Is it possible?

Need Help With an Existing Feature in Memory Hacking Software? Ask Here

Moderators: g3nuin3, SpeedWing, WhiteHat, mezzo

Is it possible?

Postby lord_meshadieme » Mon Apr 23, 2007 12:17 am

Hi,
Im not much of a Pro in Memory related hacks but i know what i need to do.
Is it possible in the current version to do, for example: wait for the process to write a certain value in the memory then stop it from doing it then replace the value with one of your choice, because what i need is a temporary value which is overwritten right after because its not needed by the process. In general a String is written then encrypted. i need to change it before it is encrypted.
If this is possible with any tool then id like to know if not then this would be a useful feature in a later version.
Thank you.
lord_meshadieme
I Have A Few Questions
 
Posts: 5
Joined: Mon Apr 23, 2007 12:10 am

Postby L. Spiro » Mon Apr 23, 2007 12:36 am

It can be done with MHS (do not use MemHack.exe, use MHS.exe).

You would typically use injection and inject code after the write to overwrite what was there before, before the process can use the string.

Ctrl-D to load the Disassembler.
Ctrl-G to go to the code you want to change.
Right-click the address and select Inject Code.

Write code to change the string to whatever you want. Done.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby lord_meshadieme » Mon Apr 23, 2007 1:11 am

hmm which one is MHS.exe
the Demo's? or am i missing something.
sorry =s
lord_meshadieme
I Have A Few Questions
 
Posts: 5
Joined: Mon Apr 23, 2007 12:10 am

Postby L. Spiro » Mon Apr 23, 2007 10:17 am

The demos.
Demo #24 is the latest.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Is it possible?

Postby lord_meshadieme » Tue Apr 24, 2007 7:03 am

sorry i think i see where u misunderstood me
lord_meshadieme wrote:for example: wait for the process to write a certain value in the memory then stop it from doing it then replace the value with one of your choice,


what i meant was wait for it to write a certain string in memory not a memory address. and i havent got much into assembly language to understand that much opcodes.

If anyone is willing to help me hack this i would be grateful, just PM me.
lord_meshadieme
I Have A Few Questions
 
Posts: 5
Joined: Mon Apr 23, 2007 12:10 am

Postby L. Spiro » Tue Apr 24, 2007 9:48 am

for example: wait for the process to write a certain value in the memory then stop it from doing it then replace the value with one of your choice,

How is this different from allowing it to write the string, then changing the string at the location where it was written?


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Postby lord_meshadieme » Tue Apr 24, 2007 5:07 pm

ok in simple terms

Ctrl-G to go to the code you want to change.


i dont know 'where' that is.
lord_meshadieme
I Have A Few Questions
 
Posts: 5
Joined: Mon Apr 23, 2007 12:10 am

Postby L. Spiro » Tue Apr 24, 2007 6:06 pm

In simple terms, you will need to find it.
Probably by setting read/write/access breakpoints on the location where it will be written.


If the string being encrypted is input to a different location you need to follow the code from the point where the string is input each time.
In other words, from the dialog where you input the string (if applicable).
If it is some other method, you have many alternatives, and you will have to decide how to find the string.

If you are completely lost, explain the situation and I can explain how to find it.
If you know how to find it but you feel that my software is not properly equipped to find it, explain why and then I will tell you to look at Script Searches.

Find the location where it is written is the first step.
Then you can easily find the code from there and modify as needed to change the string before it is used in the encryption routine.


L. Spiro
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan


Return to Help

Who is online

Users browsing this forum: No registered users and 0 guests