C++ mid-function hook: get register values and jump back [x86 assembly on windows] -

-

there int value in register ebp , string in ebx. need values these registers in own function, operations on them , jump code below.

ollydbg jmp start

i jmp @ 0x46aa17 function called jmphook.

 void jmphook()  {       char *mystring;       _asm mov mystring, ebx        printf("value: %s", mystring);        _asm       {           jmp       [0x46aa87]       }   }

as can see, trying move string @ ebx mystring , @ end jump 0x46aa87 located lines below jmp jmphook.

printf being called , mystring being output seems untidy in ollydbg. unable ebp it's being overwritten @ beginning of jmphook(saw in ollydbg). jmp @ end of jmphook not work: ollydbg error

so question how jump own function, save 2 registers there in variables , after operations jump original code.

thank you!

you can value of last ebp stack.

it first value pushed on stack when call function. if not mistaken @ [ebp].

as jump, can make instead of jumping hook, call it? after function returns code continue next address.

the reason getting error because never reach end of function. function contains prologue , epilogue, stack pointers saved , retrieved.

prologue:

push ebp mov  ebp, esp

epilogue:

pop ebp

since never reach end of function, pop not called, , stack corrupted.

the error getting jump because jumping location pointed memory in address 0x46aa87. wanted jump address, brackets unnecessary.


Comments

Post a Comment

Popular posts from this blog

C# random value from dictionary and tuple -

-
i have following code, , need random item contains string "region_1" dictionary. public static dictionary<int, tuple<string, int, currencytype>> itemarray = new dictionary<int, tuple<string, int, currencytype>>() { { 0xb3e, new tuple<string, int, currencytype>("region_1", 1500, currencytype.fame) } }; public static int generateitemid(string shopid) { var generateditem = itemarray.elementat(new random().next(0, itemarray.count)).key; } how select this? it's not possible efficiently... first create static random @ class level... prevent non-random behaviour if run query on short period of time... (it's seeded discrete clock) static random rnd = new random(); then: var item = itemarray.values .where(t => t.item1 == shopid) .orderby(_ => rnd.next()) .firstordefault()
Read more

cgi - How do I interpret URLs without extension as files rather than missing directories in nginx? -

-
so i'm trying install zoneminder , have run under nginx, has few compiled files need run using fast-cgi. these files lack extension. if file has extension, there no issue , nginx interprets file , return 404 if can't find it. if has no extension, assume it's directory , return 404 when can't find sort of index page. here have now: # security camera domain. server { listen 888; server_name mydomain.com; root /srv/http/zm; # enable php support. include php.conf; location / { index index.html index.htm index.php; } # enable cgi support. location ~ ^/cgi-bin/(.+)$ { alias /srv/cgi-bin/zm/; fastcgi_pass unix:/run/fcgiwrap.sock; fastcgi_param script_filename $document_root/$1; include fastcgi.conf; } } the idea is, under cgi-bin directory goes through fastcgi pipe. any idea on howi can fix this? upon closer inspection, realized zoneminder has 2 cgi sc...
Read more

.htaccess - htaccess convert request to clean url and add slash at the end of the url -

-
ok , searched more 4 days , more 20 posts here in stach or in websites without kind of success first here htaccess file rewriteengine on rewriterule ^([a-za-z0-9_]+)/?$ index.php?page=$1 [nc] rewriterule ^([a-za-z0-9_]+)\/([a-za-z0-9_]+)\/?$ index.php?page=$1&action=$2 [nc] i tried many codes 1 worked me can call request , works me www.example.com/pagename => www.example.com/index.php?page=pagename here questions , please provide me information "in detail" understand code well 1- how convert request automatically www.example.com/index.php?page=pagename www.example.com/pagename 2- if tried add slash @ end shows me page without images or styling mean www.example.com/pagename => works www.example.com/pagename/ => doesn't work that's :) for first part need 301 rule this: rewritecond %{the_request} /index\.php\?page=([^\s&]+) [nc] rewriterule ^ /%1? [r=301,l] for second part use absolute path in css, js, images files r...
Read more