My core dump looks like this:
Code:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x080e983d in ?? ()
(gdb) bt
#0 0x080e983d in ?? ()
#1 0x0808f697 in ?? ()
#2 0x0808fa6f in ?? ()
#3 0x080943e1 in ?? ()
#4 0x08061779 in ?? ()
#5 0x08062451 in ?? ()
#6 0x0806251d in ?? ()
#7 0x080d2b22 in ?? ()
#8 0xb73c5a83 in __libc_start_main (main=0x80d2990, argc=12, argv=0xbfc54ac4,
init=0x8049b90, fini=0x8139b50, rtld_fini=0xb7760180 <_dl_fini>,
stack_end=0xbfc54abc) at libc-start.c:287
#9 0x0804a4d1 in ?? ()
Address 0x080e983d belongs to this function:
PHP Code:
int __cdecl sub_80E97F0(int a1, int a2)
{
int v3; // [sp+Ch] [bp-Ch]@5
char v4; // [sp+17h] [bp-1h]@1
v4 = 1;
if ( !(unsigned __int8)sub_80E9758(a2) )
v4 = 0;
if ( !(unsigned __int8)sub_80D9E84(a1 + 1348, a2) )
v4 = 0;
v3 = sub_80E9270(a2);
if ( !*(_DWORD *)(v3 + 132)
&& *(_BYTE *)(a1 + 1365) != a2
&& *(_BYTE *)(a1 + 1366) != a2
&& *(_DWORD *)(v3 + 876) != a2 )
{
v4 = 0;
}
return (unsigned __int8)v4;
}
The problem seems to be in an IF statement as it's right after calling the sub_80E9270 function. Who knows, maybe this function doesn't return anything to v3 variable.
Code:
.text:080E9832 call sub_80E9270
.text:080E9837 mov [ebp+var_C], eax
.text:080E983A mov eax, [ebp+var_C]
.text:080E983D cmp dword ptr [eax+84h], 0 //HERE
.text:080E9844 jnz short loc_80E987C
.text:080E9846 mov eax, [ebp+var_C]
.text:080E9849 mov eax, [eax+36Ch]
If I want to hook up int __cdecl sub_80E97F0(int a1, int a2) function I should write in libcod address where the function begins?
Code:
.text:080E97F0 sub_80E97F0 proc near ; CODE XREF: sub_808F510+182p
Like this?:
PHP Code:
cracking_hook_call(0x080E97F0, (int)hook_my_Problem);
Then I just would like to know what params contain and v3 variable..
PHP Code:
int hook_my_Problem(int a1, int a2)
{
printf("Param a1 == %i Param a2 == %i \n", a1, a2);
hook_my_Problem->unhook();
}
How can I hook right after the call of sub_80E9270 to just print v3 variable?
Something like this?
PHP Code:
int hook_my_Problem(int a1, int a2)
{
printf("Param a1 == %i Param a2 == %i \n", a1, a2);
hook_my_Problem->unhook();
int v3;
void (*sig)(int a1, itn a2);
*(int *)&sig = 0x080E9832; //the sub_80E9270 call
sig(a1, a2);
hook_my_Problem->hook();
v3 = sub_80E9270(a2);
printf("Param V3 == %i \n", v3);
hook_my_Problem->unhook();
}
Btw. Should this function be void as it returns nothing? If so should I change aslo cracking_hook_call(0x080E97F0, (int)hook_my_Problem); to (viod)hook_my_Problem?
Thanks for your help!