View previous topic :: View next topic |
Author |
Message |
kaowner Newbie cheater Reputation: 0
Joined: 30 May 2015 Posts: 18
|
Posted: Sat May 30, 2015 8:56 am Post subject: Help With AOB (Address on right zone) |
|
|
Hi, First sorry for my bad english i need some help with AOB.
when i search:
example AOB
2CF497F7 - F3 0F10 05 61000000 - movss xmm0,[2CF49860] : [(float)2.0000]
i need take that address 2CF49860
how can make a script with auto take that address or i cant?
thx for help
PD: the address autochange evrytime when i reload the game but the AOB no.
so any way?
thx again
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Sat May 30, 2015 10:14 am Post subject: |
|
|
You need to create an AOB for F3 0F 10 05 * * * * plus some following bytes to make it unique.
You would then read the integer at that address + 4 (the wildcards).
Add that integer to the base address of the AOB.
Add 8 (size of the instruction) to all of that.
You will now have that dynamic address.
So in your specific example above:
2CF497F7 + 00000061 + 8 = 2CF49860
Some sample code:
Code: | [ENABLE]
{$lua}
autoAssemble([[
aobscan(myaob,F3 0F 10 05 * * * *)
registersymbol(myaob)
]])
local address = getAddress("myaob")
address = address + readInteger(address + 4) + 8
unregisterSymbol("myaob")
registerSymbol("myaob", address) |
|
|
Back to top |
|
|
kaowner Newbie cheater Reputation: 0
Joined: 30 May 2015 Posts: 18
|
Posted: Sat May 30, 2015 11:20 pm Post subject: |
|
|
Thx Zanzer <3
pd: and how can add on enable edit value on the address?
so thx i learn new things
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Sun May 31, 2015 12:28 am Post subject: |
|
|
Manually add a new address to your table, but give it an address of "myaob".
|
|
Back to top |
|
|
kaowner Newbie cheater Reputation: 0
Joined: 30 May 2015 Posts: 18
|
Posted: Sun May 31, 2015 3:47 am Post subject: |
|
|
so no have a way to auto take this address?
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun May 31, 2015 6:15 am Post subject: |
|
|
Zanzer wrote: | You would then read the integer at that address + 4 (the wildcards).
Add that integer to the base address of the AOB.
Add 8 (size of the instruction) to all of that. |
Only if it is EIP-relative (RIP-relative) addressing.
F3 0F 10 /r xx xx xx xx
F3 0F 11 /r xx xx xx xx
in 32bit target, last four bytes are just an address
in 64bit target, last four bytes are an offset.
_________________
|
|
Back to top |
|
|
kaowner Newbie cheater Reputation: 0
Joined: 30 May 2015 Posts: 18
|
Posted: Sun May 31, 2015 2:24 pm Post subject: |
|
|
so anyway to take this address?
2CF497F7 - F3 0F10 05 61000000 - movss xmm0,[2CF49860]
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun May 31, 2015 3:00 pm Post subject: |
|
|
In your case, it is InstructionPointer-Relative.
Use Zanzers' script.
Add his script as AA script:
Code: | [ENABLE]
{$lua}
autoAssemble([[
aobscan(myaob,F3 0F 10 05 * * * *)
registersymbol(myaob)
]])
local address = getAddress("myaob")
address = address + readInteger(address + 4) + 8
unregisterSymbol("myaob")
registerSymbol("myaob", address)
{$asm}
[DISABLE]
unregistersymbol(myaob) |
Enable above AA script.
Add new address to address list, and use myaob.
Or use this script (Zanzer made some shortcuts ):
Code: | [ENABLE]
{$lua}
autoAssemble([[
aobscan(myaob,F3 0F 10 05 * * * *) -- you have to be sure about this aob, make it longer if necessary
registersymbol(myaob)
]])
local address = getAddress("myaob")
unregisterSymbol("myaob")
address = address + readInteger(address + 4) + 8
unregisterSymbol("myAddress")
registerSymbol("myAddress", address)
{$asm}
[DISABLE]
unregistersymbol(myAddress) |
Add new address to address list, and use myAddress.
Just keep in mind above scripts are for this specific instruction, movss xmm0,[XXXXXXXX],
for 64bit targets (game is 64bit)
_________________
|
|
Back to top |
|
|
kaowner Newbie cheater Reputation: 0
Joined: 30 May 2015 Posts: 18
|
Posted: Sun May 31, 2015 9:59 pm Post subject: |
|
|
i have a trouble that bytes have 2 address how i can select the correct address?
|
|
Back to top |
|
|
|