Finding the offset on stack? Possible?

**Flushie** · 01-27-2011

So you have a variable that is stored on the stack, and you want to find this variable every time the program starts up. Unfortunately, there is no algorithm of finding the variable because the stack is not mapped in the same place that the the PE image is. I was told that thread context could be used, and walking the stack. But what the ****? Isn't it much easier ffs? I mean you have a game, you have say for the sake of conversation a health variable that is stored on the stack, how do I get the address of this variable every time the program starts because RVA-Imagebase isn't cutting it, and it shouldn't be.

**amadmonk** · 01-27-2011

Erm, may I suggest you do a bit more reading on X86 assembly? What you're asking for isn't possible without a stack walk (which is a very fragile operation, and not for the faint of heart) -- and even if it were, it wouldn't help since it would only give you that ONE instance of the value, not some general way to read it.

**schlumpf** · 01-27-2011

But you know that the variable would be present only while the function is called and has not yet returned? You may want to hook that function, I guess. Or modify the function in the binary. Would be way easier anyway.

**Flushie** · 01-28-2011

Amadmonk, maybe you should do a little more reading. "I was told that thread context could be used, and walking the stack." :P.

**amadmonk** · 01-28-2011

You were told wrong.

Shout-Out

User Tag List

Thread: Finding the offset on stack? Possible?

Thread Tools

Search Thread

Finding the offset on stack? Possible?

Similar Threads

[Request]The fastest way actually possible to lvl

Cannot find the files to edit :(

Finding the .blp-files to Striker's Set

How do you find memory offsets in the game?

Find The Flag Carrier In WSG

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino