Please Help run asm on specific address on c++

Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Please Help run asm on specific address on c++


    RaGEZONE Recommends

    RaGEZONE Recommends

    Anyone can help me to solve my problem I have no knowledge about asm. I wat to run an asm to a specific address or offset.

    example I want to run the block of asm in the address I specified 0x00424B1C?

    Code:
    #include "StdAfx.h"
    
    void __declspec(naked) MyStuff() {
    	__asm {
    		PUSH EBP
    			MOV EBP, ESP
    			MOV EAX, DWORD PTR SS : [EBP + 0x8]
    			MOV EAX, DWORD PTR DS : [EAX]
    			XOR EAX, ENCPACKET
    			MOV DWORD PTR SS : [EBP + 0x8], EAX
    			MOV AX, WORD PTR SS : [EBP + 0xA]
    			POP EBP
    			RETN 0x4
    	}
    }
    
    void SetStuff(){
    	SetJmp((LPVOID)0x00424B1C,  MyStuff);
    }
    any idea? thanks in advance!!
    Last edited by kolipri; 12-02-17 at 04:18 AM.


  2. #2
    Watching from above Negata is offline
    LegendRank
    Apr 2004 Join Date
    FinlandLocation
    5,556Posts

    Re: Please Help run asm on specific address on c++

    What are you trying to achieve with this?
    Bow down before the one you serve.

  3. #3
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by Negata View Post
    What are you trying to achieve with this?
    Thanks you for the response! I want to change some value in the specific offset and this is the beginning of offset 0x00424B1C.

  4. #4
    Please Help run asm on specific address on c++ Future is online now
    SupervisorRank
    Dec 2011 Join Date
    1,841Posts

    Re: Please Help run asm on specific address on c++

    Hmm I'm not sure if I'm understanding the question correctly. Change a value at a memory offset? For a task like that you won't need ASM unless you work with some reversed ASM that needs to run or be called from somewhere (usually done on reversed code). I couldn't help you much with that but if you know certain memory is always located at 0x00424B1C (virtual ram offsets are usually different at each execution) you can access it by making it a pointer of the type you need.

    If it's a function you can cast a function pointer out of it and call it through that with the params it takes. I don't think you can tell the compiler at which memory location to compile a function to, specially not at runtime. I'm not a pro on this though so I might be wrong. But you can redirect around or build code caves.




    Quote Originally Posted by A Wise Man
    P-Servers are NOT dead. Bugs need squishing. Quests need fixing. Unfortunately, majority of people don't know the difference between a computer and a toaster so...

  5. #5
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by Future View Post
    Hmm I'm not sure if I'm understanding the question correctly. Change a value at a memory offset? For a task like that you won't need ASM unless you work with some reversed ASM that needs to run or be called from somewhere (usually done on reversed code). I couldn't help you much with that but if you know certain memory is always located at 0x00424B1C (virtual ram offsets are usually different at each execution) you can access it by making it a pointer of the type you need.

    If it's a function you can cast a function pointer out of it and call it through that with the params it takes. I don't think you can tell the compiler at which memory location to compile a function to, specially not at runtime. I'm not a pro on this though so I might be wrong. But you can redirect around or build code caves.
    thanks!
    I try this SetJmp((LPVOID)0x00424B1C, MyStuff); but after that address it will jump to another offset 0x00166BB0 why They cant run continues of the next offset like this 0x00424B1C, 0x00424B1D, 0x00424B1E, 0x00424B1F? why it jump to offset 0x00166BB0? thanks!

    - - - Updated - - -

    may I ask if asm is working with packed exe?

  6. #6
    Developer DNC is offline
    DeveloperRank
    Oct 2011 Join Date
    2,439Posts

    Re: Please Help run asm on specific address on c++

    setjmp does contain enough so that your call to longjmp function can return execution to the correct block, but you're dependent on the number of registers available to the system you're developing on. Don't forget that since setjmp "estimates" how much calling context jmp_buf can store, your expression evaluation may not contain everything that you require. Besides you don't get the state of status flags etc.
    I highly recommend finding an alternative solution to this issue.

    - - - Updated - - -

    Perhaps elaborating on what your "real" intentions and goals are here.
    What application are you examining (IE the .exe file name, where is it from)? Why are you attempting to access these memory addresses? What do you intend to modify? What type of data is being evaluated?
    Just a few, of dozens of questions.
    If you are talking to someone pretending to be me aka DNC, you're about to be scammed.
    Do not come to this forum complaining that you were scammed; when buying, selling, trading files is against forum rules.
    Don't point a finger at me, I am not talking with anyone.

