Login

Boop · (This post was last modified: 03-22-2009, 09:52 AM by Boop.)

Wow, you are lazier than I am. I hope you're happy, you made me waste 30 minutes of my life...

ASM-Code:

00424403   . 8B4C24 1C      MOV ECX,DWORD PTR SS:[ESP+1C]
00424407   . 8B15 08564500  MOV EDX,DWORD PTR DS:[455608]
0042440D   . 68 FFFFFF00    PUSH 0FFFFFF
00424412   . 68 0D1B6000    PUSH lf2_load.00601B0D
00424417   . 51             PUSH ECX
00424418   . 52             PUSH EDX
00424419   . EB 16          JMP SHORT lf2_load.00424431
0042441B   > 8B4424 1C      MOV EAX,DWORD PTR SS:[ESP+1C]
0042441F   . 8B0D 08564500  MOV ECX,DWORD PTR DS:[455608]
00424425   . 68 B4B4FF00    PUSH 0FFB4B4
0042442A     68 0D1B6000    PUSH lf2_load.00601B0D
0042442F   . 50             PUSH EAX
00424430   . 51             PUSH ECX
00424431   > E8 5ACEFDFF    CALL lf2_load.00401290                   ;  RAWR THIS IS THE ONE

That is the load thing that deals with the loading text.

1477 · (This post was last modified: 03-20-2009, 08:43 PM by 1477.)

WTF? That's not even a 'LEA' command! And for your information, Silva, I spent over seven hours trying to find that command (so I'm not that lazy

). I guess this proves that knowledge is power

.

Anyways, problem solved.

Thanks Silva...

~Solomon Leung

Boop · (This post was last modified: 03-20-2009, 08:53 PM by Boop.)

I think in this case, lack of knowledge is power

. You thought about it logically, I just went through them one by one

(although I did skip ones which were obviously incorrect

).

1477 · 03-21-2009, 09:37 PM

Ok, so the code for the loading text is found (finally!). However, how do I change the text to what I want? The 'MOV EAX' command that's supposed to point to the text in 'data.txt' freezes up when I try to make it read from a location at the bottom of the program. How do I change the loading text? Sorry for the short post.

Please Respond

~Solomon Leung

Boop · (This post was last modified: 03-22-2009, 09:51 AM by Boop.)

I'm guessing you are trying to do something like this:

ASM-Code:

0042441B     36:A1 E09F4500 MOV EAX,DWORD PTR SS:[459FE0]
00424421     90             NOP
00424422     90             NOP
00424423     90             NOP
00424424     90             NOP
00424425   . 68 B4B4FF00    PUSH 0FFB4B4

Look at all the nops. You're new function is to long, so it starts over writing the next one (MOV ECX,DWORD PTR DS:[455608] disappeared).

You'll probably have to jump to a new location, then do

MOV EAX,DWORD PTR SS:[459FE0] ; eax holds your text
MOV ECX,DWORD PTR DS:[455608] ; ecx holds a magical number, this line gets over written.
jmp 00424425 ; jumps back

BTW, if you look at the code, you should be able to notice how there are 3 possible thingies (lack of a better word).

ASM-Code:

004243E4   . 8B5424 1C      MOV EDX,DWORD PTR SS:[ESP+1C]            ;  start of 1
004243E8   . A1 08564500    MOV EAX,DWORD PTR DS:[455608]
004243ED   . 68 6464FF00    PUSH 0FF6464
004243F2   . 68 0D1B6000    PUSH lf2_load.00601B0D
004243F7   . 52             PUSH EDX
004243F8   . 50             PUSH EAX
004243F9   . EB 36          JMP SHORT lf2_load.00424431              ;  end of 1
004243FB   > 83C2 FB        ADD EDX,-5
004243FE   . 83FA 02        CMP EDX,2
00424401   . 77 18          JA SHORT lf2_load.0042441B
00424403   . 8B4C24 1C      MOV ECX,DWORD PTR SS:[ESP+1C]            ;  start of 2
00424407   . 8B15 08564500  MOV EDX,DWORD PTR DS:[455608]
0042440D   . 68 FFFFFF00    PUSH 0FFFFFF
00424412   . 68 0D1B6000    PUSH lf2_load.00601B0D
00424417   . 51             PUSH ECX
00424418   . 52             PUSH EDX
00424419   . EB 16          JMP SHORT lf2_load.00424431              ;  end of 2
0042441B     8B4424 1C      MOV EAX,DWORD PTR SS:[ESP+1C]            ;  start of 3
0042441F     8B0D 08564500  MOV ECX,DWORD PTR DS:[455608]
00424425   . 68 B4B4FF00    PUSH 0FFB4B4
0042442A     68 0D1B6000    PUSH lf2_load.00601B0D
0042442F   . 50             PUSH EAX
00424430   . 51             PUSH ECX
00424431   > E8 5ACEFDFF    CALL lf2_load.00401290                   ;  end of 3

