Hi there
first off , i just registered and want to say hello to everybody.
But right on to my problem !
I am fairly new to win32 assembly and i have now made an attempt to implement masta's tutorial about patching
(can be found at http://win32assembly.online.fr/w32_01.txt).
I have altered some stuff and basicly it does the job. But what bothers me is a messed up MessageBox , and i just don't know why it won't work
Link to a picture : http://img156.imageshack.us/img156/2967/msgboxyw9.jpg
If it doesn't jump to the success message (if sequence is not found) which is messed up, i get another MsgBox without caption or text - so my other MsgBox doesn't work either. However, the "welcome" message is as it should be
my source :
would be nice if you could point me to a solution
thank you very much !
f0dder edit: added code tags.
first off , i just registered and want to say hello to everybody.
But right on to my problem !
I am fairly new to win32 assembly and i have now made an attempt to implement masta's tutorial about patching
(can be found at http://win32assembly.online.fr/w32_01.txt).
I have altered some stuff and basicly it does the job. But what bothers me is a messed up MessageBox , and i just don't know why it won't work
Link to a picture : http://img156.imageshack.us/img156/2967/msgboxyw9.jpg
If it doesn't jump to the success message (if sequence is not found) which is messed up, i get another MsgBox without caption or text - so my other MsgBox doesn't work either. However, the "welcome" message is as it should be
my source :
.386
.model flat, stdcall
option casemap : none
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
inv equ invoke
.data
;----------------------------------
datei db "hallowelt.exe" ,0
ersetze db "Test"
ersetzemit db "XXXX"
len equ $-ersetzemit
fHandle DWORD 0
fSize DWORD 0
ofstruct OFSTRUCT <>
fpoffset dd ?
memptr dd ?
bread dd ?
bwritten dd ?
;----------------------------------
tintro db "Press OK to patch" ,0
cintro db "Patcher 0.1", 0
cnix db "Nichts gefunden" ,0
cerror db "Error" ,0
terfolg db "Patch done",0
cerfolg db "Erfolg" ,0
;----------------------------------
.code
start :
inv MessageBox , NULL, addr tintro, addr cintro, MB_OK
inv OpenFile , addr datei , addr ofstruct, OF_READWRITE
mov fHandle, eax
inv GetFileSize , fHandle, NULL
mov fSize, eax
inv GlobalAlloc , NULL, fSize
mov memptr, eax
inv ReadFile , fHandle, addr memptr, fSize, addr bread, NULL
mov edi, offset memptr
mov ecx, fSize
mov esi, offset ersetze
mov al, byte ptr
loop_:
repnz scasb
cmp ecx, 0
je nichts_gefunden_
push ecx
push edi
push esi
dec edi
mov ecx, len
repz cmpsb
cmp ecx, 0
je patch_
pop esi
pop edi
pop ecx
jmp loop_
patch_:
pop esi
pop edi
pop ecx
dec edi
inc ecx
mov eax, fSize
sub eax, ecx
mov fpoffset, eax
inv SetFilePointer , fHandle, fpoffset, NULL, FILE_BEGIN
inv WriteFile , fHandle, addr ersetzemit, len, addr bwritten, NULL
jmp erfolg_
nichts_gefunden_:
inv MessageBox , NULL, addr cnix, addr cerror, MB_OK
jmp ende_
erfolg_:
inv MessageBox , NULL, addr terfolg, addr cerfolg, MB_OK
jmp ende_
ende_:
inv GlobalFree , memptr
inv CloseHandle , fHandle
inv ExitProcess , NULL
end start
would be nice if you could point me to a solution
thank you very much !
f0dder edit: added code tags.
Works fine for me. I copy pasted it as is.
Hi,
thank you for your effort 8) .
I have tried the same now, and modified my source so it would read/write a TXT file and built it again. Now the messageboxes are just fine ... so it means I am doing something wrong when accessing the executable file ?
(hallowelt.exe is just a generic "hello world" program I used as target).
What am I doing wrong ?
thx !
thank you for your effort 8) .
I have tried the same now, and modified my source so it would read/write a TXT file and built it again. Now the messageboxes are just fine ... so it means I am doing something wrong when accessing the executable file ?
(hallowelt.exe is just a generic "hello world" program I used as target).
What am I doing wrong ?
thx !
inv ReadFile , fHandle, addr memptr, fSize, addr bread, NULL
- you're overwriting memptr and onwards, not the memory it's pointing to. So for files > 4 bytes, you end up overwriting bread, bwritten, et cetera. Drop the addr and it should work.
Also, while "patching" by itself is perfectly fine etc., do keep in mind that we don't want cracking and related stuff here, and patching exe files is one of those pretty gray areas... Just a friendly reminder :)
Thank you for your reply, I found my mistake !
I didn't read carefully that GlobalAlloc already returns a pointer to a memory region.
(However, theres another error in my code right below the line you pointed out :
It then must be
mov edi, memptr)
As far as patching exe's is concerned, I just thought it was a nice tutorial and its a bit more entertaining than modifying a simple text file ;)
But I now have read the Community rules and I will comply.
I didn't read carefully that GlobalAlloc already returns a pointer to a memory region.
(However, theres another error in my code right below the line you pointed out :
It then must be
mov edi, memptr)
As far as patching exe's is concerned, I just thought it was a nice tutorial and its a bit more entertaining than modifying a simple text file ;)
But I now have read the Community rules and I will comply.