|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
jgoemat Master Cheater Reputation: 22
Joined: 25 Sep 2011 Posts: 252
|
Posted: Tue Aug 07, 2012 2:14 pm Post subject: Using aobscan for injection addresses |
|
|
I see that most people hard-code their addresses, is there a reason to do that rather than use AOBSCAN to find the code? For example, hard-coding addresses would be like this:
Code: | [ENABLE]
ShippingPC-Bzb2Game.exe+49094:
nop
nop
[DISABLE]
ShippingPC-Bzb2Game.exe+49094:
db 89 01 |
Using aobscan would keep most trainers working with most updates to the game, and make it easier for someone to fix the trainer themselves if an update broke it.
Code: | [ENABLE]
{ CODE TO REPLACE:
ShippingPC-Bzb2Game.exe+49090 - 8B 4C 24 10 - mov ecx,[esp+10]
ShippingPC-Bzb2Game.exe+49094 - 89 01 - mov [ecx],eax << CODE
ShippingPC-Bzb2Game.exe+49096 - 83 C4 08 - add esp,08
ShippingPC-Bzb2Game.exe+49099 - C2 0800 - ret 0008
ShippingPC-Bzb2Game.exe+4909C - 8B 54 24 10 - mov edx,[esp+10]
}
// skip 4 to get mov [ecx],eax
AOBSCAN(Cheat1_AOB, 8b 4c 24 10 89 01 83 c4 08 c2 08 00 8b 54 24 10)
label(Cheat1_Replace)
registersymbol(Cheat1_Replace)
Cheat1_AOB+4:
Cheat1_Replace:
nop
nop
Cheat1_Return:
[DISABLE]
Cheat1_Replace:
db 89 01
unregistersymbol(Cheat1_Replace) |
If the Array of Bytes isn't found, there is a several second delay when trying to enable the script and it fails, but it would fail if the code changed anyway.
I always scan for my array of bytes (don't forget to mark 'CopyOnWrite' to search executable code) and make sure it only occurs once. If there are call statements or hard-coded addresses, replace them with ?? to ignore them in the scan:
Code: | {
ShippingPC-Bzb2Game.exe+49066 - 89 46 18 - mov [esi+18],eax
ShippingPC-Bzb2Game.exe+49069 - FF 15 C48EC401 - call dword ptr [ShippingPC-Bzb2Game.exe+1848EC4]
ShippingPC-Bzb2Game.exe+4906F - 8B 44 24 04 - mov eax,[esp+04]
}
// ignore hard-coded address
aobscan(AOBAddress1,89 46 18 ff 15 ?? ?? ?? ?? 8b 44 24 04) |
While I'm on the subject, is there a reason I can't register Cheat1_AOB as a symbol instead of having to create a new label and register it?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Tue Aug 07, 2012 2:21 pm Post subject: |
|
|
People don't use it because they find it too difficult(wildcard parts confuse them),or are just lazy
As for the labek thing, that is because aobscan sets a define/const instead of a label, and registersymbol demands an alloc label
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
DaSpamer Grandmaster Cheater Supreme Reputation: 52
Joined: 13 Sep 2011 Posts: 1578
|
Posted: Mon Sep 24, 2012 11:56 am Post subject: |
|
|
I use aobscan only
I hack flash games only (facebook, online MMO and etc.)
So hacking with adresses is impossible when playing flashplayer.
Example of coin hack in facebook for Zombie Lane:
Code: | [ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
label(timelabel)
registersymbol(timelabel)
aobscan(aobtime,0F 8E ?? ?? ?? ?? BB 01 00 00 00 66 0F 57 C9 F2 0F 2A CB F2 0F 58 C1 66 0F D6 47 58)
newmem:
nop
originalcode:
//jng 0A67BC75 <=== this is random adresses.. idk why I put it
exit:
jmp returnhere
aobtime:
timelabel:
jmp newmem
nop
returnhere:
[DISABLE] |
_________________
|
|
Back to top |
|
|
shadel Advanced Cheater Reputation: 0
Joined: 19 May 2010 Posts: 52
|
Posted: Fri Nov 16, 2012 10:10 am Post subject: |
|
|
When I use aobscan, I use it this way to keep a label on that address :
label (myaddress)
registersymbol (myaddress)
aobscan (scan, xx xx xx)
scan:
myaddress:
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|