Got a question about findjmp, was gonna reply in that forum but only moderators allowed to I guess.

I try to use findjump2 on for example ntdll.dll from win2000 sp4 looking for say ebx. I end up with 0x341573 for jmp ebx where other sources say it should be 0x77F92A9B for the same file.

Just wondering if I'm missing something :?:

You should do something wrong then because findjmp2 = findjmp , it is just grabbing the pop pop ret addresses in more. The rest of the code is the original one.

where can i download this ?

where can i download this ?

Hi F10, it has been moved to the project tools section there

HeapOverflow Computer Security Community - Project Tools (http://heapoverflow.com/f0rums/projects/)