Posted: Wed Aug 05, 2020 1:03 pm Post subject: Trying to create table to NOP out address from .dll
First, thanks for having & reading a no-account subforum here. I super appreciate not having to make an account for what will likely be a one time thing.
I've been suggested to make a CE table for some DLL edits to a game. I know the 7 addresses I need to modify. Each address needs 2 bytes of NOP to skip a function call. I was modifying the dll directly in a hex editor, but I'd like to share it in a more friendly way.
I've tried searching for the answer and I've not come up with the answer in the past 30 min. Any help with search terms or a link to an example would be great. Thanks for your time!
CE is generally used on running software- i.e. dynamic analysis vs static analysis. If that's fine, figure out where the new addresses are after the OS loads the dll into the process's memory and change it with an AA script like this:
Code:
[ENABLE]
foo.dll+538A:
db 90 90
foo.dll+7190:
db 90 90
foo.dll+B18C:
db 90 90
[DISABLE]
// restore whatever the original bytes are... or don't and delete everything beyond this
foo.dll+538A:
db CC CC
foo.dll+7190:
db CC CC
foo.dll+B18C:
db CC CC
If you want to change the dll itself, CE can attach to files on disk. I'm not terribly familiar with it but I can't imagine it would be much different. _________________
I don't know where I'm going, but I'll figure it out when I get there.
You can post new topics in this forum You can reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum