Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Int3 Handler

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
xentar
Grandmaster Cheater
Reputation: 0

Joined: 08 Jul 2006
Posts: 708
Location: USA, Mass
PostPosted: Wed Feb 14, 2007 8:35 pm    Post subject: Int3 Handler Reply with quote
Hi Dark Byte,

I am stuck with a problem, hope you can help me out.

What I am trying to do is be able to probe a running process for the value of it registers. So what I did was hook the IDT for interrupt 3, then overwrite an opcode of the running process with int3.

The simplest test case to check the handler is, I wrote a test application with the instructions int3 part of it, so whenever int3 is executed my handler is called I DbgPrint all the registers then return back to the running application so it can continue running.

If I have to overwrite the opcode of the running process with int3, that mean I have to preserve the original instructions. This is where I am not sure what to do.

By the looks of things, it seems I have to make a copy of the original instructions ( the complete instructions? or just the overwritten byte?).

How do I execute the overwritten instructions? Is the interrupt handler executing the original instruction?

Does it matter which instructions is overwritten? I assumed instructions that make use of the stack or jump to and address will be much more complicate. if the handler is the one that will execute the original instructions, at the handler code, I am not sure how to calculate the jump address, if instructions that make use of stack, the stack probably have changed.

Thanks you,
_________________
People encountered at CEF.

* I don't care if he wrote the code, I say it is open source then it is open source.
* I don't care if it is his trainer, if I say he can't have that hack in there, then he can't.
* Appalsap, your trainer is L337
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites