Please Help run asm on specific address on c++

Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20
  1. #16
    only asm, only hardcore! lastfun is offline
    DeveloperRank
    Apr 2012 Join Date
    RussiaLocation
    422Posts

    Re: Please Help run asm on specific address on c++


    RaGEZONE Recommends

    RaGEZONE Recommends

    upload client something (link for pm me), and tell me what you want to hide, and give me work bot for this version client)))
    i try help u (patch binary)

  2. #17
    LiveGuard Software Ltd Mecanik is offline
    Indigo SubscriberRank
    Jan 2012 Join Date
    404 Not FoundLocation
    356Posts

    Re: Please Help run asm on specific address on c++

    I understand that you want to HIDE an address ? You can do this during runtime, but it will still be visible with a debugger...

    Let`s say you want to replace address: 0x004A8316

    Code:
    #define REPLACE_MEMORY 0x004A8316
    
    Naked(ReplaceMemory)
    {
    	_asm
    	{
    		MOV EAX, DWORD PTR DS : [ECX + 0x04]
    
    		MOVZX EAX, BYTE PTR DS : [EAX + 0x02]
    
    		XOR EAX, 0x35
    
    		MOV DWORD PTR DS : [ECX + 0x0C], 0x03
    
    		jmp REPLACE_MEMORY
    	}
    }
    In order for the replace to work you need 0x004A8305 and 0x004A830A ( this you need to set according to your .exe )

    Code:
    	
    Set_Hook(reinterpret_cast<LPVOID>(0x004A8305), reinterpret_cast<LPVOID>(ReplaceMemory), 0xE9);
    SetMultiByte(reinterpret_cast<PVOID>(0x004A830A), 12, 0x90);
    Enjoy!

  3. #18
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by Mecanik View Post
    I understand that you want to HIDE an address ? You can do this during runtime, but it will still be visible with a debugger...

    Let`s say you want to replace address: 0x004A8316

    Code:
    #define REPLACE_MEMORY 0x004A8316
    
    Naked(ReplaceMemory)
    {
    	_asm
    	{
    		MOV EAX, DWORD PTR DS : [ECX + 0x04]
    
    		MOVZX EAX, BYTE PTR DS : [EAX + 0x02]
    
    		XOR EAX, 0x35
    
    		MOV DWORD PTR DS : [ECX + 0x0C], 0x03
    
    		jmp REPLACE_MEMORY
    	}
    }
    In order for the replace to work you need 0x004A8305 and 0x004A830A ( this you need to set according to your .exe )

    Code:
    	
    Set_Hook(reinterpret_cast<LPVOID>(0x004A8305), reinterpret_cast<LPVOID>(ReplaceMemory), 0xE9);
    SetMultiByte(reinterpret_cast<PVOID>(0x004A830A), 12, 0x90);
    Enjoy!
    thank you so much I will try it!
    cant find the function of Set_Hook and SetMultiByte.

  4. #19
    LiveGuard Software Ltd Mecanik is offline
    Indigo SubscriberRank
    Jan 2012 Join Date
    404 Not FoundLocation
    356Posts

    Re: Please Help run asm on specific address on c++

    Code:
    #define HOOK_SIZE 5
    
    void Set_Hook(LPVOID lpOffset, LPVOID lpFunction, BYTE Type)
    {
    	BYTE TypeMemory[5] = { 0 };
    
    	DWORD dwMemPacthed = 0;
    
    	SIZE_T MemorySize = 0;
    
    	DWORD dwOldProtect = 0;
    
    	SIZE_T VirtualSize = 0;
    
    	dwMemPacthed = reinterpret_cast<DWORD&>(lpFunction)-reinterpret_cast<DWORD&>(lpOffset)-HOOK_SIZE;
    
    	TypeMemory[0] = Type;
    
    	MemorySize = sizeof(dwMemPacthed);
    
    	memcpy(reinterpret_cast<LPVOID>(&TypeMemory[1]), reinterpret_cast<LPVOID>(&dwMemPacthed), MemorySize);
    
