All Questions
9
questions
0
votes
0
answers
47
views
How to get which Tedit is referenced when retrieving text
Reversing a borland builder 6 application, I came across this function: @Controls@TControl@GetText$qqrv
Now, the two parameters for the function are:
LEA param_2=>local_8,[EBP + -0x4]
MOV param_1,...
0
votes
2
answers
145
views
How can I debug if the program closes directly?
I'm trying to debug a game and it's closing under few circumstances:
When debugging (solved by hooking IsDebuggerPresent to return false when called by the game)
When setting a memory/hardware ...
3
votes
0
answers
318
views
How would I crack a software that has Xor encryption
So, before you shout at me to go on google I would just like to say I am new to reverse Engineering. Like I have been doing it for a hour. So, I was doing a bunch of crackmes.one using the search all ...
4
votes
2
answers
627
views
How to reverse a game and inject a dll in client program?
I am trying to make a bot for a game. But when I open the game in debugger like Ollydbg or in x64dbg the game simply closes and also it doesn't appears in the Attach to the process list in File menu ...
1
vote
1
answer
265
views
Calling function with string as parameter
I'm trying to call a function in a game that makes my character sending a message.
I already called a few functions in this game but this one has a tricky parameter.
The function signature should be ...
2
votes
1
answer
597
views
Why module address is different in Cheat Engine than in x32dbg?
Why the module address is different in Cheat Engine than in x32dbg?
I'm trying to read this:
My c++ attempt:
#include "pch.h"
#include "Functions.h"
#include "offsets.h"...
1
vote
1
answer
976
views
how can ı debug encrypted dll with x32dbg and look getregistery request
I have an executable with 2 .dll calls 1 of this dll is guard.dll others name is guardlib.dll both of them is encrypted c++ library file and they are called before executable entry point.
I can bypass ...
0
votes
1
answer
1k
views
Patching memory
I've successfully reversed and patched an application on windows, but patching the executable on disk triggers a CRC check and prevents it from loading. I've used x64dbg and have the addresses I need (...
2
votes
1
answer
283
views
I can't set a hardware breakpoint on RIP + N-byte after calling NtContinue()
#include <Windows.h>
int handle_exception (EXCEPTION_POINTERS *exception_pointers) {
exception_pointers->ContextRecord->Rip += 4;
return EXCEPTION_CONTINUE_EXECUTION;
}
int main (...