Questions tagged [codecave]
20 questions
0
votes
2 answers
How to hook Native process whose export functions are not available?
I need to solve a reverse engineering problem of a native process.
I am having unmanaged .exe of having some controls on it ( e.g TextBox, Buttons, TextAreas, ComboBoxes). After filling all the data on controls User will press "Open".
Actually it…
Usman
- 2,742
- 4
- 44
- 82
0
votes
0 answers
call external dll in assembler (reverse engineer)
I have a exe file of a game that I like to add some implementation.
To do this I need to add a "jump" in assembler that execute a function from a external dll.
I need to add the jump inside the function:
int __cdecl sub_43AC70(char *a1, int a2)
{
…
user3449922
0
votes
5 answers
Injecting thread with codecave
By using 'codecave' technique to inject code into another process; is it possible to inject code to create a new thread (and also inject the code for the new thread) and let that thread execute parallel with the target process main thread?
I can…
0xb055
- 1
- 1
0
votes
2 answers
Does an Export table contain all entries of Win32 Exe functions?
I need to know all of a Win32 (PE File) functions or class methods contained inside its Export table. Where can I get this information? I understand every section of the PE file format but I don't know how to proceed.
Usman
- 2,742
- 4
- 44
- 82
-2
votes
1 answer
How can I inject 32-bit CodeCave into a 64-bit application?
How can I inject 32-bit CodeCave into a 64-bit application?
I've seen some implementations like this:
App.exe+CA5F6 - 4C 89 15 D37D5B01 - mov [App.exe+16823D0],r10
App.exe+CA5FD - E9 FE59CA82 - jmp 7FF748DA0000
App.exe+CA602 - 90 …
hex X
- 11
- 1