Questions tagged [call]
The call tag has no usage guidance.
20
questions
1
vote
0
answers
438
views
How to patch instruction with a call to a thunk function?
I started to use ghidra to begin doing some crackmes, and I need to change an instruction to a call to a thunk function. However, when I export the program back, I get a segfault.
Inspecting it with ...
3
votes
1
answer
2k
views
How to call a func in an executable binary?
I have a binary with a func that I can disassemble. What are simple ways for me to call it with arbitrary args and observe its return val and behavior?
Ideally, I'd like to do this:
Within gdb (or ...
1
vote
1
answer
187
views
Adding ltrace information to gdb
I'd like to run gdb (or gdb-peda) with ltrace like info on each syscall. How can I do that?
I know that, as per ltrace and gdb attach to same process , you can't actually attach ltrace and gdb to the ...
1
vote
1
answer
360
views
Accessing Call String of CALLOTHER Pcode Instruction via Java API?
Is there a way to access the call string of a CALLOTHER Pcode instruction when iterating over the Pcode in Java? The listing below shows an example of what I mean:
048
...
1
vote
1
answer
832
views
Calling imported DLL functions from an injected DLL?
If I have injected my own DLL into an executable (a game specifically) which imports a DLL to draw its graphics, camera, etc. How can I go about calling the DLLs functions?
I'm able to find the ...
0
votes
1
answer
92
views
What is the difference between xrefs and stack trace?
In IDA, I can see what calls a specific function by looking at the xrefs to it, or by looking 1 step back on stack trace.
What are the differences between them?
How does IDA know what the stack ...
5
votes
2
answers
9k
views
What does XREF mean?
I have been learning about the x86 assembly language by analyzing a binary using radare2 that is stored on a Intel 80386 machine. When I have been analyzing functions on the binary, I noticed that "...
0
votes
1
answer
1k
views
Calling internal functions via dll injection - runtime error
I am trying to modify closed source game client that works with my game server. The purpose of that is being able to add new graphical elements into the client.
I have read a lot of tutorials about ...
0
votes
1
answer
716
views
Idenifying far call target in protected mode (x86 assembly)
I am currently analysing a regular Windows x86 executable (-> protected mode) and I came across several far call instructions in the disassembly. I know that far calls, for example, are used in WOW64 ...
0
votes
1
answer
3k
views
IDA - call dword ptr [mana+0Ch] - Where is it pointing to?
Pseudo Code:
(*((void (__cdecl **)(_DWORD, _DWORD))cr->baseclass_0.Skills[1]->_vptr.TSkill + 3))(cr->baseclass_0.Skills[1], Mana);
IDA Assembly Code:
.text:0807EC41 call ...
3
votes
0
answers
1k
views
GNU Assembler - Tricore - how to set origin?
I have a compiled Tricore binary that I am patching. By creating a .asm file from IDA Pro of a function and reformatting it, I can get it to reassemble faithfully apart from call (relative) and jump (...
0
votes
3
answers
513
views
What exactly is this piece of assembly code doing?
This assembly is for Intel x86-64 bit, seems to be too baffling to me.
How come the jz instruction jump to a non-instruction (0x400AC9)?
How come the call invokes a non-existing address?
For curious ...
3
votes
1
answer
1k
views
How do I call a statically imported function from a Dll? call dword ptr ds <> not working
Disclaimer: I am relatively new to this whole RE thing. So I successfully crammed some instructions into the end of an existing DLL and redirected a call.
Now I actually want to do things with a ...
0
votes
2
answers
3k
views
Intel syntax - Meaning of jmp/call instruction with $+5 operand
I'm currently parsing a lot of assembly files and don't understand a specific jmp or call with $+5 as operand:
call $+5
jmp $+5
To provide more context I grepped some of the occurrences:
mov esp, [...
0
votes
2
answers
469
views
Call instruction - preceding ?@_ in references?
Seems to be a question of no importance, but I'm just curious: Is there a deeper meaning of the preceeding (single/double) ?-marks, @-signs or __ underscores in these different call instructions?
...