I need to be able to edit two regions of memory that are pointed to by two addresses stored in the ECX & EAX registers.
I'm doing this by placing a Code Cave in the clients original Executable that jumps to my Prepare_Encrypt() function.
My general idea is that Prepare_Encrypt() would get the addresses and should somehow be able to use them to create a pointer to the data in C++.
Once the pointer has been created I would create a For Loop that would preform an XOR operation on each character value in the pointer.
I'm new to using inline assembly so I would really like to get this working the way I want.
I figured creating a char* and using a MOV operation would work, but it doesn't. Does anyone have any ideas of how to get this to work?
Here is my current Prepare_Encrypt() function and my current Encrypt() function.
char* data_1;
char* data_2;
void Encrypt()
{
for(var i = 0; i < sizeof(data_1); i++)
{
data_1[i] ^= 200;
}
for(var i = 0; i < sizeof(data_2); i++)
{
data_2[i] ^= 125;
}
}
_declspec(naked) void Prepare_Encrypt()
{
// Save program state.
__asm
{
MOV ECX, ESI
MOV DWORD PTR SS : [ESP+0x1C], EAX
PUSHAD
PUSHFD
// Get Current Data From Memory
MOV data_1, ECX
MOV data_2, EAX
}
Encrypt();
// Restore the program state and return to original code.
__asm
{
POPFD
POPAD
JMP SendJMPTo
}
}
Aucun commentaire:
Enregistrer un commentaire