Last time we saw how placemines will only execute some code chunk if the difference between the square that is being processed and the square we’re you’ve clicked is bigger than 1 or lower than -1 for the x_axis or the y_axis. Continue reading
Here we are again.
Now let’s proceed to the fun part of place mines. Remember that we were at the new method and it allocated 16 bytes?
Well, we can only wonder what will this method do with 16 bytes but there isn’t many things you do with a heap address.
How many times have you ever allocated 4 integers in the heap at the same time?
Really, this smells like a structure but as i said, we can only wonder by now. Let’s see what the disassembly has to tell us: Continue reading
First things first.
We are gonna statically analyze the method without actually stepping any further.
The method begins saving some registers and making room for two local variables.(remember that anything said is based upon what we know by now but it can change during the analysis)
It then proceeds to call to methods(GetRandomSeed and SetRandomSeed)
Let’s move on with our analysis.Now that we’ve gathered some info we’ll have to delve a bit deeper into placemines than before.Yet, we still need somemore overall info about the method we are analysing.
Firstly, we know by now that our method receives 2 parameters(X and Y of where you’ve clicked) and passes a “this” pointer thoughout ecx.
We can prototype it this way:
thiscall placemines(int x_axis, int y_axis)
When we are debugging a crash, some resource leak or even a memory corruption; we ever know where to begin.
If it’s a crash, well then you have an exception and the application’s flow is paused right on the faulty instruction.
If it’s a memory leak for example, you know that the size of the allocation will most likely be the same for the memory leaked and then you can pinpoint it correctly.
But our objective here is to find where the mines are, how to manipulate them in order to make the game not losable and then develop our own applications to automate this process using the most variated methods.
