 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Wiw3K
Grandmaster Cheater
 Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
 Posted: Sun Mar 28, 2010 3:50 pm Post subject: Converting ASM->C++ kinda big script ;( |
 |
|
Hello, i've tried to convert SlowDupeX (ms releated) to C++ but i failed, then tested script in CE & it doesn't work at all so i want to put (DDX 2.0) script which works for me in game but there is problem, its big & i am begginner in converting  i wish you guys help me  Thanks.
DDX v2.0
| Code: | [ENABLE]
alloc(DupeX, 256)
alloc(CharESI, 4)
alloc(CharPID, 4)
alloc(PreviousESI, 4)
alloc(DupeXSwitch, 4)
registerSymbol(DupeXSwitch)
label(NoVac)
label(DupeXVac)
label(LoadChar)
label(RefreshPID)
label(EndLoadChar)
label(LoadESI)
label(LoadPID)
label(EndLoadPID)
label(DelayDupeX)
label(EndDDX)
label(LoadPrevious)
label(NormalDupeX)
label(EndDupeX)
CharESI:
dd 0
CharPID:
dd 0
PreviousESI:
dd 0
DupeXSwitch:
dd 0
DupeX:
push eax
xor eax, eax
cmp eax, [DupeXSwitch]
je NoVac
jmp DupeXVac
NoVac:
mov [CharESI], eax
mov [CharPID], eax
mov [PreviousESI], eax
jmp NormalDupeX
DupeXVac:
call LoadChar
call DelayDupeX
cmp [CharESI], esi
je NormalDupeX
call LoadPrevious
jmp NormalDupeX
LoadChar:
call LoadESI
cmp eax, [CharPID]
je RefreshPID
cmp [DupeXSwitch], eax
jl RefreshPID
jmp EndLoadChar
RefreshPID:
call LoadPID
EndLoadChar:
ret
LoadESI:
push eax
mov eax,[00123456] //pID Addy
//mov eax,[eax+8]
mov eax,[eax+1337] //pID Offset
sub eax, C
mov [CharESI], eax
pop eax
ret
LoadPID:
push ebx
mov ebx, [CharESI]
mov ebx, [ebx+110]
cmp eax, ebx
je EndLoadPID
mov [CharPID], ebx
EndLoadPID:
pop ebx
ret
DelayDupeX:
push esi
mov esi, [PreviousESI]
test esi, esi
je EndDDX
mov eax, [CharPID]
mov [esi+110],eax
mov [esi+114],eax
EndDDX:
pop esi
ret
LoadPrevious:
mov [PreviousESI], esi
ret
NormalDupeX:
pop eax
mov [esi+114], edi
jmp EndDupeX
00ABCDEF:
jmp DupeX
db 90
EndDupeX:
[DISABLE]
00ABCDEF:
mov [esi+00000114],edi
dealloc(DupeX)
dealloc(CharESI)
dealloc(CharPID)
dealloc(PreviousESI)
dealloc(DupeXSwitch)
unregisterSymbol(DupeXSwitch) |
Btw. I Wish to be able to turn it Off or make Mobs Follow/Stay by putting a value to Address "DupeXSwitch"
Value:
0 - Off
1 - Stay
-1 - Follow
I Know you guys can easly convert it, I will be very grateful if anyone helps me Thanks
|
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Mar 28, 2010 4:17 pm Post subject: |
|
|
| paste how far you've got with converting so far
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Sun Mar 28, 2010 4:30 pm Post subject: |
|
|
| Slugsnack wrote: | | paste how far you've got with converting so far |
atm i am at converting part
| Code: | void __declspec(naked) __stdcall DDXASM()
{
__asm
{
DupeX:
push eax
xor eax, eax
cmp eax, [DupeXSwitch]
je NoVac
jmp DupeXVac
NoVac:
mov [CharESI], eax
mov [CharPID], eax
mov [PreviousESI], eax
jmp NormalDupeX
DupeXVac:
call LoadChar
call DelayDupeX
cmp [CharESI], esi
je NormalDupeX
call LoadPrevious
jmp NormalDupeX
LoadChar:
call LoadESI
