| View previous topic :: View next topic |
| Author |
Message |
Corruptor Advanced Cheater
Reputation: 3
Joined: 10 Aug 2011 Posts: 84
|
Posted: Sun Mar 11, 2012 8:27 am Post subject: Search for instruction? |
|
|
| Is there a way to search for a special winapi instruction, e.g ShellExecute, to so that you can set a brake point to that instruction and look which program is executed?
|
|
| Back to top |
|
 |
Kavvman Master Cheater
Reputation: 2
Joined: 17 Apr 2004 Posts: 316
|
Posted: Sun Mar 11, 2012 9:05 am Post subject: |
|
|
I don't know about CE but in olly you can type it in Goto window and get to it directly then set a bp etc..
_________________
... |
|
| Back to top |
|
 |
atom0s Moderator
Reputation: 205
Joined: 25 Jan 2006 Posts: 8587 Location: 127.0.0.1
|
|
| Back to top |
|
 |
SwaggaJackin' Master Cheater
Reputation: 2
Joined: 06 Nov 2009 Posts: 312
|
Posted: Sun Mar 11, 2012 8:02 pm Post subject: |
|
|
| You can also press ctrl+alt+s in the memory viewer to enumerate the symbols and dll's to check.
|
|
| Back to top |
|
 |
Corruptor Advanced Cheater
Reputation: 3
Joined: 10 Aug 2011 Posts: 84
|
Posted: Mon Mar 12, 2012 3:01 pm Post subject: |
|
|
| Wiccaan wrote: | In CE, open the memory viewer and hit Ctrl+G, then type in the API name and press ok. Keep in mind most API have an Ansi and Unicode version, meaning you may need to use:
- ShellExecuteA
- ShellExecuteW |
thanks, worked perfectly.
|
|
| Back to top |
|
 |
|