View previous topic :: View next topic |
Author |
Message |
Ice745 Newbie cheater Reputation: 0
Joined: 19 Jul 2005 Posts: 16
|
Posted: Tue Jul 19, 2005 9:30 pm Post subject: Suggestion: Advanced Debugger Commands |
|
|
I had this idea today while trying to make a code. It may be hard so I don't know if it is a good idea or not. If it is possible, it would be great.
Would you be able to add kind of like a script to the op codes in memory. I'm going to make up a game and adresses for this:
Say Gun Game writes to the Pistol Ammo at this address 02AA709 and the Op Code is like 'mov [eax + esi + 4C4]; ebx'
The 'script' instead of just changing them all to no ops, would set a break point at this address. Then the Advanced Users can write something like:
If (esi == 0x123)
{
Skip; //or Similar meaning to just jump to the next code without execing 02AA709
return; //to continue execing the program
}
else if (esi == 0x124)
{
DoInst("mov [eax + esi + 4C4]; 0xFF"); //or similar meaning to do that code, then skip the code at 02AA709
return;
}
Other commands could be like Do("code") where it does codes, but doesn't skip past the current code. Then maybe make variables that you can use in the script that aren't part of the application, for doing math before changing addresses.
Let me know if you think this is a good idea or not. It'll probably be hard and tedious to program, but I think it would be great.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Wed Jul 20, 2005 12:35 am Post subject: |
|
|
sorry about that other post... (a certain filter messed up)
you can already do that if you know some assembler and know the auto assemble script:
example.cta:
Code: | alloc(mycode,2048) //allocate 2kb for code and/or variables
label(esi123)
label(esi124)
label(return)
label(exit)
02AA709:
jmp mycode
return:
nop
nop //count the nops yourself....
mycode:
cmp esi,123
je esi123
cmp esi,124
jne exit
edi123:
//skip, so dont execute the mov instruction
jmp return
edi124:
//modified code (ffffffff instead of ebx)
mov [eax + esi + 4C4], ffffffff
jmp return
exit:
mov [eax + esi + 4C4], ebx //original code
jmp return |
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Ice745 Newbie cheater Reputation: 0
Joined: 19 Jul 2005 Posts: 16
|
Posted: Thu Jul 21, 2005 5:32 pm Post subject: |
|
|
Thanks, I didn't realize that the feature was already in there. Is it also possible to make it modify the EXE file with the code? Like patching the EXE with the CTA instead of the "Replace with code that does nothing list"? I may be missing this feature too if it is even possible.
I also noticed something in Sims 2, that I can't seem to do.
There is a move code, I don't remember exactly, but I do remember the important part, it starts with 66 89 etc etc it looks just like a normal mov code, but it has 66 in front of it. When I put the "mov [eax], ebx" or whatever it was into the Auto Assembler exactly as I saw it in the debugger in its original form, it doesn't put the 66 in front. I read that this has something to do with telling it to switch between 32 and 16 bit or something. I was wondering is there something I can write in the Auto Assembler so it knows to preface the move code with the 66 in memory?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Thu Jul 21, 2005 9:14 pm Post subject: |
|
|
Well, editing the .exe with a cta may be difficulyt, because if the exe is encrypted you wont be able to replace it. (But i'll see what can be done if I have time)
This seems to be a disassembler bug. (there are still some of them, just like the xor bug I recently found in mech4)
the actual command is mov [eax],bx
and if you fill that in it will put in the 66 in front of it
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Ice745 Newbie cheater Reputation: 0
Joined: 19 Jul 2005 Posts: 16
|
Posted: Sat Jul 23, 2005 1:00 pm Post subject: |
|
|
Ok, I am a little confused here, it appears in Cheat Engine as this exactly.
at 007b80a9:
66 89 84 51 52 03 00 00 mov [ecx+edx*2+00000352], eax
C2 0C 00 ret 000c
Should I put in the Auto Assembler
mov [ecx+edx*2+00000352], ax
ret 000c
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Sat Jul 23, 2005 1:54 pm Post subject: |
|
|
yes and no
yes, the instruction should be mov [ecx+edx*2+00000352], ax
but no for the ret 000c (the assembler has a bug that doesnt recognize it)
replace that with db c2 0c 00
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|