Menu
i'm totally new to assembly. I am writing a patch for an executable to fix a graphics issue. In particular i need to change the dwExStyle parameter of a window from 0 to 00020000. The hex code of the original instruction is
6A 00 (push 0)
And when i tried to change it to
68 00 00 02 00 (push 00020000)
The executable stopped running, and I get an access violation error . How can I edit the parameter of the push command whithout messing the executable? Thanks in advance
EDIT: whole code executed to call the function:
:0055935D 6A00 push 00000000
:0055935F 56 push esi
:00559360 6A00 push 00000000
:00559362 6A00 push 00000000
:00559364 68F9010000 push 000001F9
:00559369 6886020000 push 00000286
:0055936E 6800000080 push 80000000
:00559373 6800000080 push 80000000
:00559378 6A00 push 00000000
:0055937A 683C565700 push 0057563C |
:0055937F 683C565700 push 0057563C
:00559384 6A00 push 00000000
* Reference To: USER32.CreateWindowExA, Ord:0059h
|
:00559386 FF1574B15600 Call dword ptr [0056B174]
As you can see, the function called is CreateWindowExA from windows API, which should take a dword for the desired parameter (the window style)
547
asked Oct 14 '25 09:10
Inserting more bytes that initially, you moved all instructions from this address to the end of the executable by several bytes and then all jump targets was changed.
Patching an executable is not so easy task and is not for a beginner IMHO.
196
If you have some space left in the binary which is safe to overwrite (look for series of '0x90' no operation instruction) you could write instructions to prepare the arguments and jump back right before the function expecting dwExStyle is called. Or call the function yourself and skip the original function at all. You would replace the first bytes of the function to patch with a 'jump' instruction to your newly inserted instructions.
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
