Thank you for another article. What does "patch" mean in that context? Does it mean to overwrite a part of an existing code?
-
-
-
Correct, replacing bytes on the binary. Classic example is changing the jump condition Opcode. For example: Asm | Opcode jne | 75fe je | 74fe If we change the first part of the opcode, 75 to be 74 we'll have a conditional jump that does the opposite of what it was intended
- Još 2 druga odgovora
Novi razgovor -
-
-
Good post! Some comments: Decompiler -> disassembler Pdf -> print disasm function Instead of oo+ use r2 -w Instead of wv use wx you are writing hex data not a number so no endian is not involved Also you can use wv4 to write 4 bytes instead of 8 You can use wa to write assembly
-
Thanks, I'll get that in the post.
Kraj razgovora
Novi razgovor -
-
-
Thanks for the post, in my case I inverted the JMP condition using near jump opcodes 0F85 -> 0F84.
-
I’m glad you liked the post :)
Kraj razgovora
Novi razgovor -
-
-
Looking for next post, its really helpfull
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
You could probably just nop out the jump too which would give you the result you were after.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.