| View previous topic :: View next topic |
| Author |
Message |
NanoByte
Expert Cheater
![]() Reputation: 1
Joined: 13 Sep 2013
Posts: 222
|
 Posted: Mon May 19, 2014 9:12 am Post subject: Shared Code ? Cry For Help 3 Geri I know u know the answere! |
 |
|
How can u tell if a piece of code is shared?
is it only shared if it has a offset?
like in this game i'm trying to make fast energi gaining but dont want to just add if its the wrong address and i cant find the offset for the energi i tryed to dissect data struckture but its showing in the 0000 offset
i found the static address of energi and it has a address like this Launch.exe+92AEE0
so i tried this----
| Code: | cmp [esi+92AEE0],ecx //which one do i set the offset to anyway esi or ecx?
jne originalcode
add ecx,#5000
//i can just do "add ecx,#5000" and it works but it might cause crashes if the code is shared with other stuff
originalcode:
mov [esi],ecx // esi contains you current energi and ecx is the new value for the energi
ret 0004 // no clue what this does, ret? explain if u got time :D |
but it = Crash
Last edited by NanoByte on Mon May 19, 2014 2:51 pm; edited 1 time in total |
|
| Back to top |
|
 |
Xblade Of Heaven
Master Cheater
 Reputation: 0
Joined: 16 Oct 2005
Posts: 395
Location: DEAD
|
| Posted: Mon May 19, 2014 9:21 am Post subject: |
|
|
| Code: | mov [esi],ecx
ret 0004 |
few directions they move here?
only 1 or more?
100% sure is a stack and a minimal error, crash guaranted
_________________
Welcome to the Hell.
 |
|
| Back to top |
|
|
NanoByte
Expert Cheater
![]() Reputation: 1
Joined: 13 Sep 2013
Posts: 222
|
| Posted: Mon May 19, 2014 9:24 am Post subject: |
|
|
Sorry man im still newbie dont know what u mean by dirrections?
but it dosent crash if just say
add ecx,#5000
but i dosent seem very smart sense it wil add 5000 to anything the comes through
| Code: | Launch.exe+4D79E1 - 8B 56 04 - mov edx,[esi+04]
Launch.exe+4D79E4 - 2B C8 - sub ecx,eax
Launch.exe+4D79E6 - 0FB6 46 08 - movzx eax,byte ptr [esi+08]
Launch.exe+4D79EA - 8D 9B 00000000 - lea ebx,[ebx+00000000]
Launch.exe+4D79F0 - 3B CA - cmp ecx,edx
Launch.exe+4D79F2 - 7C 05 - jnge Launch.exe+4D79F9
Launch.exe+4D79F4 - 40 - inc eax
Launch.exe+4D79F5 - 2B CA - sub ecx,edx
Launch.exe+4D79F7 - EB F7 - jmp Launch.exe+4D79F0
Launch.exe+4D79F9 - 85 C9 - test ecx,ecx
Launch.exe+4D79FB - 79 05 - jns Launch.exe+4D7A02
Launch.exe+4D79FD - 48 - dec eax
Launch.exe+4D79FE - 03 CA - add ecx,edx
Launch.exe+4D7A00 - EB EE - jmp Launch.exe+4D79F0
Launch.exe+4D7A02 - 8A 56 09 - mov dl,[esi+09]
Launch.exe+4D7A05 - 57 - push edi
Launch.exe+4D7A06 - 0FB6 FA - movzx edi,dl
Launch.exe+4D7A09 - 3B C7 - cmp eax,edi
Launch.exe+4D7A0B - 5F - pop edi
Launch.exe+4D7A0C - 7C 0C - jnge Launch.exe+4D7A1A
Launch.exe+4D7A0E - 88 56 08 - mov [esi+08],dl
Launch.exe+4D7A11 - C7 06 00000000 - mov [esi],00000000
Launch.exe+4D7A17 - C2 0400 - ret 0004
Launch.exe+4D7A1A - 85 C0 - test eax,eax
Launch.exe+4D7A1C - 79 0D - jns Launch.exe+4D7A2B
Launch.exe+4D7A1E - C6 46 08 00 - mov byte ptr [esi+08],00
Launch.exe+4D7A22 - C7 06 00000000 - mov [esi],00000000
Launch.exe+4D7A28 - C2 0400 - ret 0004
Launch.exe+4D7A2B - 88 46 08 - mov [esi+08],al
Launch.exe+4D7A2E - 89 0E - mov [esi],ecx // Over Here
Launch.exe+4D7A30 - C2 0400 - ret 0004
Launch.exe+4D7A33 - CC - int 3
Launch.exe+4D7A34 - CC - int 3
Launch.exe+4D7A35 - CC - int 3
|
|
|
| Back to top |
|
|
Xblade Of Heaven
Master Cheater
Reputation: 0
Joined: 16 Oct 2005
Posts: 395
Location: DEAD
|
| Posted: Mon May 19, 2014 9:33 am Post subject: |
|
|
How can u tell if a piece of code is shared?
easy, shared code = god mode for all:)
is it only shared if it has a offset?
the offset is the same for all, you need find the diference player-enemy and add a comparation for filter the player.
