maxjojo
Master Cheater
 Reputation: 0
Joined: 05 Nov 2007
Posts: 459
Location: Taiwan
|
 Posted: Sun May 18, 2008 12:29 am Post subject: [Help] How to change register in vb6? |
 |
|
after I could readProcessMemory & writeProcessMemory, I try to changeRegister on breakPoint, the call return true but actually didn't work.
here is my Declare :
| Code: |
Public Declare Function ChangeRegOnBP Lib "IlvMoney.dll" (ByVal Processid As Long, ByVal address As Long, ByVal debugreg As Integer, ByVal changeEAX As Boolean, ByVal changeEBX As Boolean, ByVal changeECX As Boolean, ByVal changeEDX As Boolean, ByVal changeESI As Boolean, ByVal changeEDI As Boolean, ByVal changeEBP As Boolean, ByVal changeESP As Boolean, ByVal changeEIP As Boolean, ByVal changeCF As Boolean, ByVal changePF As Boolean, ByVal changeAF As Boolean, ByVal changeZF As Boolean, ByVal changeSF As Boolean, ByVal changeOF As Boolean, ByVal newEAX As Long, ByVal newEBX As Long, ByVal newECX As Long, ByVal newEDX As Long, ByVal newESI As Long, ByVal newEDI As Long, ByVal newEBP As Long, ByVal newESP As Long, ByVal newEIP As Long, ByVal newCF As Boolean, ByVal newPF As Boolean, ByVal newAF As Boolean, ByVal newZF As Boolean, ByVal newSF As Boolean, ByVal newOF As Boolean) As Boolean
Public Declare Function DebugProcess Lib "IlvMoney.dll" (ByVal Processid As Long, ByVal address As Long, ByVal size As Byte, ByVal debugtype As Byte) As Boolean
|
here is my code:
| Code: |
'// try to change register on breakpoint
'// declear in delphi:
'type TDebugProcess=function(processid:dword;address:DWORD;size: byte;debugtype:byte):BOOL; stdcall;
Dim Processid As Long
Dim address As Long
Dim size As Byte
Dim debugtype As Byte
Dim ret As Boolean
'Processid = hProcessHandle
Processid = hProcessID
address = &H00401c77
size = 1
debugtype = 3
ret = DebugProcess(Processid, address, size, debugtype)
MsgBox ret
'// declear in delphi:
'type TRetrieveDebugData=function(Buffer: pointer):integer; stdcall;
'// declear in delphi:
' type TChangeRegOnBP=function(
' Processid:dword;
' address: dword;
' debugreg: integer;
' changeEAX,changeEBX,changeECX,changeEDX,changeESI,changeEDI,changeEBP,changeESP,changeEIP,changeCF,changePF,changeAF,changeZF,changeSF,changeOF:BOOLEAN;
' newEAX,newEBX,newECX,newEDX,newESI,newEDI,newEBP,newESP,newEIP:DWORD;
' newCF,newPF,newAF,newZF,newSF,newOF:BOOLEAN):BOOLEAN; stdcall;
Dim debugreg As Integer
Dim changeEAX, changeEBX, changeECX, changeEDX, changeESI, changeEDI, changeEBP, changeESP, changeEIP, changeCF, changePF, changeAF, changeZF, changeSF, changeOF As Boolean
Dim newEAX, newEBX, newECX, newEDX, newESI, newEDI, newEBP, newESP, newEIP As Long
Dim newCF, newPF, newAF, newZF, newSF, newOF As Boolean
address = &H00401c77
debugreg = 0
changeEIP = True
newEIP = &H00401c7
ret = ChangeRegOnBP(Processid, address, debugreg, changeEAX, changeEBX, changeECX, changeEDX, changeESI, changeEDI, changeEBP, changeESP, changeEIP, changeCF, changePF, changeAF, changeZF, changeSF, changeOF, newEAX, newEBX, newECX, newEDX, newESI, newEDI, newEBP, newESP, newEIP, newCF, newPF, newAF, newZF, newSF, newOF)
MsgBox ret
|
I want to set newEIP in address 00401c77, to jmp address 00401c7A.
_________________
Max ^_^)y |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