cmp eax, [CharPID]
je RefreshPID
cmp [DupeXSwitch], eax
jl RefreshPID
jmp EndLoadChar
RefreshPID:
call LoadPID
EndLoadChar:
ret
LoadESI:
push eax
mov eax,[0x00123456] //pID Addy
//mov eax,[eax+8]
mov eax,[eax+0x1337] //pID Offset
sub eax, 0xC
mov [CharESI], eax
pop eax
ret
LoadPID:
push ebx
mov ebx, [CharESI]
mov ebx, [ebx+0x110]
cmp eax, ebx
je EndLoadPID
mov [CharPID], ebx
EndLoadPID:
pop ebx
ret
DelayDupeX:
push esi
mov esi, [PreviousESI]
test esi, esi
je EndDDX
mov eax, [CharPID]
mov [esi+0x110],eax
mov [esi+0x114],eax
EndDDX:
pop esi
ret
LoadPrevious:
mov [PreviousESI], esi
ret
NormalDupeX:
pop eax
mov [esi+0x114], edi
jmp [EndDupeX+6]
}
} |
but i think half of script is about (if pointer is 1/0/-1) so i guess it gonna be
| Code: | void __declspec(naked) __stdcall DDXASM()
{
__asm
{
push eax
mov eax,[0x00123456] //pID Addy
//mov eax,[eax+8]
mov eax,[eax+0x1337] //pID Offset
sub eax, 0xC
mov [CharESI], eax
pop eax
ret
LoadPID:
push ebx
mov ebx, [CharESI]
mov ebx, [ebx+0x110]
cmp eax, ebx
je EndLoadPID
mov [CharPID], ebx
EndLoadPID:
pop ebx
ret
DelayDupeX:
push esi
mov esi, [PreviousESI]
test esi, esi
je EndDDX
mov eax, [CharPID]
mov [esi+0x110],eax
mov [esi+0x114],eax
EndDDX:
pop esi
ret
LoadPrevious:
mov [PreviousESI], esi
ret
NormalDupeX:
pop eax
mov [esi+0x114], edi
jmp [EndDupeX+6]
}
} |
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Mar 28, 2010 5:13 pm Post subject: |
|
|
| so what's the problem ? and it would be more helpful if you post your full source code including how you are writing the 'hook'/jmp at 0x00ABCDEF
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Sun Mar 28, 2010 5:18 pm Post subject: |
|
|
| Slugsnack wrote: | | so what's the problem ? and it would be more helpful if you post your full source code including how you are writing the 'hook'/jmp at 0x00ABCDEF |
omg, thats why i made thread? i am beginner in converting, only what i converted is simple script that changed "jmp" to "jne" or something -.-" i have no idea how to write hook/jmp 
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Mar 28, 2010 5:39 pm Post subject: |
|
|
here's an example of something i made where i wrote a hook/jmp :
| Code: | #include "resource.h"
#include <windows.h>
#include <tchar.h>
#include <commctrl.h>
#pragma comment( lib, "comctl32.lib" )
#define JMP( frm, to ) ( ( ( int )to - ( int )frm ) - 5 )
HMODULE hModule;
DWORD BoostRet = 0x00692B0C;
DWORD BoostAddr = 0x00692B06;
BYTE BoostOrig[] = { 0xD9, 0x9E, 0xF8, 0x00, 0x00, 0x00 }; // fstp dword ptr [esi+0x000000f8]
void WriteJMP( DWORD from, DWORD to ) {
DWORD flOldProtect;
VirtualProtect( ( LPVOID )from, 5, PAGE_EXECUTE_READWRITE, &flOldProtect );
*( BYTE* )from = 0xE9;
*( DWORD* )( from + 1 ) = JMP( from, to );
VirtualProtect( ( LPVOID )from, 5, flOldProtect, &flOldProtect );
}
__declspec( naked ) void BoostHook() {
__asm {
push dword ptr [esi+0x000000f8]
fstp dword ptr [esi+0x000000f8]
pop dword ptr [esi+0x000000f8]
jmp [BoostRet]
}
}
void ActivateBoost( BOOL bActivate ) {
