 |
Cheat Engine The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
kitterz Grandmaster Cheater Supreme
Reputation: 0
Joined: 24 Dec 2007 Posts: 1268
|
Posted: Sat Sep 06, 2008 7:25 pm Post subject: Help with asm -> C++ |
|
|
Hi again...I have this script. (Does nothing)
| Code: | [Enable]
alloc(First,100)
label(return)
label(original)
First:
push eax
mov eax,[0096ebb0]
mov eax,[eax+18]
cmp eax,0
je original
call 004c84d4
original:
pop eax
jmp return
007D159A:
jmp First
nop
return:
[Disable] |
I want to use it in my C++ trainner, using _asm.
I have this:
| Code: | | #define JMP(frm, to) (int)(((int)to - (int)frm) - 5); |
and this:
| Code: |
void __declspec(naked) Hack ()
{
_asm
{
First:
push eax
mov eax,[0096ebb0]
mov eax,[eax+18]
cmp eax,0
je original
original:
pop eax
jmp return
jmp First
nop
return:
}
}
|
And I use this to jmp at the addy 007615B3 to the Hack _asm thing.
| Code: | BYTE * Addy = (BYTE *) 0x007615B3;
*Addy = 0xE9;
*((DWORD *)(Addy + 1)) = JMP(Addy, Hack); |
Is this correct? What I have? Im sure I have some mistakes in there.
What can I do to fix them?
_________________
|
|
| Back to top |
|
 |
pkedpker Master Cheater
Reputation: 1
Joined: 11 Oct 2006 Posts: 412
|
Posted: Sat Sep 06, 2008 8:07 pm Post subject: |
|
|
Lol dunno seems good
| Code: |
_asm
{
push eax
push ecx
mov eax, dword ptr [Addy] // from
mov ecx, dword ptr [Hack] // to
sub ecx, eax // to - from
sub ecx, 5 // MINUS 5 = DISTANCE TO JUMP!
mov byte ptr [eax], 0xE9 // E9 = JMP
mov dword ptr [eax+1], ecx // Finish off rest of hook
pop ecx
pop eax
}
|
maybe u gotta use VirtualProtect()'s for the address changing part
ah found one problem you were using hexadecimal in asm inline with using 0x in front
mov eax,[0096ebb0]
to
mov eax,[0x0096ebb0]
also you might of forgotten about
call 004c84d4
aka
call 0x004c84d4
_________________
|
|
| Back to top |
|
 |
HalfPrime Grandmaster Cheater
Reputation: 0
Joined: 12 Mar 2008 Posts: 532 Location: Right there...On your monitor
|
Posted: Sat Sep 06, 2008 9:55 pm Post subject: |
|
|
at 007D159A, the instruction is 6 bytes, so you can't forget to NOP the 6th byte after the jump command.
take out
| Code: | jmp First
nop
return:
|
and replace it with jmp 7D15A0 to return. Although, I guess since you're jumping after the 6th byte, #1 is useless.
You forgot to add the call 004c84d4.
| Code: |
void doHack(){
BYTE * Addy = (BYTE *) 0x007615B3;
*Addy = 0xE9;
*((DWORD *)(Addy + 1)) = JMP(Addy, Hack);
return;}
void __declspec(naked) Hack ()
{
_asm
{
push eax
mov eax,[0096ebb0]
mov eax,[eax+18]
cmp eax,0
je original
call 004c84d4
original:
pop eax
jmp 7D15A0
}
}
|
Oooooooorrrrrr, you could do
| Code: |
void doHack(){
BYTE * Addy = (BYTE *) 0x007615B3;
*Addy = 0xE9;
*((DWORD *)(Addy + 1)) = JMP(Addy, Hack);
return;}
void __declspec(naked) Hack () {
thehack();
_ASM{jmp 7D15A0}
}
void thehack () {
if( *(BYTE*) ((BYTE*)0x0096ebb0)+0x18) == 0)
(*((void()*)004c84d4))();
return;
}
|
_________________
|
|
| Back to top |
|
 |
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|