Re: Need a jump opcode generator.

First things first though,

"Skybuck Flying" <spam@xxxxxxxxxxx> wrote in message
news:f8cd8m$r7o$1@xxxxxxxxxxxxxxxxxxxxxxxxxx
Look what the debugger showed me after the sendto is overwritten:

ws2_32.sendto:
71C03D14 FFE8 jmp eax
71C03D16 FE4000 inc byte ptr [eax+$00]
71C03D19 83EC10 sub esp,$10
71C03D1C 56 push esi
71C03D1D 57 push edi

Original is:

ws2_32.sendto:
71C03D14 8BFF mov edi,edi
71C03D16 55 push ebp
71C03D17 8BEC mov ebp,esp

More of original:

ws2_32.sendto:
71C03D14 8BFF mov edi,edi
71C03D16 55 push ebp
71C03D17 8BEC mov ebp,esp
71C03D19 83EC10 sub esp,$10
71C03D1C 56 push esi
71C03D1D 57 push edi
71C03D1E 33FF xor edi,edi
71C03D20 813D4440C1716760 cmp [$71c14044],$71c06067
71C03D2A 0F845A7C0000 jz $71c0b98a
71C03D30 8D45F8 lea eax,[ebp-$08]
71C03D33 50 push eax

Ok, only first 5 bytes overwritten so that seems ok.

Now me wonders if jump bad.

Me go make example with jump $12345678 etc.

Bye,
skybuck.


.