Hi,
After allocating memory into an process and writing memory how can i jump to the address at the end of the injection ?
using ret didn't help
I just wanted to know how to calculate the address and the allocating memory page address
Thanks.
Have a look at:
Especially at function "_InjectOpcodeAtAddress($memopen, $des_address, $size, $opcodes)":
PHP Code:
;================================================================================== ; Function: _InjectOpcodeAtAddress($memopen, $des_address, $size, $opcodes) ; Description: Injects an Code-Cave with specified Opcodes at an specified address. ; The Opcodes which was at $des_address are restored and will be executed ; even with active Code-Cave. ; Parameter(s): $memopen - A handle returned by _MemoryOpen (Nomad.au3) ; or _MemoryManipulationOpen (CCInject.au3) ; $des_address - Address where Opcode should be injected. ; $size - Size of bytes used at $des_address (min. 5 bytes) to get complete command. ; $opcodes - The Opcode which should be injected into process. ; Requirement(s): ; Return Value(s): On Success - Returns array of information: ; 0 - Code-Cave's baseaddress ; 1 - Old Opcode at Code-Cave's address (should be 0000...) ; 2 - Opcode which was injected ; 3 - Opcode which was at $des_address ; 4 - New Opcode which is now at $des_address ; On Failure - Returns -1 ; @Error - 0 = No error. ; 1 = $size is less than 5. ; Author(s): Shadow992 ; Note(s): ;==================================================================================
Thanks shadow i solved the problem ...
So for everyone is having the same problem as me , the solution is :
[..]
That's no solution, that's complete bullshit. Just stop trying to do your copypasta everywhere. I'm not even sure if you even knew yourself what you were trying to do.
Quote:
Originally Posted by HaMaDa..
using ret didn't help
using a return for a jmp gg wp.
you should at least know what a return does from general coding and how it isnt related to jumping, instead it is to calls.
That's no solution, that's complete bullshit. Just stop trying to do your copypasta everywhere. I'm not even sure if you even knew yourself what you were trying to do.
using a return for a jmp gg wp.
you should at least know what a return does from general coding and how it isnt related to jumping, instead it is to calls.
Quote:
Originally Posted by Zyntex
Just stop trying to do your copypasta everywhere
I asked for an help with something iam trying to do and i was having this problem so where's the copypaste and i know what iam doing
and actually i didn't use return for the jmp ofc, yes i know i wrote that ret didn't help but i didn't even explain.
even asking for an help is leeching for you?
You never faced any problem ? thanks anyway
FUNC Byte_Reverse($SBYTES) LOCAL $SREVERSED = "" FOR $I = STRINGLEN($SBYTES) - 1 TO 1 STEP -2 $SREVERSED &= STRINGMID($SBYTES, $I, 2) NEXT RETURN $SREVERSED ENDFUNC
Func Calc($dwCall, $dwAddress, $i = 0) If Not IsInt($dwCall) Then $dwCall = Dec(StringReplace($dwCall, "0x", "")) If Not IsInt($dwAddress) Then $dwAddress = Dec(StringReplace($dwAddress, "0x", ""))
If $i = 1 Then Local $tmp = $dwCall $dwCall = $dwAddress $dwAddress = $tmp EndIf EndFunc
Func DETOUR($hProcess,$lpSource, $lpDestination, $iSize) Local Const $NOP = 0x90 Local Const $JMP = 0xE9 if $iSize < 5 then ;Size must be bigger than 5 SetError(1) ;atleast 5 Bytes are needed for a JMP Return -1 EndIf for $i = 0 to $iSize - 1 WriteProcessMemory($hProcess,$lpSource + $i, $NOP, 'byte') ;NOP all bytes Next ;Write the detour WriteProcessMemory($hProcess,$lpSource, $JMP, 'byte') ;JUMP $lpStruc = DllStructCreate("DWORD Offset") ;For Overflow reasons DllStructSetData($lpStruc,"Offset",$lpDestination-$lpSource-5) WriteProcessMemory($hProcess,$lpSource + 1,DllStructGetData($lpStruc,"Offset"),'dword') Return 0 EndFunc
I asked for an help with something iam trying to do and i was having this problem so where's the copypaste and i know what iam doing
why do you then need to copy shadows "_ConvertHexToBytes" function, instead of doing your own one? can you even explain what the code does? and I dont mean just saying "it converts hex vars to bytes"
Quote:
Originally Posted by HaMaDa..
and actually i didn't use return for the jmp ofc, yes i know i wrote that ret didn't help but i didn't even explain.
why do you write it in your post then? sounds to me like you were just trying out random stuff without even knowing what it's for.
Quote:
Originally Posted by HaMaDa..
even asking for an help is leeching for you?
You never faced any problem ? thanks anyway
Looking at your stuff: Your code is awful. Instead of "focusing" on memory right now, please just try to do decent code/scripting. Dont just do the stuff, instead try to understand. In my opinion, it would really help you out. I know you for a while now, even longer than you think and even longer than this account exists.
Making Jump To Codecave for X6 bit process, How to make It Work correct. 05/15/2014 - .NET Languages - 10 Replies Hi i have been trying to get my little cheat code working correct for some times now. What i am having problems with is that i do not manage to figure out how to make my code work and jump to my codecave which i use VirtualalloEx to create, i get it to work just fine on a 32 bit process but when i try it on a 64 bit process the address which i need to jump to the allocated space i create first, it gets all screwed up and it does not work correct.
If anyone can help here id be more than...
best codecave video tsearch tutorial 07/29/2013 - Coding Tutorials - 14 Replies just upping it here because the old website where I've got it is down.
[Guide]Codecave 02/04/2013 - CO2 Programming - 7 Replies Hello !
long time didn't post topic or something into conquer sections but i hope this time its useful.
What is code cave:
A code-whoah ? Unless you have spent some time working in the area of reverse engineering, chances are you have not heard of the term codecave before.
A codecave can best be defined as a redirection of program execution to another location and then returning back to the area where program execution had previously left." In a sense, a codecave is no different in...
jump Animation address 07/21/2012 - CO2 Programming - 0 Replies Hello epvp community ,
I am asking if anyone can give me a hint how to get the jump function address by cheat engine or what is called jump animation , I just want make some modifications but can't reach the exact address .. if anyone can help I will appreciate it hopefully some one answer me :) .
Thanks.
someone answer me please :)
I want to remove jump animation as IAmHawtness did in his topic but i wanna it for client 5095 so i need to get the right address and i will continue so no...