  7. #7
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by DNC View Post
    setjmp does contain enough so that your call to longjmp function can return execution to the correct block, but you're dependent on the number of registers available to the system you're developing on. Don't forget that since setjmp "estimates" how much calling context jmp_buf can store, your expression evaluation may not contain everything that you require. Besides you don't get the state of status flags etc.
    I highly recommend finding an alternative solution to this issue.

    - - - Updated - - -

    Perhaps elaborating on what your "real" intentions and goals are here.
    What application are you examining (IE the .exe file name, where is it from)? Why are you attempting to access these memory addresses? What do you intend to modify? What type of data is being evaluated?
    Just a few, of dozens of questions.
    thanks! I have cabal private server, I want to hide in dll the important information to avoid any cheats or hacking attempt. But I dont have an idea how the asm works. can you help me if you dont mind? I am using codex anticheat. And I add some function to codex dll to hide the important information to cabal exe. but dont have an idea about asm. hope you can help me! thanks in advance!!

  8. #8
    Developer DNC is offline
    DeveloperRank
    Oct 2011 Join Date
    2,439Posts

    Re: Please Help run asm on specific address on c++

    Apologies, it would take quite a bit of preparation and explanation to go into this.
    Currently just don't have the time to get involved at this level.

    Perhaps someone else can give you the type of information you're searching for.

    Just try to find an alternative solution to .asm
    If you are talking to someone pretending to be me aka DNC, you're about to be scammed.
    Do not come to this forum complaining that you were scammed; when buying, selling, trading files is against forum rules.
    Don't point a finger at me, I am not talking with anyone.

  9. #9
    Hardcore Member singlejail is offline
    MemberRank
    Aug 2016 Join Date
    I'm nothingLocation
    136Posts

    Re: Please Help run asm on specific address on c++

    is thaat a pre packed offst?
    ##

  10. #10
    Hardcore Member Scax is offline
    MemberRank
    May 2009 Join Date
    MexicoLocation
    108Posts

    Re: Please Help run asm on specific address on c++

    Hi, I have a couple of questions to know if I can help or not:
    You are saying that the function enters in the address 0x00424B1C, but in the next one it changes to a random address, in which line of the code happen that (if you got debbuger better)? or when it reaches the random address it jumps to the next one?
    What does SetJmp returns?
    Which OS are you using?

    PD: If you don't know anything about ASM you should be reading this:
    x86 - explanation about push ebp and pop ebp instruction in assembly - Stack Overflow
    Last edited by Scax; 13-02-17 at 03:32 AM.

    Eat, sleep, rave, repeat.

  11. #11
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by Scax View Post
    Hi, I have a couple of questions to know if I can help or not:
    You are saying that the function enters in the address 0x00424B1C, but in the next one it changes to a random address, in which line of the code happen that (if you got debbuger better)? or when it reaches the random address it jumps to the next one?
    What does SetJmp returns?
    Which OS are you using?

    PD: If you don't know anything about ASM you should be reading this:
    x86 - explanation about push ebp and pop ebp instruction in assembly - Stack Overflow
    yes it was change to the address randomly. I want to run the asm in the specific address where the same asm from the I see in ollydbg.

    my example


    00424B1C jmp 005DB4E0


    005DB4E0 /> \55 PUSH EBP
    005DB4E1 |. 8BEC MOV EBP,ESP
    005DB4E3 |. 56 PUSH ESI
    005DB4E4 |. FF75 0C PUSH DWORD PTR SS:[EBP+C]
    005DB4E7 |. B9 403E0801 MOV ECX,01083E40
    005DB4EC |. E8 38CCE3FF CALL 00418129
    005DB4F1 |. 8BF0 MOV ESI,EAX
    005DB4F3 |. 85F6 TEST ESI,ESI
    005DB4F5 |. 74 1E JE SHORT 005DB515
    005DB4F7 |. FF75 08 PUSH DWORD PTR SS:[EBP+8]
    005DB4FA |. 8BCE MOV ECX,ESI
    005DB4FC |. E8 D799E4FF CALL 00424ED8
    005DB501 |. 8B4D 10 MOV ECX,DWORD PTR SS:[EBP+10]
    005DB504 |. FF75 08 PUSH DWORD PTR SS:[EBP+8]
    005DB507 |. 8901 MOV DWORD PTR DS:[ECX],EAX
    005DB509 |. 8BCE MOV ECX,ESI
    005DB50B |. E8 EEA5E4FF CALL 00425AFE
    005DB510 |. 8B4D 14 MOV ECX,DWORD PTR SS:[EBP+14]
    005DB513 |. 8901 MOV DWORD PTR DS:[ECX],EAX
    005DB515 |> 5E POP ESI
    005DB516 |. 5D POP EBP
    005DB517 \. C2 1000 RETN 10
    I want to run the asm on the same offset. like this.
    Code:
    #include "StdAfx.h"
    
