[Release] Assembly in C#

[null]

Hello,
With this .cs (C# Class) file, you can perform BASIC asm commands, such as

Code:

mov ebp, esp <-- asm.Mov_EBP_ESP();
call dword ptr ds:[00873A1F] <-- asm.Call_DWORD_Ptr(0x00873A1F);
ret <-- asm.Ret();

Assembly in C# is NOT my creation, however, I have modified the source to enable Call's that are not 'Dword Ptr's (this was difficult because to figure out the opcode for jmp ADDY, you have to perform a math sequence on the ADDY (intTohex(((TargetCall - OldAddress) - 10), 8) due to the jmp TARGET being relative to the current address line).

Example:

Code:

            ASM asm = new ASM();
            int CodeCaveAddy = asm.GetAddress(Co2PID);
            MessageBox.Show(asm.IntToHexA(Co2PID));
           asm.Mov_ECX(0x0057FBF0);
           asm.Call(CodeCaveAddy, 0x004C2394);
           asm.Ret();
            asm.RunAsm(Co2PID, CodeCaveAddy);

Replace Co2PID with the process ID of the Conquer Window
If you want the PID worked out for you:

Code:

            Process[] pro = Process.GetProcessesByName("Conquer");
            int conquer = pro[0].Id;

For the 1st active conquer window.


And last but not least, the ASM.cs file! (Attached)

[_fobos_]

Quote:

Originally Posted by null

Hello,
With this .cs (C# Class) file, you can perform BASIC asm commands, such as

Code:

mov ebp, esp <-- asm.Mov_EBP_ESP();
call dword ptr ds:[00873A1F] <-- asm.Call_DWORD_Ptr(0x00873A1F);
ret <-- asm.Ret();

Assembly in C# is NOT my creation, however, I have modified the source to enable Call's that are not 'Dword Ptr's (this was difficult because to figure out the opcode for jmp ADDY, you have to perform a math sequence on the ADDY (intTohex(((TargetCall - OldAddress) - 10), 8) due to the jmp TARGET being relative to the current address line).

Example:

Code:

            ASM asm = new ASM();
            int CodeCaveAddy = asm.GetAddress(Co2PID);
            MessageBox.Show(asm.IntToHexA(Co2PID));
           asm.Mov_ECX(0x0057FBF0);
           asm.Call(CodeCaveAddy, 0x004C2394);
           asm.Ret();
            asm.RunAsm(Co2PID, CodeCaveAddy);

Replace Co2PID with the process ID of the Conquer Window
If you want the PID worked out for you:

Code:

            Process[] pro = Process.GetProcessesByName("Conquer");
            int conquer = pro[0].Id;

For the 1st active conquer window.


And last but not least, the ASM.cs file! (Attached)

Good contribution id say Keep it up!

[high6]

I see you used my disconnect thing as an example XD.

This probably shouldn't be used without changes because anything complicated will be raped by the fact that it stores the data in a string.

Nice idea though.

[_fobos_]

Quote:

Originally Posted by high6

I see you used my disconnect thing as an example XD.

This probably shouldn't be used without changes because anything complicated will be raped by the fact that it stores the data in a string.

Nice idea though.

true

[null]

Quote:

Originally Posted by high6

I see you used my disconnect thing as an example XD.

This probably shouldn't be used without changes because anything complicated will be raped by the fact that it stores the data in a string.

Nice idea though.

Heh, I discovered the disconnect thing long before it was posted here, by hooking MessageBoxA ect.. but yeah, to whoever uses this class should really tweak it.

[high6]

Quote:

Originally Posted by null

Heh, I discovered the disconnect thing long before it was posted here, by hooking MessageBoxA ect.. but yeah, to whoever uses this class should really tweak it.

I mean you posted this after I posted the CreateRemoteThread example of it.

[tanelipe]

And from now on we shall stay on topic.

[MushyPeas]

Quote:

Originally Posted by tanelipe

And from now on we shall stay on topic.

Psh mean mod, you deleted my post.

Nice topic for anyone using C# who isn't too stupid to use it