lookup main function

Create a c Language program printing helloworld

Generate exe Copy to the desktop

Use ollydbg Analyze

Carry out the procedure , Then right click to find - All reference text strings

You can see there is a helloworld

Click in and you'll find

The second method
Running the program has been f8, Here, red f7 To follow up

Follow up later , Continue to step down , Find out 3 individual push1 individual call, complete main The function features 3 Parameters , So see 3 individual push1 individual call You can mark follow-up

Find out main function

release The version main function is usually near the top , Looking up, you can also find

You can also use ida Automatic analysis

Modify the program

Use the program just now to find main function , Copy this memory address

Find the memory address here in the window below

Right click binary - edit

In memory helloworld Change it to 111

Execute to printf Found to have been modified

Modify the memory address
Still jump to this step

Modify one of the following addresses

Modify the memory address pointed to , Found that the value has changed

Step into execution , Modification successful