Joined: 15 Jun 2021 Posts: 4 Location: Cake Base Zero
Posted: Thu Mar 24, 2022 3:04 pm Post subject: Record value of register before opcode execution?
Hello, I was doing tutorial step 8 on Multilevel Pointers and ran into a few problems, but I think I learned something.
I did manage to solve it and find all the pointer levels, but it was at first matve not the most optimal way I did it. The tutorial kept overwriting the register for example like MOV ESI,[ESI]. To find out the value of ESI before the opcode was executed I put breakpoint and the tutorial program got paused and I could read the value of ESI before it was overwritten.
Unfortunately the tutorial crashed sometimes when it got paused by the breakpoint, but I ultimately succeeded in getting all the pointers this way. Im not sure if the program crash happens intentionally to teach me a lesson about using breakpoints or if it was truly just coincidences. In any case I did learn such lesson
Anyway all this made me think that it would be great if you could make a "breakpoint" that do not pause the execution of the program but instead just recorded the value of the registers so you could just read them afterwards. Thus preventing program crash due to a breakpoint pausing the program?
Maybe such feature already exists and Im just ignorant of it? If so I apologize.
But then a bit later I think I learned an easier solution than using breakpoint (and therefore idk if that would make above suggested feature redundant?) When I search what access an address, for example what access 01BF4341, and I get for example MOV ESI,[ESI+0C] I can reason that since address 01BF4341 was accessed then [ESI+0C] must have pointed to that address and so then ESI+0C == 01BF4341. Hence ESI == 01BF4341-0C == 01BF4335.
Any thoughts on this, improvement or points it would be appreciated.
Joined: 15 Jun 2021 Posts: 4 Location: Cake Base Zero
Posted: Fri Mar 25, 2022 3:41 am Post subject:
ParkourPenguin wrote:
The pointer scanner is also a thing that exists. Use multiple pointermaps as demonstrated here:
Thanks! That's a great tutorial and really seems like the best way to get pointers; it is still nice to know the "manual" ways though for understanding what goes on.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum