Page 1 of 1

Easier Code Injection

PostPosted: Sun Sep 30, 2007 5:02 am
by Turtle
This is one of my old tutorials, it's still useful though.


For easier code injection, read the following as an example, your code will probably be different:

MOV EAX, [EBX+00000304]

To always find what EAX is, just go into the disassembler of L.Spiro's program, and then right-click the pointer line in the code, in this case "MOV EAX,[EBX+00000304]", then click "inject code", and then in this example you would just type the following line of code to be injected:

MOV [9000400], EBX

Where, for example [9000400] is a storage address, an empty address that can be used to store the value of the register. Every process will probably have empty storage addresses available at different locations, they will have to be found.

The only line that you have to write in the code injector is the
MOV [9000400], EBX
The injector automatically finds a code cave, and adds all the required injection-loop-code. When all the code looks ready, you can go ahead and inject it.

Now to find out what EAX is, all you have to do is read the value at 9000400, and then add 304 to it. The value of EBX will always be written to 9000400.


L. Spiro's program: http://www.memoryhacking.com/

PostPosted: Wed Nov 21, 2007 9:20 am
by Turtle
Remember, don't actually use 9000400, I'm just using it here as an example.