Code Cave Finder [Archive] - GameDeception - A Development Site for Reverse Engineering

jLn

11-30-2005, 02:55 PM

well, this little tool finds code caves (a list of NOPs) inside running processes.
you can use those code caves for direct code injection, which offers you plenty of possibilities.
i made a handy gui for it that is easy to understand.
if you want more information: just download the small file and read the readme! :)

panzer

11-30-2005, 03:01 PM

this is one nifty tool. very nice work, i also like the look of it :)

h1web

12-01-2005, 07:06 AM

this is one nifty tool. very nice work, i also like the look of it :)
same, works fine as i told you already :p

codingisfun

12-01-2005, 01:12 PM

very nice and useful tool, but i have a suggestion, have a popup menu on the nop/address list with "Copy address to clipboard" or something of the sort so i don't have to write them out :D

Absolution

12-01-2005, 01:28 PM

woulod you please upload this to the forum instead of using an external link?

sp0rky

12-01-2005, 01:39 PM

woulod you please upload this to the forum instead of using an external link?

Since you're too lazy :P I went ahead and dled the file and attached it myself.

Nice work too jLn.

jLn

12-01-2005, 06:37 PM

thx for the replies!
i reuploaded a newer version with clipboard copying ability ^^

EDIT: i uploaded it again and added a sorting function for the cave sizes

KidBuu

12-04-2005, 08:20 AM

what happen to link? im sorry i don see it

jLn

12-04-2005, 10:21 PM

i readded the attachment - dont know what happened to it :)

A3dWhore

02-15-2006, 02:55 AM

Interesting stuff, nice tool. I thought that code caves were generally sections of 00h's though (as opposed to NOPs being 90h.)

I'm totally noob though.

Absolution

02-15-2006, 12:42 PM

Since you're too lazy :P I went ahead and dled the file and attached it myself.

Nice work too jLn.
ass lol :dog: :banana:

PizzaPan

02-15-2006, 01:57 PM

nice job jln comes in handy now and then.

amattesen

04-18-2006, 03:03 PM

I cant figure out how to use the program to uncode my .dll

bobbysing

04-21-2006, 01:28 PM

I cant figure out how to use the program to uncode my .dll
this program is not made to "uncode" your dll

Cyph

09-21-2007, 12:46 PM

Release the code? (:

ViceVirtue

09-21-2007, 03:49 PM

The code should be relatively simple to recreate, you need to follow the PE header until you find the section which the OEP lies in, then search that whole section for a series of at least X 0x00 (blank, most likely a cave) or 0x90(nop, but not necessarily a cave) or 0xCC (INT3, a sequence of these is most definitely a cave, but you will likely only find int3 in executables compiled for debugging) or something similar