    	VirtualSize = sizeof(TypeMemory);
    
    	if (VirtualProtect(lpOffset, VirtualSize, PAGE_EXECUTE_READWRITE, &dwOldProtect) != 0)
    	{
    		memcpy(reinterpret_cast<void*>(lpOffset), reinterpret_cast<const void*>(TypeMemory), VirtualSize);
    	}
    }
    
    void SetMultiByte(LPVOID dwAddress, USHORT wCount, BYTE btValue)
    {
    	BYTE * lpBuf = 0;
    
    	DWORD dwOldProtect = 0;
    
    	lpBuf = new BYTE[wCount];
    
    	memset(reinterpret_cast<void*>(lpBuf), reinterpret_cast<int&>(btValue), reinterpret_cast<SIZE_T&>(wCount));
    
    	if (VirtualProtect(dwAddress, reinterpret_cast<SIZE_T&>(wCount), PAGE_EXECUTE_READWRITE, &dwOldProtect) != 0)
    	{
    		memcpy(reinterpret_cast<void*>(dwAddress), reinterpret_cast<LPVOID>(lpBuf), reinterpret_cast<SIZE_T&>(wCount));
    	}
    }
    I repeat, this will not help you much :)

  5. #20
    Account Upgraded | Title Enabled! kolipri is offline
    True MemberRank
    Apr 2010 Join Date
    PHLocation
    296Posts

    Re: Please Help run asm on specific address on c++

    Quote Originally Posted by Mecanik View Post
    Code:
    #define HOOK_SIZE 5
    
    void Set_Hook(LPVOID lpOffset, LPVOID lpFunction, BYTE Type)
    {
    	BYTE TypeMemory[5] = { 0 };
    
    	DWORD dwMemPacthed = 0;
    
    	SIZE_T MemorySize = 0;
    
    	DWORD dwOldProtect = 0;
    
    	SIZE_T VirtualSize = 0;
    
    	dwMemPacthed = reinterpret_cast<DWORD&>(lpFunction)-reinterpret_cast<DWORD&>(lpOffset)-HOOK_SIZE;
    
    	TypeMemory[0] = Type;
    
    	MemorySize = sizeof(dwMemPacthed);
    
    	memcpy(reinterpret_cast<LPVOID>(&TypeMemory[1]), reinterpret_cast<LPVOID>(&dwMemPacthed), MemorySize);
    
    	VirtualSize = sizeof(TypeMemory);
    
    	if (VirtualProtect(lpOffset, VirtualSize, PAGE_EXECUTE_READWRITE, &dwOldProtect) != 0)
    	{
    		memcpy(reinterpret_cast<void*>(lpOffset), reinterpret_cast<const void*>(TypeMemory), VirtualSize);
    	}
    }
    
    void SetMultiByte(LPVOID dwAddress, USHORT wCount, BYTE btValue)
    {
    	BYTE * lpBuf = 0;
    
    	DWORD dwOldProtect = 0;
    
    	lpBuf = new BYTE[wCount];
    
    	memset(reinterpret_cast<void*>(lpBuf), reinterpret_cast<int&>(btValue), reinterpret_cast<SIZE_T&>(wCount));
    
    	if (VirtualProtect(dwAddress, reinterpret_cast<SIZE_T&>(wCount), PAGE_EXECUTE_READWRITE, &dwOldProtect) != 0)
    	{
    		memcpy(reinterpret_cast<void*>(dwAddress), reinterpret_cast<LPVOID>(lpBuf), reinterpret_cast<SIZE_T&>(wCount));
    	}
    }
    I repeat, this will not help you much :)
    thank you so much,

    - - - Updated - - -

    Quote Originally Posted by kolipri View Post
    thank you so much,
    it was jump to far away address JMP 0F2F6BC0 and error when I packed the exe using themida.




Page 2 of 2 FirstFirst 12

Advertisement