[sdiy] My latest project
cheater cheater
cheater00 at gmail.com
Wed Feb 17 23:11:15 CET 2010
Dereferencing pointers is different from modifying the code in that it
frees up your stack/registers.
Dereferencing pointers:
0000A0BF: jmp *%ecx
to change which function you execute you change ecx
Modifying code with jmps:
0000A0BF: jmp 0x0000BD00
to change which function you execute you write to the place in memory
that holds the number 0x0000BD00
Modifying code with function copying:
0000A0BF: nop
...
0000D0BF: nop
to change which function you execute you write the function code to
the place in memory that holds the nop's.
D.
On Wed, Feb 17, 2010 at 22:48, John Mahoney <jmahoney at gate.net> wrote:
> At 04:12 PM 2/17/2010, cheater cheater wrote:
>>
>> ...
>> Or you could use jumps to set up your execution path correctly (but
>> this would also take self modifying code).
>
> I think Tom covered that second case when he wrote "Some of these are easily
> modified into a pointer..."
>
> John
>
> _______________________________________________
> Synth-diy mailing list
> Synth-diy at dropmix.xs4all.nl
> http://dropmix.xs4all.nl/mailman/listinfo/synth-diy
>
More information about the Synth-diy
mailing list