Streebgreebling
November 24th, 2005, 17:45
Hi,
I am trying to learn the basics of cracking in order to disassemble a program. I need to this to identify certain values in memory.
To give an analogy of what I'm trying to do - say you had a game where your score is 15,172. After you press a button, your score increases to 20,171. I want to be able to identify the differences between the two memory snapshots to find where it's changed 15172 to 20171.
I thought the easiest way to do this would be to snapshot all memory, and compare two points in time.
If I can compare all memory between point A and point B, I can identify what has changed. From that I can work out the location of the memory areas I am interested in, then I can view this whilst executing a program to see what they contain at a given time.
Trouble is, I have no idea where to start. I've loaded OllyDbg but don't really know what I'm doing.
Is there an easy way to dump all memory used by a program (including that used by its DLLs) at two points and compare differences?
Sorry for my noobishness, I will be doing more research soon. But rather learning lots of ASM, I thought there might be a quick way to do this.
Thanks
Arthur
I am trying to learn the basics of cracking in order to disassemble a program. I need to this to identify certain values in memory.
To give an analogy of what I'm trying to do - say you had a game where your score is 15,172. After you press a button, your score increases to 20,171. I want to be able to identify the differences between the two memory snapshots to find where it's changed 15172 to 20171.
I thought the easiest way to do this would be to snapshot all memory, and compare two points in time.
If I can compare all memory between point A and point B, I can identify what has changed. From that I can work out the location of the memory areas I am interested in, then I can view this whilst executing a program to see what they contain at a given time.
Trouble is, I have no idea where to start. I've loaded OllyDbg but don't really know what I'm doing.
Is there an easy way to dump all memory used by a program (including that used by its DLLs) at two points and compare differences?
Sorry for my noobishness, I will be doing more research soon. But rather learning lots of ASM, I thought there might be a quick way to do this.
Thanks
Arthur