Hey all, I've been searching Rohitab, CodeProject and various other sites to figure out how to write OPCodes to a file and cannot figure it out. I thought I'd ask here because it's the only site I have an account on and I usually get my answers here or hints.

I was to basically open a file and write:

MOV EBX 10; Stuff like that.

Or

NOP;

But I'm not sure how to actually write it to a file or how to read it either.

I know in C++ I can do:

int main()
{
   __asm
   {
      push 0;
      push title;
      push caption;
      call MessageBoxA;
   }
}

But I cannot figure out how to actually write that to a file and how to check if a file has stuff like that in it.

Recommended Answers

All 6 Replies

Why not just use the functions that C++ offers?

I'm not sure I understand. Writing to a file is the same no matter the content. In C++ this is accomplished, generally, through std::cout via something like: std::cout << "MOV EBX 10" << std::endl.
Knowing whether a file contains that type of data requires you to parse the file and compare it against a know set of supported opcodes. There is no magic way to query a file for it content.

Is this about knowing whether or not a program has been run before or is this about something else?

Well sorta. I figured out how to tell if it's ran by just writing bytes to the end of the file and checked for it on second run. But this time I actually want to read a file's OP codes..

Like in OllyDBG if I decompile an EXE I can see the OPCodes and understand and modify them. In C++ I want to read an EXE's opcodes and read/write. In the above example, I want to open my EXE and write a messagebox to it or anything really.

An exe doesn't contain opcodes, it contains binary data. What OllyDBG does for you is convert that binary appropriately to readable ASM. If you want to be able to edit EXE files you are going to have to do something very close to the same.

It's not very clear what you are looking for, but here are a few suggestions that might be in the ball-park of what you are looking for:

You can ask the compiler to produce an "assembly listing" (assembly listings are text-form assembly code, like the snippets that you posted) instead of the actual executable or along with it. For GCC, you can follow these instructions. For Visual C++, here are some instructions for that, or with the command-line options.

Otherwise, you can use a disassembler to take the executable and turn it back into assembly listings. This is a bit hardcore, and if you have the source code, you should get the compiler to generate the assembly listing instead of disassembling it.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.