Jump to content
  • 0

64bit memory range problem

toanpham6001

Asked by toanpham6001,

 Share

Question

toanpham6001 Explorer

toanpham6001

Posted
Posted

hi guys i am having 64 bit memory range problem

why my memory range is "?" how can i searchNumber when my memory range is "?" , please help me, this is my first time hacking 64 bit, sorry my english is not good

Screenshot_20230412-143944_X8 Sandbox.jpg

11 answers to this question

Recommended Posts

  • 0
CmP Experienced

CmP

Posted
Posted (edited)

This is tagged pointer. There is no problem with it. You misunderstood the post from other topic, you shouldn't edit top byte of the pointer. You only need to remove it for navigating to the address in memory editor tab. For example, value of the pointer at address 0x754799F000 from the video is 0xB4000076B220F9F0, remove "B4" from it and leading zeros to get pointed address 0x76B220F9F0, then go to this address in memory editor tab and region label will be shown.

Edited by CmP
Specified address of the pointer from the video
1
  • 0
toanpham6001 Explorer

toanpham6001

Posted
  • Author
Posted
2 hours ago, CmP said:

Đây là con trỏ được gắn thẻ. Không có vấn đề gì với nó. Bạn đã hiểu sai bài đăng từ chủ đề khác, bạn không nên chỉnh sửa byte trên cùng của con trỏ. Bạn chỉ cần xóa nó để điều hướng đến địa chỉ trong tab trình chỉnh sửa bộ nhớ. Ví dụ: giá trị của con trỏ tại địa chỉ 0x754799F000 từ video là 0xB4000076B220F9F0, hãy xóa "B4" khỏi giá trị đó và các số 0 ở đầu để nhận địa chỉ được chỉ định 0x76B220F9F0, sau đó chuyển đến địa chỉ này trong tab trình chỉnh sửa bộ nhớ và nhãn vùng sẽ được hiển thị.

@cmp thank you i did it, 1 more question can i write such a script?

  • 0
toanpham6001 Explorer

toanpham6001

Posted
  • Author
Posted
1 hour ago, CmP said:

Yes, conversions from/to tagged pointer can be implemented in script. The code to add tag to pointer can be found in this post: 

Need help in script. I don't know if it's possible to do it automatically (#298r5x2m)

And removing tag from tagged pointer can be implemented like the following:  

local ADDRESS_MASK = ~(0xFF << 56)

local function removeTag(pointer)
  return pointer & ADDRESS_MASK
end

great, for example my value is "1" offset is 0x10 how would i script it?

  • 0
CmP Experienced

CmP

Posted
Posted
6 minutes ago, toanpham6001 said:

how would i script it?

Script what? Where is description of what needs to be implemented? Is it searching, is it editing, is it something else? If describing with text is too hard, at least show what script needs to do with a video.

  • 0
toanpham6001 Explorer

toanpham6001

Posted
  • Author
Posted
6 minutes ago, CmP said:

Script what? Where is description of what needs to be implemented? Is it searching, is it editing, is it something else? If describing with text is too hard, at least show what script needs to do with a video.

sorry, maybe my google translate is wrong, i mean for example my value is "123" and offset is 0x10 , how would i write the script?

  • 0
CmP Experienced

CmP

Posted
Posted (edited)

No, Google translate works fine, you just haven't specified what you need to implement in script. You just mentioned: 

6 minutes ago, toanpham6001 said:

my value is "123" and offset is 0x10

but you haven't specified what script needs to do. Search for "123"? Then apply offset? How is this related to tagged pointers?

Again, either describe what script needs to implement with text or show it with video.

Edited by CmP
  • 0
toanpham6001 Explorer

toanpham6001

Posted
  • Author
Posted
12 minutes ago, CmP said:

Không, Google dịch hoạt động tốt, bạn chưa chỉ định những gì bạn cần triển khai trong tập lệnh. Bạn vừa đề cập: 

nhưng bạn chưa chỉ định tập lệnh cần làm gì. Tìm kiếm "123"? Sau đó áp dụng bù đắp? Làm thế nào là điều này liên quan đến con trỏ được gắn thẻ?

Một lần nữa, hãy mô tả tập lệnh nào cần triển khai bằng văn bản hoặc hiển thị tập lệnh đó bằng video.

here bro

https://youtu.be/EO8F-eD-psQ

  • 0
CmP Experienced

CmP

Posted
Posted 
local POINTER_TAG = 0xB4 << 56

local function addTag(pointer)
  return pointer | POINTER_TAG
end

gg.clearResults()
gg.searchNumber("123456789", gg.TYPE_DWORD)
local results = gg.getResults(1)
local address = results[1].address - 0x8 -- applying the offset
local taggedAddress = addTag(address)
gg.clearResults()
gg.searchNumber(taggedAddress, gg.TYPE_QWORD)
1
  • 0
toanpham6001 Explorer

toanpham6001

Posted
  • Author
Posted
15 minutes ago, CmP said: 
local POINTER_TAG = 0xB4 << 56

local function addTag(pointer)
  return pointer | POINTER_TAG
end

gg.clearResults()
gg.searchNumber("123456789", gg.TYPE_DWORD)
local results = gg.getResults(1)
local address = results[1].address - 0x8 -- applying the offset
local taggedAddress = addTag(address)
gg.clearResults()
gg.searchNumber(taggedAddress, gg.TYPE_QWORD)

yes it worked great thank you so much

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to question listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.