Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Array of byte problem

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496

PostPosted: Thu Jan 03, 2008 9:17 am    Post subject: Array of byte problem Reply with quote

Hey guys,

Well I've the next problem and I really can't get it to work.
Well here's the script I want to write in delphi:
Code:
alloc(speed, 128)
label(exit)

00438861:
jmp speed
db 90 90 90
exit:
 
speed:
mov eax,0
mov [ebp+0c],eax
cmp dword ptr [ebx+000002d8],00
je 0043887b
mov eax,[ebp-24]
jmp 00438869


My problem is: Writing on the allocated memory.
First I ticked the script with CE and went to the just-allocated memory:

So I copied the array of bytes out of it:

Code:
  SpeedAllc1: Array [0..15] of Byte =($B8, $00, $00, $00, $00, $89, $45, $0C, $83, $BB, $D8, $02, $00, $00, $00, $0F);
  SpeedAllc2: Array [0..15] of Byte =($89, $45, $0C, $83, $BB, $D8, $02, $00, $00, $00, $0F, $84, $66, $88, $65, $C3);
  SpeedAllc3: Array [0..15] of Byte =($83, $BB, $D8, $02, $00, $00, $00, $0F, $84, $66, $88, $65, $C3, $8B, $45, $DC);
  SpeedAllc4: Array [0..15] of Byte =($0F, $84, $66, $88, $CA, $C7, $8B, $45, $DC, $E9, $4C, $88, $CA, $C7, $00, $00);
  SpeedAllc5: Array [0..7] of Byte =($8B, $45, $DC, $E9, $4C, $88, $65, $C3);
  SpeedAllc6: Array [0..15] of Byte =($E9, $4C, $88, $CA, $C7, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00);


Then I wrote it on it:
Code:
        Speed := VirtualAllocEx(HandleWindow, nil, $512, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE);
        WriteProcessMemory(HandleWindow,  Speed, @SpeedAllc1, 5, Write);
        WriteProcessMemory(HandleWindow,  ptr(integer(Speed)+5), @SpeedAllc2, 3, Write);
        WriteProcessMemory(HandleWindow,  ptr(integer(Speed)+8), @SpeedAllc3, 7, Write);
        WriteProcessMemory(HandleWindow,  ptr(integer(Speed)+15), @SpeedAllc4, 6, Write);
        WriteProcessMemory(HandleWindow,  ptr(integer(Speed)+21), @SpeedAllc5, 3, Write);
        WriteProcessMemory(HandleWindow,  ptr(integer(Speed)+24), @SpeedAllc6, 5, Write);


But it writes this on it:


I don't know why it doesn't write the right.
What did I do wrong?
Back to top
View user's profile Send private message
appalsap
Moderator
Reputation: 0

Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan

PostPosted: Thu Jan 03, 2008 10:10 am    Post subject: Reply with quote

because jumps are relative to the location you allocate to, you cannot statically copy the bytes and alloc to a different location, expecting it to be the same
_________________
Back to top
View user's profile Send private message
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496

PostPosted: Thu Jan 03, 2008 10:47 am    Post subject: Reply with quote

ummm okay Smile thanks.
How should I do it then? Is there something which can translate ASM-codes to array of bytes or something else what I can inject with WPM?
Back to top
View user's profile Send private message
--Pillboi--
Grandmaster Cheater Supreme
Reputation: 0

Joined: 06 Mar 2007
Posts: 1383
Location: I don't understand the question. Is this a 1 to 10 thing?

PostPosted: Thu Jan 03, 2008 11:52 am    Post subject: Reply with quote

Credits to samuri25404
_________________

Enter darkness, leave the light, Here be nightmare, here be fright...
Earth and Water, Fire and Air. Prepare to meet a creature rare.
Enter now if you dare, Enter now the dragon's lair.
Back to top
View user's profile Send private message
samuri25404
Grandmaster Cheater
Reputation: 7

Joined: 04 May 2007
Posts: 955
Location: Why do you care?

PostPosted: Thu Jan 03, 2008 12:35 pm    Post subject: Reply with quote

Unfortunately, that's managed code--I'm not sure if it's gonna work in Delphi or not.

Wiccaan said he might take a shot at converting it to C++.

_________________
Wiccaan wrote:

Oh jeez, watchout I'm a bias person! Locked.


Auto Assembly Tuts:
In Depth Tutorial on AA
Extended
Back to top
View user's profile Send private message
Symbol
I'm a spammer
Reputation: 0

Joined: 18 Apr 2007
Posts: 5094
Location: Israel.

PostPosted: Thu Jan 03, 2008 12:51 pm    Post subject: Reply with quote

There are formulas... I don't remember reversed far jump, I think short jump (forward) is Address + 2 + Bytes_To_Jump, far is Address + 6 + Bytes_To_Jump, as for short reversed I think its Address + 2 + Bytes_To_Jump_After_NOTing

For example, NOT:
11110000
________
00001111

When you use Bla.Enabled = !Bla.Enable you actually "not" the bits and the result is opposite.
for far reversed its probably the same but +6, nothing google can't solve.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25956
Location: The netherlands

PostPosted: Thu Jan 03, 2008 2:40 pm    Post subject: Reply with quote

addresstojumpto-addressafterthejmpinstruction

fix: (before the write)
Code:

pdword(@speedAllc4[2])^:=$0043887b -(integer(Speed)+15+6); //+6 because instruction is 6 long
pdword(@speedAllc6[1])^:=$00438869-(integer(Speed)+24+5); //+5 because instruction is 5 long

_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496

PostPosted: Thu Jan 03, 2008 9:11 pm    Post subject: Reply with quote

Ohh damn. Darky you're the best Smile
Thanks 1000x times!
Back to top
View user's profile Send private message
samuri25404
Grandmaster Cheater
Reputation: 7

Joined: 04 May 2007
Posts: 955
Location: Why do you care?

PostPosted: Thu Jan 03, 2008 9:35 pm    Post subject: Reply with quote

Lol

Darky?

_________________
Wiccaan wrote:

Oh jeez, watchout I'm a bias person! Locked.


Auto Assembly Tuts:
In Depth Tutorial on AA
Extended
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites