How to disasamle code from another process?

delphi package - full disassembler

How to disasamle code from another process?

Postby shadow110 » Mon May 10, 2004 3:15 am

Hello.

I can disasamble my own code:


Code: Select all
var:
a:^integer;
b:TCodeInfo;
begin
a := ptr($00400010);
b := parsecode(a);
showmessage(inttohex(b.opcode,4));
b := parsecode(b.next);
showmessage(inttohex(b.opcode,4));

end


Is it possible, to use parsecode with the memory address of another process (calc.exe) ?

I ask many questions the last time.. :oops:

Greetings
Alex
shadow110
 
Posts: 8
Joined: Tue Apr 27, 2004 6:26 pm

Postby madshi » Mon May 10, 2004 7:52 am

No, that's not possible, because your process can't even directly reach another process. The only way to even access the memory/code of calc from inside your process is to use ReadProcessMemory.

If you want to disassemble code of another process, you have to inject a dll into that process and then call ParseCode/Function there.
madshi
Site Admin
 
Posts: 9431
Joined: Sun Mar 21, 2004 5:25 pm

Postby Claes » Sun Aug 15, 2004 6:47 pm

It would be a nice Demo-project if you could provide some source code for that, Mathias. The Demo folder under madDisAsm is still "under construction"... :sorry:
Claes
 
Posts: 52
Joined: Thu Apr 22, 2004 10:52 pm
Location: Denmark

Postby madshi » Sun Aug 15, 2004 7:01 pm

Yeah, I should really put something into the demo folder. But directly disassembling another process' memory will probably not be what I'll make a demo about. It's just too difficult to solve 100% right without using a dll.
madshi
Site Admin
 
Posts: 9431
Joined: Sun Mar 21, 2004 5:25 pm

Postby Claes » Sun Aug 15, 2004 8:25 pm

On the other hand, you could cover hooking and disasm in just one Demo..! And I wouldn't mind it had to go in a DLL... :D
Claes
 
Posts: 52
Joined: Thu Apr 22, 2004 10:52 pm
Location: Denmark

Postby madshi » Sun Aug 15, 2004 8:43 pm

But there are customers who have madDisAsm, but not madCodeHook. So I can't put a demo into madDisAsm's demo folder, which can only be compiled with madCodeHook. The demo has to be madDisAsm only.
madshi
Site Admin
 
Posts: 9431
Joined: Sun Mar 21, 2004 5:25 pm

Postby Claes » Sun Aug 15, 2004 10:28 pm

Bollox! ;) But you got a strong point, I must admit... 8)
Claes
 
Posts: 52
Joined: Thu Apr 22, 2004 10:52 pm
Location: Denmark


Return to madDisAsm

Who is online

Users browsing this forum: No registered users and 1 guest

cron