Trying to change the command with C++

Question

3.67/5 (3 votes)

See more:

Hey,
I'm trying to change someting in exe file.
I found command in ollydbg, and when I change the command. someting change in the exe
(on game)
But what I just need help with, its to change it with a dll ..
Here the command in ollydbg:

Click here to open pictuce 1.

Now, I can change it like this:

Click here to open pictuce 2.

save the file, and its will change in the game .
But this command I have again in a diffrence place.
and I need this one, you see the command after this one ?
this commands:

C++

mov dword ptr [ebp-10],7
mov dword ptr [ebp-10],0E
mov dword ptr [ebp-10],8
mov dword ptr [ebp-10],9
mov dword ptr [ebp-10],29

So basically I need the address: 004BA5FB.

Click here to open pictuce 1.

Now, I just want to know how I can change it with the dll ..
Thanks for read & help :)

Posted 21-Jul-12 3:35am

Ido Hadar

Updated 21-Jul-12 3:40am

v4

Add a Solution

Comments

hbprotoss 22-Jul-12 7:45am

What's your problem working with dll? Anything wrong?

Maximilien 22-Jul-12 7:52am

so, you want to hack a game !!!

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard MacCutchan · Answer 1 · 2012-07-21T04:18:00

Solution 1

Broadly speaking, you cannot do this without learning about the structure of executable programs; you effectively need to duplicate much of the operation of the debug program. You could try a Google search for information on executable code files but you will still have a lot of work to do.

Posted 21-Jul-12 4:18am

Richard MacCutchan

Comments

Ido Hadar 21-Jul-12 11:01am

You can give me tutorial .. ?

And I can't use the '__asm' in the compiler ? and write it there ?

Richard MacCutchan 21-Jul-12 11:14am

Did you read my answer? If I had a tutorial I would have given you a link to it. You could try a Google search for yourself, as I suggested.

armagedescu · Answer 2 · 2012-07-22T07:48:00

Solution 2

Why do you need that? I suppose you probably want to redirect a function call?

Posted 22-Jul-12 7:48am

armagedescu

enhzflep · Answer 3 · 2012-07-22T08:18:00

If you're playing with OllyDbg, you should head over to either tuts4you, exetools or woodmann forums.

You'll get plenty of information there about converting from a RVA address to a file-offset.

The other alternative, of course is to select a range of bytes starting at the target location (lets say 16) Then check to see if the bytes are unique in the memory image/exe file. If this is the case, you can just simply open, read search and replace, then write to the process's memory.

Yet another alternative is to just get an app patcher (plenty at first forum mentioned above) You give it a target exe name, a file offset or search string and finally the patch bytes. You should be able to download and configure one to 'fix' the exe file in under 20 mins.

Also, for what it's worth - if you want to change the 2 in the highlighted instruction:

C++

MOV DWORD PTR SS:[EBP-10], 2

Then you're actually after the 4 bytes starting at the address 0x004BA5FE (not 0x004BA5B)