
- What is CaveWriter?
- Before you run cavewriter...
- How does it work?
- About peview.dll
- About olly.dll
- Disclaimer
- Why VB ?!


Author: dzzie@yahoo.com
Site:   http://sandsprite.com
-------------------------------------------

What is CaveWriter?
----------------------
CaveWriter is a quick utility i made from some bits of code
i have laying about.

It HELPS you add small (simple) asm patchs to compiled binaries.


Before you run cavewriter...
-----------------------------
Make sure you register peview.dll. It is an activex dll and has to be 
registered with regsvr32.exe.

To use it..i assume a couple things..like..you have to know what a cave
it, how to find one, how to get the virutal address of one to embed at...
how to write a useful asm block to embed and other stuff.


How does it work?
----------------------

Drag and drop your target into file textbox. It will load
all of the available APIs from the import table into the 
treeview for your use.

Now, enter a safe place to embed your patch to..ie..the cave..
Hit the tab key and it will validate your embedAt address.

If it is valid (> imagebase) then it will enable the assemble
button so you can enter your patch asm.

A couple notes....

The assembler cannot handle forward declared labels

call here
here:

will not work...you have to use call $+5 for this effect.

Labels declared before they are used do work.

top_o_loop:
inc edx
ec ecx
jnz top_o_loop

All api calls from the parent exe are available for your use by name.
if you saw MessageBoxA in the treeview..then you could use

call MessageBoxA

and it will be converted during asm to a call[IAT_adderss]
using the targets existing import address table ;)

Api names are not case sensitive.


About peview.dll
------------------------------
The source to the classes of peview are opensource and on my site
in the PeCrypter and PeEditor projects.

I do not release the source in dll form because I do not want to deal
with version compatability conflicts if someone was to change the 
interfaces and recompile it.


About olly.dll
------------------------------
Primary Assembler and Disassembler functionality is provided by olly.dll
which is a modified version of the GPL source from Oleh Yuschuk.
and Copyright (C) 2001

Unaltered copies of his C source code can be downloaded from:
 http://home.t-online.de/home/Ollydbg/

I only modified it to turn it into a DLL Library that was Compatiable
with VB. You can read more and download the modified source here:
 http://sandsprite.com/CodeStuff/olly_dll.html



Disclaimer
------------------------------
I write this tool because I find this to be a technically challenging, interesting
application of some cool software concepts. I release it because i bet there
are plenty others out there who find this stuff just as interesting and would
learn from it without using it to break any laws.

A criminal can use a glass cutter to do a burglery just as a cracker can use
virtually any software tool to commit a crime...

All tools have legitimate purposes until they are misused.


Why VB !?
-------------------------------
Cause it lets me have more toys in less time! :P