    void __declspec(naked) MyStuff() {
    	__asm {
    005DB4E0->		PUSH EBP
    005DB4E1->			MOV EBP, ESP
    005DB4E3 ->			MOV EAX, DWORD PTR SS : [EBP + 0x8]
    005DB4E7->			MOV EAX, DWORD PTR DS : [EAX]
    005DB4EC->			XOR EAX, ENCPACKET
    005DB4F1->			MOV DWORD PTR SS : [EBP + 0x8], EAX
    005DB4F3->			MOV AX, WORD PTR SS : [EBP + 0xA]
    005DB4F5->			POP EBP
    005DB4F7->			RETN 0x4
    	}
    }
    
    void SetStuff(){
    	SetJmp((LPVOID)0x00424B1C,  MyStuff);
    }

  12. #12
    Hardcore Member Scax is offline
    MemberRank
    May 2009 Join Date
    MexicoLocation
    108Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by kolipri View Post
    yes it was change to the address randomly. I want to run the asm in the specific address where the same asm from the I see in ollydbg.

    my example




    I want to run the asm on the same offset. like this.
    Code:
    #include "StdAfx.h"
    
    void __declspec(naked) MyStuff() {
    	__asm {
    005DB4E0->		PUSH EBP
    005DB4E1->			MOV EBP, ESP
    005DB4E3 ->			MOV EAX, DWORD PTR SS : [EBP + 0x8]
    005DB4E7->			MOV EAX, DWORD PTR DS : [EAX]
    005DB4EC->			XOR EAX, ENCPACKET
    005DB4F1->			MOV DWORD PTR SS : [EBP + 0x8], EAX
    005DB4F3->			MOV AX, WORD PTR SS : [EBP + 0xA]
    005DB4F5->			POP EBP
    005DB4F7->			RETN 0x4
    	}
    }
    
    void SetStuff(){
    	SetJmp((LPVOID)0x00424B1C,  MyStuff);
    }
    I understand that your purpose is to access this location 0x00424B1C and keep saving information with an 8-bit offset so the pointer will be increasing every time the loop executes?

    When you use SetJmp the function is expecting a jmp_buf variable, which librarie are you using for SetJmp?
    setjmp - C++ Reference

    What does SetJmp returns?

    In this part
    Code:
    MOV DWORD PTR SS : [EBP + 0x8], EAX
    MOV AX, WORD PTR SS : [EBP + 0xA]
    First you are assigning an 32-bit pointer and then you are using a 16-bit.

    Eat, sleep, rave, repeat.

  13. #13
    only asm, only hardcore! lastfun is offline
    DeveloperRank
    Apr 2012 Join Date
    RussiaLocation
    421Posts

    Re: Please Help run asm on specific address on c++

    addres 005DB4E0 in dll ?
    function that you want to hide
    what she does? (it is used by bots, i.e. inject)?
    if so, then just break the function of "jmp" or/and "jmp short"

    find space near the function and to transfer the important variables

  14. #14
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by Scax View Post
    I understand that your purpose is to access this location 0x00424B1C and keep saving information with an 8-bit offset so the pointer will be increasing every time the loop executes?

    When you use SetJmp the function is expecting a jmp_buf variable, which librarie are you using for SetJmp?
    setjmp - C++ Reference

    What does SetJmp returns?

    In this part
    Code:
    MOV DWORD PTR SS : [EBP + 0x8], EAX
    MOV AX, WORD PTR SS : [EBP + 0xA]
    First you are assigning an 32-bit pointer and then you are using a 16-bit.
    it was jmp to other address in memory but not in 005DB4E0. I want to jump the PUSH EBP in to 005DB4E0, MOV EBP, ESP into 005DB4E1, and so on!

  15. #15
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    please give me a sample about pointer and how do I apply this.




Page 1 of 2 12 LastLast

Advertisement