| View previous topic :: View next topic |
| Author |
Message |
NoMercy
Master Cheater
![]() Reputation: 1
Joined: 09 Feb 2009
Posts: 289
|
 Posted: Sun Dec 19, 2010 7:14 am Post subject: Memory viewer |
 |
|
Hello,
I''m trying to make something as CE, at least the easy way. First I wanna do the memory view thing, I've created the byte array thing with address +10 all the time. But what is a good way to hex->Opcode.
I've got this now:
| Code: | void Dissasemble(wchar_t wBytes[3])
{
if(wBytes[0] == *_T("90"))
{
cout <<" nop"<<endl;
offset = 0;
}
if(wBytes[0] == *_T("0e"))
{
cout <<" push cs"<<endl;
offset = 0;
}
if(wBytes[0] == *_T("1f"))
{
cout <<" pop ds"<<endl;
offset = 0;
}
if(wBytes[0] == *_T("ba"))
{
cout <<" mov edx"<<endl;
offset = 0;
}
else
cout << endl;
}
BOOL StartRegion(DWORD Address)
{
//MEMORY_BASIC_INFORMATION mbi;
//VirtualQueryEx(hProc, (LPVOID)Address, &mbi, sizeof(MEMORY_BASIC_INFORMATION));
const SIZE_T size = 100;
BYTE buffer[size] = {0};
wchar_t wDump[50];
wchar_t wBytes[13];
ReadProcessMemory(hProc, (VOID*)Address, buffer, sizeof(buffer), NULL);
cout << "Address " << " Bytes " << "Opcode " << endl;
for( int j = 0; j < 10; j++)
{
SecureZeroMemory(wBytes, sizeof(wBytes));
StringCchPrintf(wDump, 3, L"%02X",buffer[j]);
StringCchCat(wBytes, 3, wDump);
wcout << " " << wBytes << endl;;
}
return 1;
} |
Is this a good way, and how should I do things like this?
My idea: All First hex things, assigning the good ofset (how long the opcode is, but sometimes its longer then else)...
|
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sun Dec 19, 2010 2:53 pm Post subject: |
|
|
There are projects that do similar to this idea which you can use:
http://hde32.narod.ru/
_________________
- Retired. |
|
| Back to top |
|
|
NoMercy
Master Cheater
![]() Reputation: 1
Joined: 09 Feb 2009
Posts: 289
|
| Posted: Sun Dec 19, 2010 5:03 pm Post subject: |
|
|
It goes for me about the learning.
Any ideas?
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25804
Location: The netherlands
|
| Posted: Sun Dec 19, 2010 9:45 pm Post subject: |
|
|
I recommend working with a switch statement, or even an array that contains the basis of all the instructions and use the first few bytes as index into that array
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
NoMercy
Master Cheater
![]() Reputation: 1
Joined: 09 Feb 2009
Posts: 289
|
| Posted: Tue Dec 21, 2010 9:55 am Post subject: |
|
|
| Would it be possible to make from CE's source a .dll and use that with return value address-bytes-opcode?
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25804
Location: The netherlands
|
| Posted: Tue Dec 21, 2010 2:40 pm Post subject: |
|
|
Yes, you can do that if you want to
You could also just try a free disassembler library like http://ragestorm.net/distorm/
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
