| View previous topic :: View next topic |
| Author |
Message |
andykhoo
Newbie cheater
![]() Reputation: 0
Joined: 09 Nov 2008
Posts: 17
|
 Posted: Sat Oct 03, 2009 8:46 am Post subject: [Delphi]Allocate Memory |
 |
|
I need some help on allocating the memory of my pointer.
Here is the code for the functions.
| Code: | function VirtualAllocEx (hProcess : Integer;
var
lpAddress : Pointer;
vdwSize : Integer;
flAllocationType : Integer;
flProtect : Integer) : Integer;
stdcall; external 'kernel32.dll' name 'VirtualAllocEx' |
Then I coded it like this...
| Code: | | virtualallocex(hProcess,pointer ($00be9ed0),128,MEM_COMMIT,page_execute_readwrite); |
And I got this error...
| Code: | | Constant object cannot be passed as var parameter |
Any kind soul may help me?
|
|
| Back to top |
|
 |
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Sat Oct 03, 2009 8:53 am Post subject: |
|
|
according to your previous topic i understand you want to create codecave right?
you don't have to mess up things with virtualallocex
just create a function and put there your asm code (function is an allocated memory at you program)
and when you want the game to execute your code just redirect the calling address to you function
|
|
| Back to top |
|
|
andykhoo
Newbie cheater
![]() Reputation: 0
Joined: 09 Nov 2008
Posts: 17
|
| Posted: Sat Oct 03, 2009 8:59 am Post subject: |
|
|
| 1qaz wrote: | according to your previous topic i understand you want to create codecave right?
you don't have to mess up things with virtualallocex
just create a function and put there your asm code (function is an allocated memory at you program)
and when you want the game to execute your code just redirect the calling address to you function |
I don't really get what you mean
Here is my current code with the VirtualAllocEx which gave me error.
| Code: | procedure TForm1.CheckBox17Click(Sender: TObject);
var
hProcess:integer;
MS:hwnd;
ProcessID:integer;
label UAE,
UAEReturn;
begin
if GetProcessID(ProgramName, PidId) then
begin
asm
UAE:
push eax
mov eax,[$00be9ed0]
mov eax,[eax+$2230]
cmp eax,0000050
pop eax
jg UAEReturn
push eax
mov eax,[$00be9ed0]
mov eax,[eax+$0F00]
cmp esi,eax
pop eax
jne UAEReturn
add eax,06
jmp UAEReturn
UAEReturn:
mov [ebx], eax
mov edi,[ebp+10]
end;
SetLength(byteArr, 5);
byteArr[0] := $E9;
byteArr[1] := $73;
byteArr[2] := $1C;
byteArr[3] := $15;
byteArr[4] := $50;
pokeX($009DE388, byteArr);
SetLength(byteArr, 4);
closehandle(PidHandle);
end;
MS := FindWindow('MSClass', nil);
if MS <>0 then
begin
GetWindowThreadProcessID(MS, @ProcessID);
hProcess:=OpenProcess(PROCESS_ALL_ACCESS,false,ProcessID);
VirtualAllocEx(hProcess,pointer ($00be9ed0),128,MEM_COMMIT,page_execute_readwrite);
end;
end; |
Mind guiding me?
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Sat Oct 03, 2009 10:06 am Post subject: |
|
|
if you want to use the method i'm talking about forget virtualallocex
declare a function (empty one) in your code
| Code: |
__declspec(naked) void someHook()
{
}
|
inside that function write you asm code
| Code: |
__declspec(naked) void someHook()
{
asm
{
// you asm code
}
}
|
that represents your codecave like alloc in CE's AA
now you need the game you're hacking to jump to that codecave (function) to execute that asm code
so what we're doing is redirecting the game's address to jump to our function using the formula
destination address - source address - 5
in C++ it should look like
| Code: |
*(BYTE*)Address = 0xe9; // e9 is the opcode for jmp short
*(DWORD*)(Address + 1) = dest address - source address - 5;
|
i don't really know how's that going at delphi
but remember in the end of the code cave to jump to the original address + 5 bytes
| Code: |
__declspec(naked) void someHook()
{
asm
{
// asm code
jmp dword ptr ds:[Address + 5]
}
}
|
that's should help you i guess
|
|
| Back to top |
|
|
andykhoo
Newbie cheater
![]() Reputation: 0
Joined: 09 Nov 2008
Posts: 17
|
| Posted: Fri Oct 09, 2009 8:44 am Post subject: |
|
|
| 1qaz wrote: | if you want to use the method i'm talking about forget virtualallocex
declare a function (empty one) in your code
| Code: |
__declspec(naked) void someHook()
{
}
|
inside that function write you asm code
| Code: |
__declspec(naked) void someHook()
{
asm
{
// you asm code
}
}
|
that represents your codecave like alloc in CE's AA
now you need the game you're hacking to jump to that codecave (function) to execute that asm code
so what we're doing is redirecting the game's address to jump to our function using the formula
destination address - source address - 5
in C++ it should look like
| Code: |
*(BYTE*)Address = 0xe9; // e9 is the opcode for jmp short
*(DWORD*)(Address + 1) = dest address - source address - 5;
|
i don't really know how's that going at delphi
but remember in the end of the code cave to jump to the original address + 5 bytes
| Code: |
__declspec(naked) void someHook()
{
asm
{
// asm code
jmp dword ptr ds:[Address + 5]
}
}
|
that's should help you i guess |
But the error occurs at
| Code: | | mov eax,[$00be9ed0] |
|
|
| Back to top |
|
|
tombana
Master Cheater
![]() Reputation: 2
Joined: 14 Jun 2007
Posts: 456
Location: The Netherlands
|
| Posted: Fri Oct 09, 2009 9:24 am Post subject: |
|
|
| What 1qaz says will only work when you have a dll injected, it won't work from an external process. Do you use an injected dll?
|
|
| Back to top |
|
|
andykhoo
Newbie cheater
![]() Reputation: 0
Joined: 09 Nov 2008
Posts: 17
|
| Posted: Mon Oct 12, 2009 7:39 am Post subject: |
|
|
| tombana wrote: | | What 1qaz says will only work when you have a dll injected, it won't work from an external process. Do you use an injected dll? |
nope i use a standalone application
|
|
| Back to top |
|
|
XiO
Newbie cheater
![]() Reputation: 0
Joined: 27 Sep 2009
Posts: 22
|
| Posted: Mon Oct 12, 2009 10:27 am Post subject: |
|
|
| andykhoo wrote: | | tombana wrote: | | What 1qaz says will only work when you have a dll injected, it won't work from an external process. Do you use an injected dll? |
nope i use a standalone application |
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
