Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Patch a program in memory

First timers and new learners, this forum is for you. Please use the search function to see if your question has already been answered.
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Patch a program in memory

Post by techne »

Hi all,
I have a program that makes some complex operation when it starts.
One of this operation consist in writing a global variable (at address [DS]:005387D4).
It puts into this variable a value (0008) which limites very much the use of this program.

I would like to write a patcher that:
1. attach that program ( after it has started) just like olly for example
2. go to the right memory address ([DS]:005387D4)
3. and let me change the value of that global variable (from 0008 to FFFF).

Is it possibile ?
Have you ever done something like that ?
Do you have a C code (for example) that can do this operation ?

Thanks in advance.
naides
Posts: 1655
Joined: Sat Jan 12, 2002 12:00 pm
Location: Planet Earth

Post by naides »

It is very much possible. In fact in the tools section, there are several already made apps, called 'loader', and 'patcher' that are designed to do just what you ask, some with available code. . .
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Post by techne »

Thank you naides
but can I use these loader to automatize my patch?
I mean I'd like to send my target program and the loader to one of my friends. He just should execute the target program and then the loader (correctly programmed).
Is it possible?
have you a loader to advice me?
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Post by techne »

Thank you I will Read about these software as soon as possibile
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Post by techne »

Hi all,
I have downloaded the two program (DUP and THYloadergen).
But it seems that they two applay a patch directly on my target program.
When then I start the program, my fix is overwritten.

I have to override a global variable after the program has started: how can I do with DUP or THYloadergen ?
Thank you all...
_genuine
Member
Posts: 78
Joined: Wed Oct 07, 2009 4:55 pm

Post by _genuine »

If youre aware of where the program is writing to, why not use your debugger to make the patch, or use a tool like CheatEngine to put a permanent patch on that address. Or if you track down the location of the instruction that makes the patch, modify that instruction..Or am i missing something?
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Post by techne »

Thank you _genuine for your help,
I have not to patch an instruction, I have to patch a global variable.
when the program start, it makes many and many operation and at the end of the starting processs it put a value 0008 into a global variable (at address [DS]:005387D4).
I'd like to change that value into FFFF, but I have to do this just after the program has started.
If I do it before the program start, when it start, it changes the value again.

So I need a program to patch automatically my target program and change the value at address [DS]:005387D4 from 0008 --> FFFF, but after my target program has started.
I don't know if it is clear and if it is possibile.

Thank you again.
User avatar
Nacho_dj
Posts: 95
Joined: Mon Jul 04, 2005 2:07 am
Contact:

Post by Nacho_dj »

Here is what you are looking for:
http://www.woodmann.com/forum/showthrea ... in-english

Best regards

Nacho_dj
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Post by techne »

Thank you Nacho_dj,
Pupe is exactly what I need.
I execute pupe and apply (manually) the patch and everything goes fine.

but...

is it possible to exceute pupe from command line?
I'd like to automatize the patch operation.
Do you know if it possibile ?
User avatar
Nacho_dj
Posts: 95
Joined: Mon Jul 04, 2005 2:07 am
Contact:

Post by Nacho_dj »

Never tested that, but pupe comes with sources, so maybe you can add that feature... :)
techne
Junior Member
Posts: 19
Joined: Thu Jul 04, 2013 3:08 pm

Post by techne »

OK I will try to do something on that source.
Thank you very much.
qZanity
Junior Member
Posts: 4
Joined: Fri Aug 16, 2013 3:59 pm

Post by qZanity »

Do you have any c++/c experience at all.. If you know the address patching it is a breeze.

Code: Select all

#include <iostream>
#include <windows.h>

using namespace std;

// setup here
LPVOID targetAddress = (LPWORD)0x017E5950; // address
int newValue = 1000;

int main()
{
    HWND hWnd = FindWindow(0, L"WindowName");

    if(!hWnd)
    {
        cout << "Could not find target window" << endl;
        return 1;
    }

    DWORD pID;
    GetWindowThreadProcessId(hWnd, &pID);

    HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, false, pID);
    if(!handle)
    {
        cout << "Could not open a process handle!" << endl;
        return 1;
    }

    size_t sznewValue = sizeof(newValue);
    int ret = WriteProcessMemory(handle, targetAddress, &newValue, sznewValue, NULL);

    if(ret < 1)
    {
        cout << "WriteProcessMemory failed!" << endl;
        return 1;
    }
    cout << "Written value to target memory address!" << endl;
    return 0;
}
Should work fine, dont forget to add the window name


@blabberer: Could of sworn that i included the headers and variables... although when i tested i found a bug so re-edited post and forgot to copy/paste headers. My bad
blabberer
Senior Member
Posts: 1535
Joined: Wed Dec 08, 2004 11:12 am

Post by blabberer »

no it is not the about the headers (missing headers could be my mistake when i edited your post instead of replying)

it is more fundamental logic i talked about

did you run this on anything and get a result
what it was?
why ?

ask the 5 w 1 h and make it better
qZanity
Junior Member
Posts: 4
Joined: Fri Aug 16, 2013 3:59 pm

Post by qZanity »

blabberer wrote:no it is not the about the headers (missing headers could be my mistake when i edited your post instead of replying)

it is more fundamental logic i talked about

did you run this on anything and get a result
what it was?
why ?

ask the 5 w 1 h and make it better
Umm well it's working fine by patching calc.exe MEMORYSTORE address.

Not sure why you think it doesn't work
Locked