Debugging Toolbox

Oh... my... GOD!!!! :D

Ok, maybe I'm overreacting, maybe some of the readers of this Blog are so "bit brushers" that may not be as impressed as I am, but it's worth mentioning that we're talking about just ONE LINE OF CODE!!!! :O

This is not the first time I see it: about two years ago, I had the great priviledge of attending a course delivered by him... we were on one of those labs that nobody wants to do, so he decided to show us some tricks: he created "on the fly" a small C# program with a hard-coded string and got to retrieve the string using disassembly... amazing!!!

Congratulations, Farah!!! Keep the excellent quality of the Blog, both here and on LATAM!!!

[]'s

Emilio

This is really cool. It motivates me to go back and start debugging again and learn more about assembly.

I am also glad to say that I had the opportunity to work with Roberto at Microsoft and the guy rocks.

He even has a binary clock in his cube. That is right. This guy will tell you the time in binary :-)

Congrats Farah! Keep doing the great work you always do.

João

Ok, this was was so great you deserve it...

Man, you are the alpha geek of our social circle.

Now, to beat you in coolness, I'll have to find a clever way to cheat on Halo using only sticks ands stones

Good to hear from you!

Regards.

It'd be great if you could give us list of books sitting on your bookshelf.

I get memory access denied on Windows Vista. Is there something you have to do to have this work on Windows Vista?

Hi Chris, sorry for the late answer.

Yes, on Vista you need to enable things.

Check this out:

How to create a user-mode process dump file in Windows Vista

http://support.microsoft.com/kb/931673/en-us

However, keep in mind this script is not going to work on Minesweeper running in other OS other than Windows XP SP2. This happens because I change the binary code in memory. It's like a surgery. :)

There are circumstances where taking a dump is not possible or simply not convenient; imagine a situation

There are circumstances where taking a dump is not possible or simply not convenient; imagine a situation

Very cool.

Try the !peb command to see what $peb is about.

poi(@$peb+0x8)is this:

ImageBaseAddress:         01000000

eb poi(@$peb+0x8)+0x36fa c6 00 8a

Changes this instruction:

or      byte ptr [eax],80h

to this:

mov     byte ptr [eax],8Ah

Try:

eb poi(@$peb+0x8)+0x36fa c6 00 8d

It saves you from doing all the right clicks on the mines.

I meant to say:

eb poi(@$peb+0x8)+0x36fa c6 00 8e

to mark all mines with flags automatically.

I haven't tested it yet, but it seems to be pretty cool! :)

Thanks for posting.

Thanks for the view behind the scenes, I've been playing around with winmine some more.

It looks like the playing board is at "winmine!rgBlk+20" if you want to edit the playing board directly.  Just minimize and restore to make it redraw.  You need the symbols for that I think.

Bits [3..0] decide the picture:

1-8 - draws 1 - 8

9   - question mark, depressed

a   - mine

b   - X'ed mine

c   - red bkgd mine. (game over one)

d   - question mark

e   - flag

f   - blank tile

Then the upper bits modify the tile:

10h  - start or end or no draw

40h  - clicked / cleared tile

80h  - this bit indicates a mine is under that tile.

Each row uses 32 bytes, regardless of how wide it is, and starts and ends with 10h.

I must tell you I've never expected this post was going to be so viewed. I just read your comment and I have just one thing to say:  Wow!!! :)

For one of my future articles I was planning to reuse Minesweeper, but based on your comment and others above I don't think it's going to have the fun factor anymore. ;-)

You guys decoded it!

Maybe do something on debug extensions?

I made up one to generate characters on the board with mines. Check it out here:

http://www.youtube.com/watch?v=sVEns2Nv5D8

Anyway, that was a lot of fun hacking around with minesweeper thanks to one line.

Wow! :) I loved this video! Really! I do agree with you, too, this is a lot of fun! :)