用c ++&修改静态地址的寄存器。部件 [英] Modify registers of a static address with c++ & assembly
问题描述
您好,
我想知道是否可以从c ++或asm修改地址的寄存器。
我有一个静态地址....: 44AFE2E4和ECX = 00000002。我怎样才能修改这个ECX?
任何想法,链接,文档将不胜感激。
谢谢,
编辑:
我想我没有正确询问。我有一场比赛。我正在使用Cheat Engine来查找修改值的地址。在这个地址base.dll + 22E2D8(静态),从CE,我可以编辑寄存器。更改ECX的值,这就是我所需要的。
我已经有了CreateToolhelp32Snapshot功能获取那个base.dll的基地址,缺少的是不使用CE来更改ECX值的功能。
用c ++和inline asm尝试了几个代码,但没有成功。
我是新手,不太懂汇编语言正在做什么。
谢谢你,对不起具体而感到抱歉。
编辑2:
44A94AB7 - 89 8F 64030000 - mov [edi + 00000364],ecx<<
EAX = 58BD5794
EBX = 05F5E5DB
ECX = 00000001 --->这个值我可以用CE修改。
EDX = 0012D7C0
ESI = 06DAC7DD
EDI = 3ABE6000
ESP = 0012D870
EBP = 00000000
无论如何,我现在看到CE在修改任何内容之前打开了VEH调试器。这意味着我需要一个函数来做到这一点,不仅仅是几行asm(mov ecx,00000002)。
Hello,
I want to know if it's possible to modify the registers of an address from c++ or asm.
I have a static address ....: "44AFE2E4 and ECX = 00000002". How can i modify only this ECX ?
Any idea,link,documentation will be much appreciated.
Thank you,
edit:
I think i didn't asked correctly. I have a game. I'm using Cheat Engine to find an address to modify a value. At this address "base.dll+22E2D8"(static), from CE, i can edit the registers.Changing the value of ECX it's all i need.
I already have the function "CreateToolhelp32Snapshot" to get the base address of that "base.dll", and what is missing is the function to change the ECX value without using CE.
Tried few codes with c++ and inline asm, but no success.
I am novice and don't really understand what Assembly language is doing.
Thank you and sorry for not being specific.
edit 2:
44A94AB7 - 89 8F 64030000 - mov [edi+00000364],ecx <<
EAX=58BD5794
EBX=05F5E5DB
ECX=00000001 ---> this value i can modify using CE.
EDX=0012D7C0
ESI=06DAC7DD
EDI=3ABE6000
ESP=0012D870
EBP=00000000
Anyway, i saw now that CE is opening the VEH debugger before modifying anything. This means that i need a function to do that, not only just few lines of asm (mov ecx,00000002).
推荐答案
我怀疑你想要在执行流程达到地址44AFE2E4时修改ECX寄存器。
你可以这样做结构化/矢量化异常处理和利用硬件断点(设置DR0-DR3寄存器)。
这是一个例子:
http://www.codereversing.com/blog/?p=76 [ ^ ]
祝福,
-David Delaune
Hi,
I suspect that you want to modify the ECX register when the execution flow has reached address 44AFE2E4.
You can do this with structured/vectored exception handling and utilizing hardware breakpoints (setting DR0-DR3 registers).
Here is an example:
http://www.codereversing.com/blog/?p=76[^]
Best Wishes,
-David Delaune
MOV EAX,[44AFE2E4]
MOV BYTE PTR [EAX] = < new value =>
类似ECX中的0x00002值。
查看此链接
http://en.wikibooks.org/wiki/X86_Disassembly/Variables [ ^ ]
MOV EAX, [44AFE2E4]
MOV BYTE PTR [EAX] = <new value="">
Similar is the case for 0x00002 value in ECX.
Check this link also
http://en.wikibooks.org/wiki/X86_Disassembly/Variables[^]
这篇关于用c ++&修改静态地址的寄存器。部件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
