Page 1 of 1
How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:23 pm
by exloserr
in case of mov [ebx+10],esi it's simple to create a hook by doing
mov [testhook],ebx but....
mov [testhook],[esi+ebx*04] doesn't work.
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:28 pm
by Bloodybone
exassasinx wrote: ↑Fri Oct 19, 2018 6:23 pm
in case of mov [ebx+10],esi it's simple to create a hook by doing
mov [testhook],ebx but....
mov [testhook],[esi+ebx*04] doesn't work.
What should work would be :
Code: Select all
push eax
lea eax,[esi+ebx*04]
mov [testhook],eax
pop eax
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:29 pm
by exloserr
well eax is used
original code is
mov [esi+ebx*04-18],eax
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:30 pm
by Bloodybone
exassasinx wrote: ↑Fri Oct 19, 2018 6:29 pm
well eax is used
original code is
mov [esi+ebx*04-18],eax
then use for example edx
or any other register that isn't used in the script and isn't eip,ebp or esp
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:31 pm
by exloserr
how to know which stack/register isn't used...is it in black on toggled breakpoint?
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:32 pm
by exloserr
everything is red except edx
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:33 pm
by Bloodybone
exassasinx wrote: ↑Fri Oct 19, 2018 6:31 pm
how to know which stack/register isn't used...is it in black on toggled breakpoint?
As long as it isn't used in the script you're ok. As long as you push and pop it
Re: How To Create Hook For Shit Like [esi+ebx*04-18]
Posted: Fri Oct 19, 2018 6:59 pm
by STN
Learn assembly language then you will know what to use and not.