| View previous topic :: View next topic |
| Author |
Message |
blackmorpheus
Expert Cheater
![]() Reputation: 0
Joined: 05 Apr 2008
Posts: 159
|
 Posted: Thu Jan 15, 2009 12:34 pm Post subject: Reading value of EAX |
 |
|
Hi, im trying to read some value of EAX
This is my Detour function:
This is what the memory looks like at 0x004C4EC2:
MOV DWORD PTR DS:[ESI+19C],EAX // Value of EAX to be read.
| Code: | | InstallCallback((LPVOID)0x004C4EC2, readEAX, 5); |
this is my readEAX:
| Code: | __declspec(naked) void EAX(void)
{
__asm
{
MOV DWORD PTR DS:[ESI+0x19C],EAX
MOV DWORD PTR DS:[0xDEADBEEF],EAX
retn
}
}
|
And now i try to read the value from DEADBEEF:
int Visible = *(int *)(*(DWORD*)(0xDEADBEEF)+ 0x00); yeah i know, this sucks but I don't know how to read it without the 0x00.
The problem is, it already crashes on this part..
MOV DWORD PTR DS:[ESI+0x19C],EAX
MOV DWORD PTR DS:[0xDEADBEEF],EAX
Can anyone help me out, or find a better way to read the EAX..
|
|
| Back to top |
|
 |
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Thu Jan 15, 2009 1:22 pm Post subject: |
|
|
DWORD val;
__declspec(naked) void EAX(void)
{
__asm
{
mov [val],eax
MOV DWORD PTR DS:[ESI+0x19C],EAX
retn
}
}
??
|
|
| Back to top |
|
|
blackmorpheus
Expert Cheater
![]() Reputation: 0
Joined: 05 Apr 2008
Posts: 159
|
| Posted: Thu Jan 15, 2009 2:05 pm Post subject: |
|
|
| Yeah should work... But the game still crashes.
|
|
| Back to top |
|
|
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Thu Jan 15, 2009 2:31 pm Post subject: |
|
|
| IDK, try writing a codecave instead of a callback.
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Fri Jan 16, 2009 3:03 pm Post subject: |
|
|
| Set a hardware BP the when it trips the bp just use getthreadcontext and read eax there. (Assuming that the game is not protected and Getthreadcontext is not hooked)
|
|
| Back to top |
|
|
rapion124
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Mar 2007
Posts: 1095
|
| Posted: Fri Jan 16, 2009 6:26 pm Post subject: |
|
|
[0xDEADBEEF] is not a valid address, so you generate an unhandled exception when trying to write to it. Don't use a global variable because it will cause memory corruption if the game is multi-threaded. What I do is
| Code: |
__asm
{
mov dword ptr [esi+0x19C], eax
push eax
call FunctionToDoSomething //function must use __stdcall
retn
}
|
|
|
| Back to top |
|
|
slippppppppp
Grandmaster Cheater
 Reputation: 0
Joined: 08 Aug 2006
Posts: 929
|
| Posted: Fri Jan 16, 2009 8:41 pm Post subject: |
|
|
| Code: |
DWORD Address = ;
int EaxValue = NULL;
void _declspec(naked) __stdcall GetEaxValue()
{
__asm
{
mov EaxValue, [eax]
jmp dword ptr[Address]
}
}
void EditAddr() {
*(BYTE*)Address = 0xE9;
*(DWORD*)(Address+1) = (int)( ( (int)GetEaxValue - (int)Address) - 5);
} |
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
