How to find & call functions of other processes using C++ & ASM

This is a discussion on How to find & call functions of other processes using C++ & ASM within the Warcraft 3 Hacks, bots and tools board part of the Warcraft 3 forum category; Firstly, sorry if here is not the best place to ask this, but i believe there are some guys around ...

Results 1 to 6 of 6
  1. #1
    Farid.Agl's Avatar
    Farid.Agl is offline Advanced Hacker

    Array
    Join Date
    Sep 2011
    Posts
    448
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    8
    Reputation
    322

    How to find & call functions of other processes using C++ & ASM

    Firstly, sorry if here is not the best place to ask this, but i believe there are some guys around this section of forum that are able to help me. @Mods, please do not move it somewhere else if it's possible.

    Look, i found a function of another process using Ollydbg, i can inject my Dll into it, now i want o call that function from my Dll, the problem is that i dunno how to determine what are the parameters that should be PUSH before CALL !

    Here is a place that the function get called by it's own process:
    Code:
    1. 00497DF2   . 83C4 04        ADD ESP,4
    2. 00497DF5   > 8B5424 18      MOV EDX,DWORD PTR SS:[ESP+18]
    3. 00497DF9   . 8D4D 04        LEA ECX,DWORD PTR SS:[EBP+4]
    4. 00497DFC   . 52             PUSH EDX                                 ; /Arg1
    5. 00497DFD   . 894C24 24      MOV DWORD PTR SS:[ESP+24],ECX            ; |
    6. 00497E01   . E8 4A64FFFF    CALL 0048E250                     ; \0048E250
    7. 00497E06   . 33FF           XOR EDI,EDI
    8. 00497E08   . 3BDF           CMP EBX,EDI
    As you can see at line 6 it get called, at line 4 it PUSH EDX that contains the address of a string ( I checked it using CE ), i'm not sure about other lines.
    If it helps, it's a function that shows a string on its screen ( Print it on screen i mean ).

    Also, here is the function itself:
    Code:
    0048E250  /$ 6A FF          PUSH -1
    0048E252  |. 68 58055900    PUSH 00590558
    0048E257  |. 64:A1 00000000 MOV EAX,DWORD PTR FS:[0]
    0048E25D  |. 50             PUSH EAX
    0048E25E  |. 83EC 14        SUB ESP,14
    0048E261  |. 53             PUSH EBX
    0048E262  |. 55             PUSH EBP
    0048E263  |. 56             PUSH ESI
    0048E264  |. 57             PUSH EDI
    0048E265  |. A1 E4A87A00    MOV EAX,DWORD PTR DS:[7AA8E4]
    0048E26A  |. 33C4           XOR EAX,ESP
    0048E26C  |. 50             PUSH EAX
    0048E26D  |. 8D4424 28      LEA EAX,DWORD PTR SS:[ESP+28]
    0048E271  |. 64:A3 00000000 MOV DWORD PTR FS:[0],EAX
    0048E277  |. 8BD9           MOV EBX,ECX
    0048E279  |. 8B03           MOV EAX,DWORD PTR DS:[EBX]
    0048E27B  |. 8B50 04        MOV EDX,DWORD PTR DS:[EAX+4]
    0048E27E  |. 895C24 14      MOV DWORD PTR SS:[ESP+14],EBX
    0048E282  |. FFD2           CALL EDX
    0048E284  |. 8B43 08        MOV EAX,DWORD PTR DS:[EBX+8]
    0048E287  |. 8B00           MOV EAX,DWORD PTR DS:[EAX]
    0048E289  |. 8D7B 04        LEA EDI,DWORD PTR DS:[EBX+4]
    0048E28C  |. 8BF0           MOV ESI,EAX
    0048E28E  |. 8B47 04        MOV EAX,DWORD PTR DS:[EDI+4]
    0048E291  |. C74424 30 0000>MOV DWORD PTR SS:[ESP+30],0
    0048E299  |. 894424 1C      MOV DWORD PTR SS:[ESP+1C],EAX
    0048E29D  |. 8D49 00        LEA ECX,DWORD PTR DS:[ECX]
    0048E2A0  |> 85FF           /TEST EDI,EDI
    0048E2A2  |. 74 07          |JE SHORT 0048E2AB
    0048E2A4  |. 8D43 04        |LEA EAX,DWORD PTR DS:[EBX+4]
    0048E2A7  |. 3BF8           |CMP EDI,EAX
    0048E2A9  |. 74 05          |JE SHORT 0048E2B0
    0048E2AB  |> E8 F4C10D00    |CALL 0056A4A4
    0048E2B0  |> 3B7424 1C      |CMP ESI,DWORD PTR SS:[ESP+1C]
    0048E2B4  |. 74 36          |JE SHORT 0048E2EC
    0048E2B6  |. 85FF           |TEST EDI,EDI
    0048E2B8  |. 897424 24      |MOV DWORD PTR SS:[ESP+24],ESI
    0048E2BC  |. 75 05          |JNZ SHORT 0048E2C3
    0048E2BE  |. E8 E1C10D00    |CALL 0056A4A4
    0048E2C3  |> 3B77 04        |CMP ESI,DWORD PTR DS:[EDI+4]
    0048E2C6  |. 75 05          |JNZ SHORT 0048E2CD
    0048E2C8  |. E8 D7C10D00    |CALL 0056A4A4
    0048E2CD  |> 3B77 04        |CMP ESI,DWORD PTR DS:[EDI+4]
    0048E2D0  |. 8B2E           |MOV EBP,DWORD PTR DS:[ESI]
    0048E2D2  |. 75 05          |JNZ SHORT 0048E2D9
    0048E2D4  |. E8 CBC10D00    |CALL 0056A4A4
    0048E2D9  |> 8B4E 08        |MOV ECX,DWORD PTR DS:[ESI+8]
    0048E2DC  |. 8B11           |MOV EDX,DWORD PTR DS:[ECX]
    0048E2DE  |. 8B4424 38      |MOV EAX,DWORD PTR SS:[ESP+38]
    0048E2E2  |. 8B52 04        |MOV EDX,DWORD PTR DS:[EDX+4]
    0048E2E5  |. 50             |PUSH EAX
    0048E2E6  |. FFD2           |CALL EDX
    0048E2E8  |. 8BF5           |MOV ESI,EBP
    0048E2EA  |.^EB B4          \JMP SHORT 0048E2A0
    0048E2EC  |> 8B03           MOV EAX,DWORD PTR DS:[EBX]
    0048E2EE  |. 8B50 08        MOV EDX,DWORD PTR DS:[EAX+8]
    0048E2F1  |. 8BCB           MOV ECX,EBX
    0048E2F3  |. C74424 30 FFFF>MOV DWORD PTR SS:[ESP+30],-1
    0048E2FB  |. FFD2           CALL EDX
    0048E2FD  |. 8B4C24 28      MOV ECX,DWORD PTR SS:[ESP+28]
    0048E301  |. 64:890D 000000>MOV DWORD PTR FS:[0],ECX
    0048E308  |. 59             POP ECX
    0048E309  |. 5F             POP EDI
    0048E30A  |. 5E             POP ESI
    0048E30B  |. 5D             POP EBP
    0048E30C  |. 5B             POP EBX
    0048E30D  |. 83C4 20        ADD ESP,20
    0048E310  \. C2 0400        RETN 4
    Any help would be great.

