Author Topic: FAR JMP in easywrite.  (Read 525 times)

0 Members and 1 Guest are viewing this topic.

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
FAR JMP in easywrite.
« on: September 24, 2006, 11:29:14 am »
How fark do you do a FAR jmp in easywrite?

I've tried:
jmp far 0x10B00
jmp far [0x10B00]
jmp dword ptr [0x10B00]
jmp long 0x10B00

All are relative; or reference invalid memory- the address I want to far jump to is 0x10B00.

Looks like T-Search uses the libdasm library; and jumps are 32-bit near (relative) ones- unless explicitly stated as 'short'.

This is really frustrating me; because I'm copying code in my VC Teleporter Program- and either need to fix up the relative jumps- or replace them with FAR ones.

I hope SOMEONE here knows...

Subsky

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: FAR JMP in easywrite.
« Reply #1 on: September 24, 2006, 03:37:47 pm »
Figured it out...

You need to write the memory operand as a pointer and dereference it.

For anyone interested- say we want a far jmp to 0x10B00 (code cave address)- you'd do something like this...

offset 0x????????
push 0x10B00
jmp far fword ptr [esp]
sub esp, 0x4

Subsky

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: FAR JMP in easywrite.
« Reply #2 on: September 24, 2006, 03:39:39 pm »
Cool solution. But why do it in T-search? CheatEngine can do that stuff pretty easy too.
Heckling is an art, and game hacking a science.

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: FAR JMP in easywrite.
« Reply #3 on: September 24, 2006, 03:41:16 pm »
Cool solution. But why do it in T-search? CheatEngine can do that stuff pretty easy too.

Doesn't really matter- I just need to get the pokes for it so I can use them for my BYTE buffer in WriteProcessMemory().

Subsky