|
|
#3
11-16-2006, 04:49
|
|||
|
|||
|
Hi,
Thanks for your help. I fixed this part as follows: Code:
ParamBlock LABEL WORD
WORD 0
DWORD CmdLine
DWORD DfltFCB,DfltFCB
LoadSSSP DWORD ?
LoadCSIP DWORD ?
Code:
mov bx,SEG ParamBlock ;Loading the Child Process
mov es,bx
mov bx,ParamBlock
lds dx,PgmName
mov al,01h
mov ah,4bh
int 21h
mov es,WORD PTR cs:[LoadCSIP] ;Trying to change the twentieth Byte in
mov si,20h ;the second program
mov BYTE PTR es:[si],'$'
mov ss,WORD PTR cs:[LoadSSSP] ;Trying to go to the second program and
mov sp,WORD PTR cs:[LoadSSSP]+2 ;executing it
jmp DWORD PTR cs:[LoadCSIP]
mov ah,4ch
int 21h
I have some questions to be able to understand the concept. When the second program is loaded,where is it located? Is it right after the stack segment of the first program? If it's so,I should be able to search in the memory for the bytes I want. But I need an algo to search in memory. ss of the parent program is the last segment wihch I should use and add sp to it to get the last address in the memory. After this address normally the first segment of the child program should be loaded. How can I code an algo to search in this area? Also what is the last address in the memory? I mean how far shall I do search in memory to find the desired bytes. Is there any way to use SCASB instruction to find the place in memory? In fact,let me know what should be put in ES: DI and AL and CX to be able to use SCAS instruction. Regards, Zest. 
|
|
|
Threaded Mode