Memory Hacking Software

Discussions Regarding Memory Hacking Software
http://memoryhacking.com/forums/

[Question] : Breakpoint at packet send

http://memoryhacking.com/forums/viewtopic.php?f=5&t=405

Page 2 of 2

PostPosted: Tue Nov 27, 2007 9:42 pm
by mezzo
fabsyi wrote:This is actually the eip of the instruction following the call, it is pushed onto the stack automatically as part of the 'call' instruction.

Yes, that's the one :-) I knew what it did, just couldn't think of the correct name for the Instruction Pöinter, lol

I've installed WinAsm studio, to brush up on my assembler..
Long gone are the days that I used inline assembler in turbo pascal to make DOS protected mode grafix faster :P
Since I spend my days in unix, with more shellscripts and perl code then I care for, I keep forgetting dumb things that I used to know.
At home, my 24 inch is always filled with win32.hlp, mhs_help.chm, pcasm-book.pdf, ARteam's win32 assembly tut, MHS and whatever program I'm currently (ab)using.

I have so much to learn :)

PostPosted: Wed Nov 28, 2007 2:11 am
by Shynd
You can, of course, just breakpoint the function and use ESP instead of EBP, but be careful when doing so. Also, the first parameter is ESP+0x4 instead of +0x8, because EBP hasn't been pushed onto the stack yet.
All times are UTC + 7 hours
Page 2 of 2
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/