Welcome, Guest.

KittoniuM

  • Administrator
  • *
  • Posts: 1352
Extract address of CALL instruction
« on: May 01, 2018, 10:43:47 PM »
Heres a nice function Syn showed when I was trying to figure out how to find the CALL address when your signature scan lands on a CALL XXXX

Quote
uintptr_t get_absolute_address(void* instruction, uint8_t skip = 1, uint8_t size = 5)
{
   unsigned char *memory = (unsigned char *)(instruction);
   int relative = *(int *)(memory + skip);
   uintptr_t absolute = relative + (uintptr_t)(instruction)+size;
   return absolute;
}

pr0jekt

  • Posts: 5
Re: Extract address of CALL instruction
« Reply #1 on: May 26, 2018, 07:13:58 PM »
Thanks.

Total Registered Members:





2017-2024 BigPackets. All rights reserved. All other trademarks, logos and copyrights are the property of their respective owners. This site is not associated with any company in any way.
Proudly powered by Simple Machines