Injecting code
Sometimes you'll need to add code to an existing sub in Magic.exe. The trouble is that since Magic.exe is just assembly code, we can't insert lines of code without breaking everything.
Instead, we need to inject code. Let's take this code as an example:
004352D6 53 PUSH EBX 004352D7 56 PUSH ESI 004352D8 8B45 08 MOV EAX,[DWORD SS:EBP+8] 004352DB 8B4D 0C MOV ECX,[DWORD SS:EBP+C] 004352DE E8 9DC7FCFF CALL Magic.00401A80 004352E3 8975 EC MOV [DWORD SS:EBP-14],ESI 004352E6 833D 48A56000 00 CMP [DWORD DS:60A548],0 004352ED 74 05 JE SHORT Magic.004352F4 004352EF E8 8C090000 CALL Magic.00435C80 004352F4 8B45 08 MOV EAX,[DWORD SS:EBP+8] 004352F7 A3 848C7300 MOV [DWORD DS:738C84],EAX
Let's say we want to add in some new code right after the call to Magic.00435C80. First, you need to know an address that is empty, so you can add new code there. For this example, assume that 00440000 is empty.
Cut out enough code in the original sub so that you can add a jmp to your new section. So I will replace
004352EF E8 8C090000 CALL Magic.00435C80
with
004352EF E8 8C090000 JMP 00440000
Then, at our empty spot, I will re-add the deleted code. Also, I will add a jump back to where the original code left off.
00440000 E8 8C090000 CALL Magic.00435C80 00440004 E8 8C090000 JMP 004352F4
If you test your code now, it should still work exactly as it did before. Now, all you need to do it add your own new code between the CALL and the JMP. (That is to say, you'll move the JMP to the end of your inserted code).
00440000 E8 8C090000 CALL Magic.00435C80 ..... whatever code you added 00440054 E8 8C090000 JMP 004352F4
One final trick: If you don't want to bother writing all your new code in ASM, just write it in C. Update ManalinkEh.asm to point to whatever new C function you have written, and note the memory address for that code. Then, in your injected code, just call your C function!
Navigation
Toolbox
Our Partners