if( bActivate )
WriteJMP( BoostAddr, ( DWORD )BoostHook );
else {
DWORD flOldProtect;
VirtualProtect( ( LPVOID )BoostAddr, sizeof BoostOrig, PAGE_EXECUTE_READWRITE, &flOldProtect );
RtlMoveMemory( ( LPVOID )BoostAddr, BoostOrig, sizeof BoostOrig );
VirtualProtect( ( LPVOID )BoostAddr, sizeof BoostOrig, flOldProtect, &flOldProtect );
}
}
INT_PTR CALLBACK DlgProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam ) {
switch( uMsg ) {
case WM_INITDIALOG: {
TCHAR szhWnd[15];
DWORD dwProcessId = GetCurrentProcessId();
HWND hWnd = FindWindow( _T("GameFrame"), _T("Need for Speed™ Most Wanted") );
_stprintf_s( szhWnd, _countof( szhWnd ), _T("%08X"), hWnd );
SetDlgItemText( hwndDlg, IDC_EDIT2, szhWnd );
_stprintf_s( szhWnd, _countof( szhWnd ), _T("%08X"), dwProcessId );
SetDlgItemText( hwndDlg, IDC_EDIT1, szhWnd );
RegisterHotKey( hwndDlg, 0, MOD_ALT, '1' );
return TRUE;
}
case WM_HOTKEY: {
switch( wParam ) {
case 0:
SendMessage( GetDlgItem( hwndDlg, IDC_CHECK1 ), BM_CLICK, NULL, NULL );
break;
default:
return FALSE;
}
return TRUE;
}
case WM_COMMAND: {
if( HIWORD( wParam ) == BN_CLICKED ) {
switch( LOWORD( wParam ) ) {
case IDC_CHECK1:
ActivateBoost( IsDlgButtonChecked( hwndDlg, IDC_CHECK1 ) == BST_CHECKED );
break;
case IDC_BUTTON1:
SendMessage( hwndDlg, WM_CLOSE, NULL, NULL );
break;
default:
return FALSE;
}
return TRUE;
}
break;
}
case WM_CLOSE:
EndDialog( hwndDlg, 0 );
return TRUE;
}
return FALSE;
}
void main() {
INITCOMMONCONTROLSEX iccex;
iccex.dwSize = sizeof iccex;
iccex.dwICC = ICC_STANDARD_CLASSES;
InitCommonControlsEx( &iccex );
DialogBoxParam( hModule, MAKEINTRESOURCE( IDD_DIALOG1 ), NULL, DlgProc, NULL );
FreeLibraryAndExitThread( hModule, 0 );
}
BOOL WINAPI DllMain( HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved ) {
if( fdwReason == DLL_PROCESS_ATTACH ) {
hModule = hinstDLL;
CreateThread( NULL, NULL, ( LPTHREAD_START_ROUTINE )main, NULL, NULL, NULL );
return TRUE;
}
return FALSE;
} |
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Sun Mar 28, 2010 8:28 pm Post subject: |
|
|
| Slugsnack wrote: | here's an example of something i made where i wrote a hook/jmp :
| Code: |
#define JMP( frm, to ) ( ( ( int )to - ( int )frm ) - 5 ) |
|
do you honestly think that spacing makes it easier to read
what the christ
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Mar 28, 2010 9:01 pm Post subject: |
|
|
| slovach wrote: | | Slugsnack wrote: | here's an example of something i made where i wrote a hook/jmp :
| Code: |
#define JMP( frm, to ) ( ( ( int )to - ( int )frm ) - 5 ) |
|
do you honestly think that spacing makes it easier to read
what the christ |
i can read it just fine. consider getting your eyes checked out
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Mon Mar 29, 2010 8:19 am Post subject: |
|
|
only what i converted was little scripts which change 1 byte or something like Tubi/Godmode..., there is nothing to do with __asm, i have no idea which jmp in script is for enabling it :S how to convert it? 