Example
Player ID = 1
Enemy ID = 2
for this use dissect structure/data is very ussefull
| Code: | cmp eax,1
jne _test
GOD MODE CODE HERE
test: |
this code only apply the code when eax is 1
can ou explain me why use ecx,#5000
PD: Using your static address can compare.
| Code: | push eax
mov eax,dword ptr [esi]
test eax,eax
jz test
cmp eax,Launch.exe+92AEE0
jne test
YOUR CODE HERE
test:
pop eax |
_________________
Welcome to the Hell.
|
|
| Back to top |
|
|
NanoByte
Expert Cheater
![]() Reputation: 1
Joined: 13 Sep 2013
Posts: 222
|
| Posted: Mon May 19, 2014 9:47 am Post subject: |
|
|
originalcode:
mov [esi],ecx
once your energi is reached 50.000 it gives u 1x bare so im making a fast energi gain with ---- add ecx#5000
dont know why but this game does this
esi has contain my current energi and ecx the new value so i just add 5000 to the new value before it is exeuted
|
|
| Back to top |
|
|
Xblade Of Heaven
Master Cheater
Reputation: 0
Joined: 16 Oct 2005
Posts: 395
Location: DEAD
|
| Posted: Mon May 19, 2014 2:53 pm Post subject: |
|
|
energy is float or 4 bytes?
you can use this:
| Code: | | mov ecx,(float)50.000 |
or
try test this code:
| Code: | push eax
mov eax,dword ptr [esi]
test eax,eax
jz test
cmp eax,Launch.exe+92AEE0
jne test
mov ecx,(int)5000
test:
pop eax |
_________________
Welcome to the Hell.
Last edited by Xblade Of Heaven on Mon May 19, 2014 2:59 pm; edited 1 time in total |
|
| Back to top |
|
|
NanoByte
Expert Cheater
![]() Reputation: 1
Joined: 13 Sep 2013
Posts: 222
|
| Posted: Mon May 19, 2014 2:58 pm Post subject: |
|
|
Xblade your last suggestion worked  thanks Mate
| Code: |
mov [esi],ecx
cmp [Launch.exe+92AEE0],ecx
jne originalcode
add ecx,#5000
|
but i still want to know if there is a way to tell if the code is shared
|
|
| Back to top |
|
|
Xblade Of Heaven
Master Cheater
Reputation: 0
Joined: 16 Oct 2005
Posts: 395
Location: DEAD
|
| Posted: Mon May 19, 2014 3:02 pm Post subject: |
|
|
to see if the code is shared, run the script and see the memory viewer to the area where your code is wrote (you can see JMP ADDRESS and press follow) and above add ecx, (int) 5000 right click search for addresses that are accessed here, if you only miss one is not but if they leave many shared if it is
_________________
Welcome to the Hell.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 19, 2014 4:51 pm Post subject: |
|
|
| Right-click on the instruction in memory viewer and select 'Find out what addresses this instruction accesses'. Return to game and play for a moment. Check debugger window to see if any other addresses populate the list.
|
|
| Back to top |
|
|
NanoByte
Expert Cheater
![]() Reputation: 1
Joined: 13 Sep 2013
Posts: 222
|
| Posted: Tue May 20, 2014 7:40 am Post subject: |
|
|
| Yeah i tried "Find out what addresses this instruction accesses" and nothing showed up not even the address that was being edited
|
|
| Back to top |
|
|
STN
I post too much
 Reputation: 43
Joined: 09 Nov 2005
Posts: 2676
|
| Posted: Tue May 20, 2014 8:55 am Post subject: |
|
|
You have to play the game, gain/change the energy to see new addresses pop up as they are accessed.
Also why are you even doing a compare when you have a static pointer to it ?. You can just as easily do this and save a lot of instructions.
mov [esi],ecx // esi contains you current energi and ecx is the new value for the energi
mov [Launch.exe+92AEE0], (int)5000
ret 0004 // no clue what this does, ret? explain if u got time
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
