Posted: Sun Jun 23, 2019 10:10 pm Post subject: AOB Scan
So I'm hacking this game called Brawlhalla and after about 30hrs of not being able to locate the base address of modules to access the values of certain multilevel pointers -- I decided to just use an AOB scan to get the playerclass.
I found this specific string
(00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 40 1F 85 EB 51 B8 9E 16 40 00 00 00 00 00 00 39 40 9A 99 99 99 99 99 E9 3F)
that when plugged into cheat engine Array of Byte scan gives me an address which is always by the playerclass-- so I can add however many bytes I need forward to get different values.
So I understand that I can do this in cheat engine and even in the Auto Assembly Script creator.
But I want to do more complex operations with these values and thus want to integrate an AOB scan into an external cpp application. I have looked at several implementations on the internet and they haven't worked for various reasons which are not exactly easy to look up, but if they arise again in any of your guys' implementations, you will be able to help me much more effectively. It's probably because I'm not getting the base address of the module properly, but I still would like to have and understand a source code for an external (or internal, I've just had less luck with that) aob scan.
If anyone could give me any tips or a source for this specific purpose I would appreciate it hugely. I've been trying very, very hard to break into the game-hacking scene via hacking Brawlhalla and it's incredibly fun. I will give back to this community what I have learned from it, but I really need some help in this thread.
Thank you to everyone who replies
Edit: I have determined that it must be an issue with hooking into Brawlhalla with C++.
DWORD FindPattern(char *module, char *pattern, char *mask)
{
//Get all module related information
MODULEINFO mInfo = GetModuleInfo(module);
//Assign our base and module size
DWORD base = (DWORD)mInfo.lpBaseOfDll;
DWORD size = (DWORD)mInfo.SizeOfImage;
//Get length for our mask, this will allow us to loop through our array
DWORD patternLength = (DWORD)strlen(mask);
for (DWORD i = 0; i < size - patternLength; i++)
{
bool found = true;
for (DWORD j = 0; j < patternLength; j++)
{
//if we have a ? in our mask then we have true by default,
//or if the bytes match then we keep searching until finding it or not
found &= mask[j] == '?' || pattern[j] == *(char*)(base + i + j);
}
//found = true, our entire pattern was found
if (found)
{
return base + i;
}
}
return NULL;
}
While in cheat engine, it works. So it's not hooking into brawlhalla correctly.
Even when I replace "Brawlhalla.exe" with "Adobe AIR.dll" (another module in the memory) it doesn't work. What module do I use? How do I know where to scan? I followed Fleep's tutorial on youtube exactly.
UPDATE:
So I'm sorry for rushing into this without much of a basic knowledge of modules and their base addresses.
When telling the program to return the base module address it returns 0xbc0000 which lines up with cheat engine. This is where the memory starts.
i.imgur.
com/oV7xKOj.png
So it hooks into brawlhalla correctly. Why does FindPattern always return 0x0?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum