• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

How To Inject Your Own DLL Using OllyDBG

Neat! I'm confused tho. You push Whatever.dll, the call the LoadLibrary function. Then you push Brobeans string and then you also push EAX and then call the GetProcAddress and also call EAX. That's the part I don't understand. What is inside EAX? The returned handle? How can you call EAX? Can you explain? :p Love these kinds of videos, keep it up :)

EDIT: Oh nevermind I think I got it. You push the Brobeans string and EAX (which is the handle) and then you call getprocaddress and then you do call EAX to call Brobeans. Right? :p
 
Neat! I'm confused tho. You push Whatever.dll, the call the LoadLibrary function. Then you push Brobeans string and then you also push EAX and then call the GetProcAddress and also call EAX. That's the part I don't understand. What is inside EAX? The returned handle? How can you call EAX? Can you explain? :p Love these kinds of videos, keep it up :)

EDIT: Oh nevermind I think I got it. You push the Brobeans string and EAX (which is the handle) and then you call getprocaddress and then you do call EAX to call Brobeans. Right? :p
Most x86 calling conventions use a right-to-left parameter stack order. That means the last argument of a function is pushed onto the stack first, and the first argument is pushed onto the stack last.

LoadLibrary has one parameter, the library filename, so you push the library filename onto the stack then call the LoadLibrary function. If LoadLibrary succeeds, the handle to the DLL module is placed into EAX. GetProcAddress has two parameters, a handle to the DLL module that contains the function you want to get the address of and the name of the function (in that order). So, the name of the function must be pushed onto the stack first followed by the handle to the DLL module, which is stored in EAX from the call to LoadLibrary. If GetProcAddress succeeds, the address of the function is placed into EAX, so EAX can now be called.
 
The tutorial is great, but you should show how to write branch instructions(if statement) in case LoadLibrary or GetProcAddress failed so you will see simple messagebox instead of crash or some other undefined behavior.
 
Back
Top