Don't know the name of this, or if there is one. I was messing around with the latest PB to prepare for COD6 and some E9 jump bans really annoyed me.
I used some writememory byte injection not to write a cave, but write a cave builder in an external dll. The dll I created purely for cave space although to capitalise you may want to combine your hack with this extra dll.

Anywayz for tutorial purposes Ill do a EB (short cave) in notepad. Im only jumping 4 addresses so a 4 byte hack (inc. NOP).


EB (addie) 90 90

and too write this from another file which is the basic plan.


00194BBC . 8D85 DCFDFFFF LEA EAX,DWORD PTR SS:[EBP-224] ; |
00194BC2 . 50 PUSH EAX ; |Arg4
00194BC3 . FF35 48A21900 PUSH DWORD PTR DS:[19A248] ; |Arg3 = 00000008

is replaced with the dump

8D85EBDCFFFF9090

You could also create a whole hack loaded in virtual memory using this technique.
If you want to try this but don't fully understand the asm dump then pm me and ill send you the straight asm, however because the detour bottles on itself, its kind of my little thing which i want to play with on my own for a while. Im sure sinner released something similar anyway. Binary mod ftw

NOTE


Don't moan at me saying I havnt provided you with enough information, its notepad.exe and the addresses of modification are listed. Figure out yourself, im not going to give you a dump that you can just throw into your VB module lol. GL

what r u exactly trying to do here if u dunt mind meh askzzingg

what r u exactly trying to do here if u dunt mind meh askzzingg
Inject bytes through an zombie dll

Thnks actually i just learnt something from this, not the purpose but i thought of something else :P

To trip PB purpously?

Sorry for the bump if this happens to be a stupid comment (as I haven't touched ASM for a while), but I want to try to comprehend this:

Basically you are:
1) You are using another dll/external .dll for free space for codecaving
2) You are jumping the address to a new codecave in the .dll through the amount of bytes (example being 2 bytes (w/o nop)).
Jump -> Address -> Fix alignment with nop
3) and than simply writing the syntax into to use the freespace for codecave.


Correct me if I'm wrong (which I'm sure I am as PB isn't my speciality) but PB checks for external codecaves?

Don't know the name of this, or if there is one. I was messing around with the latest PB to prepare for COD6 and some E9 jump bans really annoyed me.
I used some writememory byte injection not to write a cave, but write a cave builder in an external dll. The dll I created purely for cave space although to capitalise you may want to combine your hack with this extra dll.

Anywayz for tutorial purposes Ill do a EB (short cave) in notepad. Im only jumping 4 addresses so a 4 byte hack (inc. NOP).


EB (addie) 90 90

and too write this from another file which is the basic plan.


00194BBC . 8D85 DCFDFFFF LEA EAX,DWORD PTR SS:[EBP-224] ; |
00194BC2 . 50 PUSH EAX ; |Arg4
00194BC3 . FF35 48A21900 PUSH DWORD PTR DS:[19A248] ; |Arg3 = 00000008

is replaced with the dump

8D85EBDCFFFF9090

You could also create a whole hack loaded in virtual memory using this technique.
If you want to try this but don't fully understand the asm dump then pm me and ill send you the straight asm, however because the detour bottles on itself, its kind of my little thing which i want to play with on my own for a while. Im sure sinner released something similar anyway. Binary mod ftw

NOTE


Don't moan at me saying I havnt provided you with enough information, its notepad.exe and the addresses of modification are listed. Figure out yourself, im not going to give you a dump that you can just throw into your VB module lol. GL




w0w tnx that so geat... for coders