Hi how can i change register in specific addres?
for example i have this addres 0034534 and i want to change the register of eax
how can i do?
for example i have this addres 0034534 and i want to change the register of eax
how can i do?
help with register
09/29/2012 12:03
Hatish#1
09/29/2012 13:26
lolkop#2
that easily done via inline asm.
step 1: allocate some memory
step 2: write your asm logic into the allocation (mov eax, <value>; push <nextAdress>; retn)
step 3: place a jmp at your adress (0x0034534) pointing to your allocation
step 1: allocate some memory
step 2: write your asm logic into the allocation (mov eax, <value>; push <nextAdress>; retn)
step 3: place a jmp at your adress (0x0034534) pointing to your allocation
09/29/2012 13:51
Hatish#3
you can do a simple example of script?Quote:
that easily done via inline asm.
step 1: allocate some memory
step 2: write your asm logic into the allocation (mov eax, <value>; push <nextAdress>; retn)
step 3: place a jmp at your adress (0x0034534) pointing to your allocation
09/30/2012 16:32
Hatish#4
push :)
09/30/2012 18:20
Shadow992#5
Use my UDF and just Inject some ASM-Code which modifies your register:Quote:
[Only registered and activated users can see links. Click Here To Register...]
09/30/2012 22:10
Hatish#6
I read your udf but i need an example of script :) if possible
09/30/2012 22:34
Shadow992#7
Where is the problem?Quote:
PHP Code:
$size=5 ; Size of Opcodes overwritten, will be different from 5 for sure
$open=_MemoryManipulationOpen($process)
_InjectASMAtAddress($open, 0x0034534, $size, "MOV eax, 1000")
10/01/2012 15:09
Hatish#8
$size need or i can jump it? PS: i trie to do a script but dont add eax at addres
10/01/2012 18:00
Shadow992#9
$size is the size of opcode you are overwriting at the specific address, min. is 5 and you will need for sure not exactly 5 but 6 or more.Quote: