Thread: Finding Bytes

Results 1 to 4 of 4
  1. #1
    halomaster369's Avatar
    Join Date
    Jul 2010
    Gender
    male
    Location
    ae
    Posts
    3
    Reputation
    10
    Thanks
    3

    Finding Bytes

    When I search an address in cshell i dont find it. Im using ollydbg

  2. #2
    merp.'s Avatar
    Join Date
    Aug 2012
    Gender
    male
    Posts
    147
    Reputation
    10
    Thanks
    301
    My Mood
    Bored
    http://screensnapr.com/e/k3Kom7.png
    Look at the image above.

    Let's say the address you're looking for is 0x377A6DA0. (The 2nd address in the picture)
    You see the letters/words next to it? Those are your off-bytes.
    so for 0x377A6DA0, the off-bytes are: F88F7D00. (<- that's 4 bytes long)
    just separate them "properly", like so:
    \xF8\x8F\x7D\x00
    ^
    That's your off bytes! Now usually to find the on-bytes, you just NOP it. (Not always that way though)
    NOP = No Operation, which is \x90.
    Since there are 4 bytes, you would just NOP the 4 bytes to get your on-bytes:
    \x90\x90\x90\x90
    so for 0x377A6DA0
    Off: \xF8\x8F\x7D\x00
    On: \x90\x90\x90\x90

    (The address isn't useful, I just got the pic from a different thread and cropped a few addresses out.)

    Hope you learned something!

  3. The Following User Says Thank You to merp. For This Useful Post:

    halomaster369 (02-10-2013)

  4. #3
    Acea's Avatar
    Join Date
    Oct 2012
    Gender
    female
    Location
    Home of the elks
    Posts
    346
    Reputation
    80
    Thanks
    2,204
    My Mood
    Stressed
    If you aren't finding anything when you search it's a bad dump....
    Try using IDA, it's more new hack user friendly. Load up the dump, hit 'G' and enter your address and you're on your way.

  5. The Following User Says Thank You to Acea For This Useful Post:

    halomaster369 (02-10-2013)

  6. #4
    Shadow`'s Avatar
    Join Date
    Nov 2011
    Gender
    male
    Location
    MN
    Posts
    643
    Reputation
    74
    Thanks
    2,999
    My Mood
    Relaxed
    Look at the "Tips and tricks" section in this thread for finding off bytes manually if that's the method you prefer.
    Currently coding applications in Java and C++.

    "It is change, continuing change, inevitable change, that is the dominant factor in society today. No sensible decision can be made any longer without taking into account not only the world as it is, but the world as it will be." -Isaac Asimov

Similar Threads

  1. Finding bytes
    By CA_ in forum Combat Arms Coding Help & Discussion
    Replies: 11
    Last Post: 07-03-2011, 09:35 PM
  2. Help Finding Bytes
    By PashaAmd in forum Combat Arms Coding Help & Discussion
    Replies: 3
    Last Post: 03-21-2011, 01:34 AM
  3. Finding Bytes
    By Aqollo in forum Combat Arms Coding Help & Discussion
    Replies: 9
    Last Post: 11-07-2010, 02:40 PM
  4. Finding Bytes in OllyDBG
    By -Dimensions- in forum Combat Arms Hack Coding / Programming / Source Code
    Replies: 10
    Last Post: 09-07-2010, 08:38 AM
  5. How to find bytes?
    By ~Stephen in forum Combat Arms Hack Coding / Programming / Source Code
    Replies: 2
    Last Post: 06-01-2010, 02:28 PM