the addy or the value?
_________________
Gone |
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sat Sep 13, 2008 12:38 pm Post subject: |
|
|
I think it's the value that the address holds, not for what value you're trying to move into it. But then again, I'm not an ASM expert.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
samuri25404
Grandmaster Cheater
 Reputation: 7
Joined: 04 May 2007
Posts: 955
Location: Why do you care?
|
| Posted: Sat Sep 13, 2008 12:45 pm Post subject: |
|
|
The xxx represents the size of the value moving.
MOV DWORD implies 4 bytes, therefore, you would be moving
MOV BYTE implies 1 byte, so it would only move
into the address.
_________________
|
|
| Back to top |
|
|
GMZorita
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 21 Mar 2007
Posts: 1361
|
| Posted: Sat Sep 13, 2008 1:02 pm Post subject: |
|
|
| samuri25404 wrote: | The xxx represents the size of the value moving.
MOV DWORD implies 4 bytes, therefore, you would be moving
MOV BYTE implies 1 byte, so it would only move
into the address. |
He so i was right =D thx for cleanning that up.
It would be stupid to define the address as DWORD since the address will always be a DWORD.
_________________
Gone |
|
| Back to top |
|
|
sponge
I'm a spammer
 Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Sat Sep 13, 2008 1:11 pm Post subject: |
|
|
defining it as a dword would fill it up with crap + nop.
_________________
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sat Sep 13, 2008 5:36 pm Post subject: |
|
|
I have a question. Do you need to put the DS: part? Can't you just put this?
| Code: |
_asm {
mov BYTE PTR:[0x00AAAAAA], 0x90
}
|
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
sylvanus
Advanced Cheater
![]() Reputation: 0
Joined: 09 May 2006
Posts: 68
|
| Posted: Sat Sep 13, 2008 8:37 pm Post subject: |
|
|
yes oib,
i have other question,
I suppose this is also correct
_asm {
mov OWORD PTR:[0x00AAAAAA], 0x90909090909090909090909090909090
}
oword = 8 words
and DS = DATA SEGMENT not it neccesary?
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
 Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Sat Sep 13, 2008 9:12 pm Post subject: |
|
|
there's no colon when you don't use a segment register.
__asm mov dword ptr [0x123456], 0x90909090
__asm mov byte ptr [0x123456], 0x90
__asm mov dword ptr ds:[0x123456], 0x90909090
__asm mov byte ptr ds:[0x123456], 0x90
_________________
|
|
| Back to top |
|
|
Zand
Master Cheater
![]() Reputation: 0
Joined: 21 Jul 2006
Posts: 424
|
| Posted: Sat Sep 13, 2008 9:39 pm Post subject: |
|
|
OWORD?
I kinda recall there was a QWORD, but not OWORD...
|
|
| Back to top |
|
|
GMZorita
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 21 Mar 2007
Posts: 1361
|
| Posted: Sun Sep 14, 2008 6:21 am Post subject: |
|
|
| Zand wrote: | OWORD?
I kinda recall there was a QWORD, but not OWORD... |
Me too but i searched and OWORD rlly exist =/
_________________
Gone |
|
| Back to top |
|
|
Wintermoot
Expert Cheater
 Reputation: 0
Joined: 08 Nov 2007
Posts: 198
|
| Posted: Sun Sep 14, 2008 7:04 am Post subject: |
|
|
When you use 0x for this, you have to reverse the bytes...
Lets say jmp 00112233 is 75 77 and, jne 00112233 is 74 77. We want to change the jmp to jne.
That would mean you could do:
__asm mov word ptr ds:[0x00112233], 0x7774
OR
__asm mov word ptr ds:[0x00112233], 7477h
Someone please correct me if I am wrong...
Fixed typo...
Last edited by Wintermoot on Sun Sep 14, 2008 10:28 pm; edited 1 time in total |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