    http://faridaghili.ir

  2. The Following User Says Thank You to Farid.Agl For This Useful Post:


  3. #2
    ELiteChiLd- is offline Banned User Array
    Join Date
    Oct 2011
    Location
    United States
    Posts
    1,122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    0
    Reputation
    624
    Thanks for the Share

  4. #3
    YourName's Avatar
    YourName is offline THE ONE AND ONLY DARK KNIGHTY


    Array
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    1,553
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    16
    Reputation
    1088
    Quote Originally Posted by RoCkoTiTLaN. View Post
    Thanks for the Share
    Thanks for reading the topic and thus posting a very helpful and completely not retarded post.
    Providing you with foolish stuff since 2007.

  5. #4
    ELiteChiLd- is offline Banned User Array
    Join Date
    Oct 2011
    Location
    United States
    Posts
    1,122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    0
    Reputation
    624
    Quote Originally Posted by YourName View Post
    Thanks for reading the topic and thus posting a very helpful and completely not retarded post.

    ikr? and i find this useful thanks

  6. #5
    Farid.Agl's Avatar
    Farid.Agl is offline Advanced Hacker

    Array
    Join Date
    Sep 2011
    Posts
    448
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    8
    Reputation
    322
    Quote Originally Posted by RoCkoTiTLaN. View Post
    Thanks for the Share
    Your welcome, i have posted so many posts like this, try to find and thanks them as well.

    Quote Originally Posted by YourName View Post
    Thanks for reading the topic and thus posting a very helpful and completely not retarded post.
    I believe you can help me, if you have the time, i really stuck at this. Maybe some links to some online guides at-least.
    http://faridaghili.ir

  7. #6
    Farid.Agl's Avatar
    Farid.Agl is offline Advanced Hacker

    Array
    Join Date
    Sep 2011
    Posts
    448
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    8
    Reputation
    322
    Any help ?
    http://faridaghili.ir

Similar Threads

  1. [Help] Need help with wc3 functions offsets
    By wc3noobpl in forum Warcraft 3 Hacks, bots and tools
    Replies: 60
    Last Post: 01-19-2012, 02:59 PM
  2. [1.26] List of all JASS functions (SEACH)
    By Skino in forum Warcraft 3 Hacks, bots and tools
    Replies: 4
    Last Post: 06-29-2011, 03:01 PM
  3. [Help] How to find the trade call
    By lofrank in forum Warcraft 3 Hacks, bots and tools
    Replies: 0
    Last Post: 08-23-2010, 03:28 PM
  4. Replies: 0
    Last Post: 03-28-2010, 10:29 PM
  5. Functions of the forums.
    By Kevin in forum Entertainment
    Replies: 15
    Last Post: 07-30-2007, 07:04 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •