C++ mid-function hook: get register values and jump back [x86 assembly on windows] -

-

there int value in register ebp , string in ebx. need values these registers in own function, operations on them , jump code below.

ollydbg jmp start

i jmp @ 0x46aa17 function called jmphook.

 void jmphook()  {       char *mystring;       _asm mov mystring, ebx        printf("value: %s", mystring);        _asm       {           jmp       [0x46aa87]       }   }

as can see, trying move string @ ebx mystring , @ end jump 0x46aa87 located lines below jmp jmphook.

printf being called , mystring being output seems untidy in ollydbg. unable ebp it's being overwritten @ beginning of jmphook(saw in ollydbg). jmp @ end of jmphook not work: ollydbg error

so question how jump own function, save 2 registers there in variables , after operations jump original code.

thank you!

you can value of last ebp stack.

it first value pushed on stack when call function. if not mistaken @ [ebp].

as jump, can make instead of jumping hook, call it? after function returns code continue next address.

the reason getting error because never reach end of function. function contains prologue , epilogue, stack pointers saved , retrieved.

prologue:

push ebp mov  ebp, esp

epilogue:

pop ebp

since never reach end of function, pop not called, , stack corrupted.

the error getting jump because jumping location pointed memory in address 0x46aa87. wanted jump address, brackets unnecessary.


Comments

Post a Comment

Popular posts from this blog

.htaccess - htaccess convert request to clean url and add slash at the end of the url -

-
ok , searched more 4 days , more 20 posts here in stach or in websites without kind of success first here htaccess file rewriteengine on rewriterule ^([a-za-z0-9_]+)/?$ index.php?page=$1 [nc] rewriterule ^([a-za-z0-9_]+)\/([a-za-z0-9_]+)\/?$ index.php?page=$1&action=$2 [nc] i tried many codes 1 worked me can call request , works me www.example.com/pagename => www.example.com/index.php?page=pagename here questions , please provide me information "in detail" understand code well 1- how convert request automatically www.example.com/index.php?page=pagename www.example.com/pagename 2- if tried add slash @ end shows me page without images or styling mean www.example.com/pagename => works www.example.com/pagename/ => doesn't work that's :) for first part need 301 rule this: rewritecond %{the_request} /index\.php\?page=([^\s&]+) [nc] rewriterule ^ /%1? [r=301,l] for second part use absolute path in css, js, images files r...
Read more

php - facebook and github login HWIOAuthBundle and FOSUserBundle in Symfony2.1 -

-
i have followed tutotial http://m2mdas.github.io/blog/2013/11/21/integrate-hwioauthbundle-with-fosuserbundle/ make github login work, seems working when clicked login land on github login page, , see 1 user registered on github application in github dashboard. not authencated in symfony. on symfony tool bar on bottom still says anonymous user, plus new row not added table fos_user. for facebook login, when click on generator login link facebook, gives me error "given url not permitted application configuration.: 1 or more of given urls not allowed app's settings. must match website url or canvas url, or domain must subdomain of 1 of app's domains." another doubt had in tutorial, in routing.yml says put, hwi_github_login: pattern: /secure_area/login/check-github as there no controller or resource specified, supposed put here controller action path or resource? config.yml fos_user: db_driver: orm # other valid values ...
Read more

hadoop - Sqoop installation export and import from postgresql -

-
i v'e installed sqoop , testing . tried export data hdfs postgresql using sqoop. when run it throws following exception : java.io.ioexception: can't export data, please check task tracker logs . think there may have been problem in installation. the file content : ustnu 45 mb1ba 0 gnbco 76 izp10 39 b2aoo 45 si7eg 93 5sc4k 60 2ihfv 2 u2a48 16 yvy6r 51 lnhsv 26 mz2yn 65 80gp3 43 wk5ag 85 vufyp 93 p077j 94 f1oj5 11 lxjkg 72 0h7np 99 dk406 25 g4krp 76 fw3u0 80 6ld59 1 07khx 91 f1s88 72 bnb0v 85 a2qm7 79 z6cat 81 0m3do 23 m0s09 44 kivwd 13 gnud0 78 um93a 20 19bhv 75 4of3s 75 5hfen 16 this posgres table: table "public.mysort" column | type | modifiers --------+---------+----------- name | text | marks | integer | the sqoop command is: sqoop export --connect jdbc:postgresql://localhost/testdb --username akshay --password akshay --table mysort -m 1 --export-dir mysort/input followed error: warning: /usr/lib/hcatalog not exist! hcatalog ...
Read more