View previous topic :: View next topic |
Author |
Message |
The0neThe0nly Expert Cheater Reputation: 0
Joined: 08 Dec 2009 Posts: 119 Location: In a box
|
Posted: Thu Jul 17, 2014 2:04 am Post subject: Tracing question |
|
|
I have some assembly code that is ran by many threads constantly, and when I edit it a certain way it allows me to see through walls. I'm not sure why, but I'm sure I could learn more about why this is happening by seeing the call stack. When I edit it, not only does it let me see through walls, but it also tends to create other unintended side effects and crash. What is the best way to get the call stack? I can't use breakpoints because so many different things access the address I'm talking about which is probably why it is becoming buggy and crashing.
|
|
Back to top |
|
|
661089799107 Expert Cheater Reputation: 3
Joined: 25 Jan 2009 Posts: 186
|
Posted: Thu Jul 17, 2014 12:14 pm Post subject: |
|
|
I would do a code injection on that instruction, and then check the thread ID with GetCurrentThreadId.
Code: |
call GetCurrentThreadId
cmp eax, 0x0123
jne wrong_thread
|
Maybe wrong_thread would execute the original code before returning, otherwise jump straight back.
You may also be able to do it with a conditional breakpoint.
https://en.wikipedia.org/wiki/Win32_Thread_Information_Block
Read either FS:[0x28] (x86), or GS:[0x28] (x64) and check the thread id.
|
|
Back to top |
|
|
|