In short, if you want to breakpoint a call and see/mess with the arguments:
1) launch MHS, attach the debugger to the program
2) open the disassembler (ctrl+d)
3) go to the exports TAB, select the module you want, in that module, select the call your interested in, right click, and set breakpoint)
4) run the program or trigger the Breakpoint (for whatever call you want to do)
5) When the breakpoint hits, you will be in 'singlestep mode', probably on a CALL NEAR XXXXX. Press F7 to trace into the call.
6) Single step about 3 instructions or so ( F7 or F8 ) until you reach the instruction after MOV EBP,ESP.
(This instruction (mov ebp,esp) makes a copy of the stack pointer, so that things can be pushed onto the stack, but we still have a valid pointer in ebp)
7) On the instruction after the MOV EBP,ESP set a new onexecute breakpoint. This breakpoint is the ideal one to use to see all the parameters pushed onto the stack. To see which parameters, refer to the win32.hlp file or any API help file you have, if it's not a WIN32 api call, you might be on your own to figure out the parameters. Anyway, all the parameters to this call WILL be on the stack. Either in plain form or in a pointer. (if you do create this second breakpoint and attach a script, you may want to switch off the initial breakpoint that does the single step, you don't need it right now, you can always breakpoint the call in the exports tab should you need it again.)
A simple example of what you can do is Shynd's 'void On_BP_27' example above. I for one did did all the above steps and used his script (void On_BP_27) on an irc client, and what do you know, I saw the raw HEX values for all the 'commands' and text that I send to the IRC server...
Shynd, L.Spiro, if I got anything wrong, don't hesitate to correct me.
And thanks for explaining me.. Pretty sure I got it now
Everybody that wants to know a bit more, check out the PC Assembler book by Paul A Carter, it's a free download. Check topic 4.3 The stack, 4.4 The CALL and RET instructions and 4.5 Calling conventions. This guy has a solid C background and explains the assembler behind it. It nicely explains how the stack is used to pass parameters to call's and so on..
Book is at the bottom of the page