You're going to have to modify all 3 of them :p.

1477 · (This post was last modified: 03-22-2009, 10:17 PM by 1477.)

I still can't change the loading text. The program jumps down successfully and the nothing freezes, but the text I want to appear doesn't show. I replaced the original:

004243E4 . 8B5424 1C MOV EDX,DWORD PTR SS:[ESP+1C]
004243E8 . A1 08564500 MOV EAX,DWORD PTR DS:[455608]

with

JMP ######

and on the linked offset I inputted:

MOV EAX,DWORD PTR SS:[######]
MOV ECX,DWORD PTR DS:[######]

and then I inputted the text I wanted to display on the linked offset.

However, nothing appeared. The 'text' area was simply left blank. Did I do something wrong? I included a copy of the program on this post.

Please Respond

~Solomon Leung

I still can't change the loading text. The program jumps down successfully and the nothing freezes, but the text I want to appear doesn't show. I replaced the original:

004243E4 . 8B5424 1C MOV EDX,DWORD PTR SS:[ESP+1C]
004243E8 . A1 08564500 MOV EAX,DWORD PTR DS:[455608]

with

JMP ######

and on the linked offset I inputted:

MOV EAX,DWORD PTR SS:[######]
MOV ECX,DWORD PTR DS:[######]

and then I inputted the text I wanted to display on the linked offset.

However, nothing appeared. The 'text' area was simply left blank. Did I do something wrong? I included a copy of the program on this post.

Please Respond
*Link Removed*

~Solomon Leung

Boop · (This post was last modified: 03-22-2009, 09:45 AM by Boop.)

That was probably my fault... Didn't put lots of thought into it when I posted

.

fixed:

.zip

LF2TEXT fixed.zip (Size: 1.2 MB / Downloads: 197)

Explination:
doing :

Code:
MOV EAX,DWORD PTR SS:[######]

It uses ###### as a pointer, then moves the value at the pointer into eax.

So if ###### had the value of 7774823, then it would go to address 7774823, find what is stored there and move it into EAX.
That's not what we need.

Edit: It checks the value of the pointer and moves it into eax. So if ###### had a value of 777482 then it would move 777482 into eax, not ###### . Therfore when it pushes EAX, it pushes 777482 (which is most likely an empty location).

Code:
LEA EAX,DWORD PTR SS:[######]

That makes EAX point to ###### (basically moves ##### into EAX), so when it pushes EAX, it pushes ###### and it is all good.

Sorry if my explanation sucks, I learned by experimenting and what not, not from reading books etc, so my definitions of stuff are quite poor

.

1477 · (This post was last modified: 03-22-2009, 10:13 PM by 1477.)

Thanks for the explanation, Silva

. Link for problematic EXE/program is now removed. Topic/Problem finally solved (for real) after almost a year of useless contemplation

. I guess that in the end knowledge is power...

Sorry for the short post.

Thanks, Case Closed...

~Solomon Leung

RenanDez · 03-23-2009, 06:12 PM

You could spend the entire code with
because I already have an exe and I only code

Thanks

Boop · 03-23-2009, 06:16 PM

(03-23-2009, 06:12 PM)RenanDez Wrote: You could spend the entire code with
because I already have an exe and I only code

Thanks

what?

Login
Username:
Password:	Lost Password?
	Remember me