Re: [Tutorial]How to convert ASM script to C++
Posted: Sat Jul 24, 2010 4:47 pm
Oh nevermind i just got it to work. I just had to make it jump to UA return addy wich is UA Addy +5. 
The community that will never stop discussing!
https://xemectrum.guyz92.men/
I look at your other tutorial from http://forums.xemectrum.net/viewtopic.p ... 650#p21651,Nerrazzuri wrote:
Create variables for the address that will be edited in the script.Declare a variable that will hold the bytes when the hack is enabled.Code: Select all
DWORD dwInstantDropAddy = 0x00af0dd0;Declare a variable that will hold the bytes when the hack is disabled.Code: Select all
BYTE Enabledbytes[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};Code: Select all
BYTE Disabledbytes[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x8f, 0x40};
Code: Select all
BYTE Enabledbytes[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};Code: Select all
DWORD dwInstantDropAddy = 0x00af0dd0;Code: Select all
#include "Trainer.h"
BOOL WriteAddress(__in LPVOID lpcvBase, __in LPCVOID lpcvWriteValue, __in size_t uSize)
{
DWORD old_protection = 0;
__try
{
if(VirtualProtect(lpcvBase, uSize, PAGE_READWRITE, &old_protection))
{
memcpy_s(lpcvBase, uSize, lpcvWriteValue, uSize);
VirtualProtect(lpcvBase, uSize, old_protection, &old_protection);
}
else
return FALSE;
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
return FALSE;
}
return TRUE;
}
#define jmp(frm, to) (int)(((int)to - (int)frm) - 5);
DWORD g_dwBook = 0x0095d048, g_dwBooKRet = g_dwBook + 5;
char g_szBookMem[5];
__declspec(naked) void __stdcall MonsterBook()
{
__asm
{
mov eax,5
jmp dword ptr [g_dwBookRet]
}
}
VOID MonsterBookHack(__in BOOL bEnable) // This first line is exact line as in cheats.h.
{
memcpy(g_szBookMem, (void*)g_dwBook, 5);//copy clean memory
if(bEnable)
{
*(BYTE*) g_dwBook = 0xe9; // 0xe9 = jmp
*(DWORD*)(g_dwBook + 1) = jmp(g_dwBook, MonsterBook); // jmp to cave
}
else
{
memcpy( (void*)g_dwBook, g_szBookMem, 5);//copy the original bytes back to the address
}
}static is to tell the compiler that it has a certain address/numbers/string/char for the definition.royalsymbol wrote:I look at your other tutorial from http://forums.xemectrum.net/viewtopic.p ... 650#p21651,Nerrazzuri wrote:
Create variables for the address that will be edited in the script.Declare a variable that will hold the bytes when the hack is enabled.Code: Select all
DWORD dwInstantDropAddy = 0x00af0dd0;Declare a variable that will hold the bytes when the hack is disabled.Code: Select all
BYTE Enabledbytes[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};Code: Select all
BYTE Disabledbytes[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x8f, 0x40};
It has
static infront ofCode: Select all
BYTE Enabledbytes[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
and static infront of,Code: Select all
DWORD dwInstantDropAddy = 0x00af0dd0;
whats the difference whether or not if we put static?
Is this how it looked like if we put it at Trainer.CPP from http://forums.xemectrum.net/viewtopic.p ... 650#p21651 ?
Well, it says 'g_dwBookRet' was undefined.Code: Select all
#include "Trainer.h" BOOL WriteAddress(__in LPVOID lpcvBase, __in LPCVOID lpcvWriteValue, __in size_t uSize) { DWORD old_protection = 0; __try { if(VirtualProtect(lpcvBase, uSize, PAGE_READWRITE, &old_protection)) { memcpy_s(lpcvBase, uSize, lpcvWriteValue, uSize); VirtualProtect(lpcvBase, uSize, old_protection, &old_protection); } else return FALSE; } __except(EXCEPTION_EXECUTE_HANDLER) { return FALSE; } return TRUE; } #define jmp(frm, to) (int)(((int)to - (int)frm) - 5); DWORD g_dwBook = 0x0095d048, g_dwBooKRet = g_dwBook + 5; char g_szBookMem[5]; __declspec(naked) void __stdcall MonsterBook() { __asm { mov eax,5 jmp dword ptr [g_dwBookRet] } } VOID MonsterBookHack(__in BOOL bEnable) // This first line is exact line as in cheats.h. { memcpy(g_szBookMem, (void*)g_dwBook, 5);//copy clean memory if(bEnable) { *(BYTE*) g_dwBook = 0xe9; // 0xe9 = jmp *(DWORD*)(g_dwBook + 1) = jmp(g_dwBook, MonsterBook); // jmp to cave } else { memcpy( (void*)g_dwBook, g_szBookMem, 5);//copy the original bytes back to the address } }
Code: Select all
static BYTE HackAddr[] = { 0x89, 0x86, 0x5C, 0x03, 0x00, 0x00, 0xFF, 0x15, 0xF0, 0x13};
//Address of the hack
static BYTE HackAddr2[] = { 0x89, 0x86, 0x60, 0x03, 0x00, 0x00, 0xE9, 0xE1, 0x01, 0x00};
//Address of the hack
static BYTE HackAddr3[] = { 0xC7, 0x00, 0x01, 0x00, 0x00, 0x00, 0x68, 0x90, 0x01, 0x00};
//Address of the hackit is, but you will have to know how an AoB read works.royalsymbol wrote:ahh.. just a quick question how do we make the address scan the AOB? so it uses AOB to find the address and use it as the address.
Here is what it looks likei know it won't work since i tried it but just to explain on what im sayingCode: Select all
static BYTE HackAddr[] = { 0x89, 0x86, 0x5C, 0x03, 0x00, 0x00, 0xFF, 0x15, 0xF0, 0x13}; //Address of the hack static BYTE HackAddr2[] = { 0x89, 0x86, 0x60, 0x03, 0x00, 0x00, 0xE9, 0xE1, 0x01, 0x00}; //Address of the hack static BYTE HackAddr3[] = { 0xC7, 0x00, 0x01, 0x00, 0x00, 0x00, 0x68, 0x90, 0x01, 0x00}; //Address of the hack
something like this, so it writes AOB to the value of the HackAddr so that we could use AOBS instead of pointers
found it on GZP http://www.gamerzplanet.net/forums/gunz ... -gunz.html
for Delphi..
So now i want to know how do we make HackAddr to read the byte of AOB and take the address automatically?
The reason why i wanted to do this is because in CE, you can scan this AOBs and get the Address, but the address changes everytime, so writing the value of AOBs into the Address, could act as a pointer, if not self-updating hack. very powerful