Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Detecting callback while steping inside debugee ?

0xFF
0xFF
in Programming and Coding

Featured Replies

Posted

Ummm... i wrote a simple callback project in Delphi just to see how it looks like inside Olly when it goes inside a callback, does it look like this ?

(btw, it's not a normal CALL)

The "Arg 1" is what i'm talking about...

post-42237-0-71854300-1325949272_thumb.j

here's the source code:


unit Unit1;
interface
uses
System.SysUtils, System.Types, System.UITypes, System.Classes, System.Variants,
FMX.Types, FMX.Controls, FMX.Forms, FMX.Dialogs;
type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
procedure myCallback (s: string);
public
{ Public declarations }
end;
type
TCallbackFunction = procedure (s: string) of object;
var
Form1: TForm1;
implementation
{$R *.fmx}
procedure TForm1.myCallback (s: string);
begin
showmessage(s);
end;
procedure cbShowMessage(l: string; callback: TCallbackFunction);
begin
callback(l);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
cbShowMessage('hey', myCallback);
cbShowMessage('****', myCallback);
cbShowMessage('you', myCallback);
cbShowMessage('bitch', myCallback);
end;
end.

I don't know that i would name that a callback, its more of a function wrapper imho. A callback is a function that would be called when an action is performed inside the routine called, for instance a function to update progress or such while (de)compressing data.

But where is the 'detecting' part of this post? You've asked if this is what it would look like in OllyDbg, judging by your screenshot taken from inside OllyDbg i think thats a pretty safe bet that is what it looks like.... o0

HR,

Ghandi

  • Author

I don't know that i would name that a callback, its more of a function wrapper imho. A callback is a function that would be called when an action is performed inside the routine called, for instance a function to update progress or such while (de)compressing data.

But where is the 'detecting' part of this post? You've asked if this is what it would look like in OllyDbg, judging by your screenshot taken from inside OllyDbg i think thats a pretty safe bet that is what it looks like.... o0

HR,

Ghandi

I agree, but think of it as a method that can have multiply references, a wrapper is more of a direct CALL (hardcoded).

I disagree, a wrapper is something that can surround any sort of code/call to simplify access. For instance, instead of implicitly linking against modules which may or may not be on a users PC, i would code a wrapper class which contains typedef for any functions used and in the init function (not class initialization) i would call LoadLibrary and GetProcAddress to get the API addresses which would be saved to a local variable.

Calling this local variable (if loaded ok) would result in a call to the API but there would be nothing hardcoded about it. Your 'callback' is a wrapper around your 'TCallbackFunction'. You're calling the function as the main part of your routine so to me its wrapping the function call.

HR,

Ghandi

Edited by ghandi

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.