|
|
| Back to top |
|
|
NoMercy
Master Cheater
![]() Reputation: 1
Joined: 09 Feb 2009
Posts: 289
|
| Posted: Mon Mar 29, 2010 2:06 pm Post subject: |
|
|
| Code: |
push eax
xor eax, eax
cmp eax, [DupeXSwitch]
je NoVac
jmp DupeXVac
NoVac:
mov [CharESI], eax
mov [CharPID], eax
mov [PreviousESI], eax
jmp NormalDupeX
DupeXVac:
call LoadChar
call DelayDupeX
cmp [CharESI], esi
je NormalDupeX
call LoadPrevious
jmp NormalDupeX
LoadChar:
call LoadESI
cmp eax, [CharPID]
je RefreshPID
cmp [DupeXSwitch], eax
jl RefreshPID
jmp EndLoadChar
RefreshPID:
call LoadPID
EndLoadChar:
ret
LoadESI:
push eax
mov eax,[00123456] //pID Addy
//mov eax,[eax+8]
mov eax,[eax+1337] //pID Offset
sub eax, C
mov [CharESI], eax
pop eax
ret
LoadPID:
push ebx
mov ebx, [CharESI]
mov ebx, [ebx+110]
cmp eax, ebx
je EndLoadPID
mov [CharPID], ebx
EndLoadPID:
pop ebx
ret
DelayDupeX:
push esi
mov esi, [PreviousESI]
test esi, esi
je EndDDX
mov eax, [CharPID]
mov [esi+110],eax
mov [esi+114],eax
EndDDX:
pop esi
ret
LoadPrevious:
mov [PreviousESI], esi
ret
NormalDupeX:
pop eax
mov [esi+114], edi
jmp EndDupeX |
i didnt check the thing in it, but u should place before hex 0x, and jumps between [], then use a jmp to the script from ur DupexAddy, dupex addy + 5 = the nopx ( 0x90) and jmp [endDupex + 6] or w/e name u use for the addy
the values at the top, under the alloc, label
use DWORD name = x
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Tue Mar 30, 2010 12:15 pm Post subject: |
|
|
i have no idea what are you talking about, i know that every number in __asm will be 0xNUMBER
ex.
mov [esi+0x110],eax
mov [esi+0x114],eax
|
|
| Back to top |
|
|
WaffleMaster
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 19 Oct 2006
Posts: 1237
|
| Posted: Tue Apr 13, 2010 10:14 pm Post subject: |
|
|
I was using notepad, so I couldn't format it. Anyway, here it is.
| Code: |
#define jmp(frm, to) (int)(((int)to - (int)frm) - 5);
DWORD CharESI, CharPID, PreviousESI, DupeXSwitch, EndDupeX;
void __declspec(naked) __stdcall DupeX()
{
__asm
{
push eax
xor eax, eax
cmp eax, [DupeXSwitch]
je NoVac
jmp DupeXVac
NoVac:
mov [CharESI], eax
mov [CharPID], eax
mov [PreviousESI], eax
jmp NormalDupeX
DupeXVac:
call LoadChar
call DelayDupeX
cmp [CharESI], esi
je NormalDupeX
call LoadPrevious
jmp NormalDupeX
LoadChar:
call LoadESI
cmp eax, [CharPID]
je RefreshPID
cmp [DupeXSwitch], eax
jl RefreshPID
jmp EndLoadChar
RefreshPID:
call LoadPID
EndLoadChar:
ret
LoadESI:
push eax
mov eax,[0x00123456] //pID Addy
//mov eax,[eax+8]
mov eax,[eax+0x1337] //pID Offset
sub eax, 0xC
mov [CharESI], eax
pop eax
ret
LoadPID:
push ebx
mov ebx, [CharESI]
mov ebx, [ebx+0x110]
cmp eax, ebx
je EndLoadPID
mov [CharPID], ebx
EndLoadPID:
pop ebx
ret
DelayDupeX:
push esi
mov esi, [PreviousESI]
test esi, esi
je EndDDX
mov eax, [CharPID]
mov [esi+0x110],eax
mov [esi+0x114],eax
EndDDX:
pop esi
ret
LoadPrevious:
mov [PreviousESI], esi
ret
NormalDupeX:
pop eax
mov [esi+114], edi
jmp [EndDupeX]
}
}
void Jump(DWORD dwAddress, void* ASM, int iNops)
{
*(BYTE*)dwAddress = 0xE9;
*(DWORD*)(dwAddress + 1) = jmp(dwAddress, ASM);
for (int i = 0; i != iNops; i++)
{
*(BYTE*)(dwAddress + 5 + i) = 0x90;
}
}
void EnableIt()
{
EndDupeX = 0x00ABCDEF + 6;
Jump(0x00ABCDEF, DupeX, 1);
DupeXSwitch = 1; //some value
} |
_________________
Problem, CEF?
Buying zhelms/leech in Windia. PM me. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
