Ì would like to change a long distance jump ,and don't know how to calculate it.
There are a few tools out for changing short branch jumps . But i never read something about long jumps . For example:

763CE1: 00 LargeBos
763CE3: 0a ImpAdCallFPR4: 575738
763CE8: 00 LargeBos
763CEA: Lead1/c8 End
763CEC: 00 LargeBos
763CEE: 04 FLdRfVar local_0148

i like to change the jump at 763ce3 to another location.
Please Help !!
thanx

If you look at the raw opcodes you will either find an offset or a virtual address for the jump. Simply patch this one to your liking.


Btw, I think one of the other forums are better suited for this question...

read this tuto --> hxxp://www.learn2crack.com/218.zip

explain how to change jumps for P-code , long jmp in pcode are 1E

please read and post any comments about

regards!

Hi Delta, you wrote:
>If you look at the raw opcodes you will either find an offset or a virtual address for the jump. Simply patch this one to your liking.

This doesn't work . There's no jump to patch.

Hi Crk
I know this tut , but there's only explained to jump inside a proc.
I need to jump from one procedure to another (far Jump) , and i don't think that i can use branch ( 1E) for it.

thanx guys!

as josephco Explains -->>

"Here I need to explain how jumps work in pcode. The beginning of the procedure is the BASE of all jump operations. Lets say you have 0x1C 0x02 0x00 in this procedure. 0x1C = Branch if False, and 0x0002 is the distance from the start of the procedure to jump... NOT the distance from the current location (unlike ASM). So when we want to make our own jumps, we need to calculate the distance to jump ourselves (which isn't very hard). We just take the destination and stubract the starting point from it.. and we get our distance
1C = BranchF
1D = BranchT
1E = Branch"

P-code is the same everywhere.. maybe you're missing something?? isn't this telling you how to do it?

Regards

Brainstorm:

Here's a copy of the response I posted in the other current thread about P-Code.

Learning how to search IS one of the most important functions of reverse engineering. In a folder labeled P-Code on my HD, I have a small program called JumpGen, which appears to generate a P-Code jump instruction from one address to another. I've never used it, so I can't confirm if it works or if it will do what you want. Search for "jumpgen.exe" on the net. If you can't find it after some searching on your own, I'll attach it here.

Regards,

Hi JMI
i know this program called Jumpgen, but you can only calculate near jumps
like brancht, branchf and so on , but i like to jump from one proc to another
and l read a lot of p-code tuts , but theres no answer to MY question.
I played around with wktdbg but i don't understand the function:
763CE3: 0a ImpAdCallFPR4: 575738
I changed the bytes after the 0A function , but it screwed up the hole program. So again the question: How to calculate LONG JUMPS !
thanx

ok... now i know what you mean.. but i'm not sure if that is possible in P-code

try this --> hxxp://www.vb-decompiler.com

and see the attached file from some of the P-code instructions/descripcion like ASM way

btw 0A is not a jump .. i think you're wrong by trying to make this a jump
1A is a jump but not 0A

0A is not a jump, it's a call. Think "gosub".

Sarge