 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
FalkonZenX
How do I cheat?
![]() Reputation: 0
Joined: 31 Mar 2007
Posts: 7
Location: Brasil
|
 Posted: Mon Feb 28, 2011 11:41 pm Post subject: Help with Delphi + OllyDBG |
 |
|
I need a sample code in Delphi.
In OllyDbg found this code:
| Code: |
CPU Disasm
Address Hex dump Command
00487340 /$ 33C0 XOR EAX,EAX
00487342 |. 56 PUSH ESI
00487343 |. 8BF1 MOV ESI,ECX
00487345 |. 8946 04 MOV DWORD PTR DS:[ESI+4],EAX
00487348 |. 8946 14 MOV DWORD PTR DS:[ESI+14],EAX
0048734B |. 8946 18 MOV DWORD PTR DS:[ESI+18],EAX
0048734E |. 8946 1C MOV DWORD PTR DS:[ESI+1C],EAX
00487351 |. 8946 20 MOV DWORD PTR DS:[ESI+20],EAX
00487354 |. 8946 24 MOV DWORD PTR DS:[ESI+24],EAX
00487357 |. 8946 28 MOV DWORD PTR DS:[ESI+28],EAX
0048735A |. C706 7CD75B00 MOV DWORD PTR DS:[ESI],OFFSET 005BD77C
00487360 |. A1 30876600 MOV EAX,DWORD PTR DS:[668730]
00487365 |. 8B50 0C MOV EDX,DWORD PTR DS:[EAX+0C]
00487368 |. B9 30876600 MOV ECX,OFFSET 00668730
0048736D |. FFD2 CALL EDX
0048736F |. 8B4C24 0C MOV ECX,DWORD PTR SS:[ARG.2]
00487373 |. 83C0 10 ADD EAX,10
00487376 |. 8946 2C MOV DWORD PTR DS:[ESI+2C],EAX
00487379 |. 8B4424 08 MOV EAX,DWORD PTR SS:[ARG.1]
0048737D |. 8946 30 MOV DWORD PTR DS:[ESI+30],EAX
00487380 |. 894E 34 MOV DWORD PTR DS:[ESI+34],ECX
00487383 |. 8BC6 MOV EAX,ESI
00487385 |. 5E POP ESI
00487386 \. C2 0800 RETN 8
|
How to replace the code, using the Delphi?
| Code: |
00487340 /$ 33C0 XOR EAX,EAX to NOP
00487342 |. 56 PUSH ESI to NOP
|
I using
> WriteProcessMemory(Handle, ptr(Offset), @Value, Size, card);
But what address should I use?
$00487340 ???
$87340?
What I want is to replace the all code for NOP.
|
|
| Back to top |
|
 |
DeletedUser14087
I post too much
![]() Reputation: 2
Joined: 21 Jun 2006
Posts: 3069
|
| Posted: Tue Mar 01, 2011 6:04 am Post subject: |
|
|
You wanna write hardcoded modificationsto the file ?
use the following functions:
blockwrite(); blockread(); seek(); assignfile(); rewrite(); closefile();
const lol : byte = ($90); // nop
var
bhFile: File Of Byte;
begin
assignfile( 'File.exe', bhFile ); //assign handle
rewrite( bhFile ); //get read/write access
seek( $XXXXXX); //go to your addr here
blockwrite( bhFile, sizeof(lol), lol );
closefile( bhFile );
end;
>But what address should I use?
doesn't matter if it has 00 or not infront.
|
|
| Back to top |
|
|
FalkonZenX
How do I cheat?
![]() Reputation: 0
Joined: 31 Mar 2007
Posts: 7
Location: Brasil
|
| Posted: Tue Mar 01, 2011 10:04 pm Post subject: |
|
|
I need a change in memory! And do not make a patcher
Example in Olly
| Code: | | 0042E19C 0F85 CE000000 JNZ iw3mp.0042E270 |
need for change in memory! Using DELPHI
| Code: | | 0042E19C 0F84 CE000000 JE iw3mp.0042E270 |
I need the code that changes the memory in Hex ou ASM
| Code: |
InjectMemoryON (0042E19C , "0F85 CE000000")
InjectMemoryOFF (0042E19C , "0F84 CE000000")
|
I was using:
| Code: |
offset = $0042E19C
Value= "0F85 CE000000"
Size=4
WriteProcessMemory(Handle, ptr(Offset), @Value, Size, card); |
|
|
| Back to top |
|
|
DeletedUser14087
I post too much
![]() Reputation: 2
Joined: 21 Jun 2006
Posts: 3069
|
| Posted: Wed Mar 02, 2011 5:48 am Post subject: |
|
|
const MyVal_ON : WORD = ($0F85);
WriteProcessMemory( hProcess, Ptr($0042E19C), @MyVal_ON, SizeOf(WORD), .....);
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
