Hi Jan, I could use jmps to redirect the execution flow to a region with enough nops inside a .text segment like you said and I know that this could solve my problem. However I have to add instructions in certain places among a .text segment, where there isn't nops to help.
I think that your another approach about using .data segment is similar to "Phrack 66: manual binary mangling with radare" mentioned before. but I really need to add an instruction in some specific places in a .text segment. thanks for your contribution Best Regards Rafael de Oliveira Costa, M.Sc. Student PPGI - UFRJ Rio de Janeiro, RJ, Brazil http://www.labnet.nce.ufrj.br "If the doors of perception were cleansed every thing would appear to man as it is, infinite", William Blake On Mon, Jan 9, 2012 at 4:46 PM, Jan Lieven <[email protected]> wrote: > On Mon, 9 Jan 2012 19:41:16 +0100 > Jan Lieven <[email protected]> wrote: > > > ; function to patch is here > > push ebp > > mov ebp, esp > > ; some code > > mov eax, 4; replace this with jmp -8 > I made a small mistake here. You'll have to adjust the negative offset > according to the function. Also a short jump has a maximum range of 128 > byte. If you need to jump more than that you need a near or far jump, > of course. > > _______________________________________________ > radare mailing list > [email protected] > http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org > >
_______________________________________________ radare mailing list [email protected] http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
