Westernsys
May 21st, 2010, 14:56
Hello,
Just a few days ago I started to look into RE, because of a software limitation. - Basically the app connects to third party rtmp server (to send a stream) with a username and password (both are generated in this application and can't be changed manually), but the account on the other server got suspended for me. So I made a new account on the "other server" and I would like to pass the new username and password to the first app.
At first I thought this would be easy. Then I read about code caves, loading external dll, memeory injections, hw breakpoints et cetera...
Well, I am really confused.
I have found the unicode string that connects to the other server (using ollydbg search for referenced text strings):
So I went to that address, set breakpoint on the start of the function and pressed f8 until I noticed that EAX register had the username value inside it.
Now the real question - how would I change the EAX value? I've skimmed over at least 20-30 beginner tutorials but only few touch that topic and most of them are either too complicated or don't fully describe what to do.
I think I need to create a code cave, then assign a string to a memory block, but how do i know which address to use? Wouldn't I overwrite data and wouldn't that crash the app?
Thanks, I hope someone reads this and replies.
Just a few days ago I started to look into RE, because of a software limitation. - Basically the app connects to third party rtmp server (to send a stream) with a username and password (both are generated in this application and can't be changed manually), but the account on the other server got suspended for me. So I made a new account on the "other server" and I would like to pass the new username and password to the first app.
At first I thought this would be easy. Then I read about code caves, loading external dll, memeory injections, hw breakpoints et cetera...
Well, I am really confused.

I have found the unicode string that connects to the other server (using ollydbg search for referenced text strings):
Code:
rtmp://blabla.com/username=%s/password=%s
So I went to that address, set breakpoint on the start of the function and pressed f8 until I noticed that EAX register had the username value inside it.
Now the real question - how would I change the EAX value? I've skimmed over at least 20-30 beginner tutorials but only few touch that topic and most of them are either too complicated or don't fully describe what to do.
I think I need to create a code cave, then assign a string to a memory block, but how do i know which address to use? Wouldn't I overwrite data and wouldn't that crash the app?
Thanks, I hope someone reads this and replies.
