| View previous topic :: View next topic |
| Author |
Message |
HenryEx
Expert Cheater
![]() Reputation: 2
Joined: 18 Dec 2011
Posts: 100
|
 Posted: Sun Aug 12, 2012 3:00 pm Post subject: AA Script (code injection) doesn't activate |
 |
|
Usually that's a sign that something doesn't work, but i don't know why in this case. It's really pretty simple.
| Code: | [ENABLE]
alloc(CharMod,1024)
// Declaration Section
registersymbol(CharMod)
registersymbol(iCharSize)
label(CharMod)
label(iCharSize)
// Hacking Points
OROCHI.exe+433F7:
jmp CharMod
nop
nop
nop
nop
nop
// Code Section
CharMod:
mov eax,[iCharSize] // Move desired # of on-screen chars
ret // Return to calling function
// Memory Section
iCharSize:
dd #200
[DISABLE]
OROCHI.exe+433F7:
test eax,eax
jne OROCHI.exe+43401
mov eax,00000065
ret
//Alt: db 85 C0 75 06 B8 65 00 00 00 C3
unregistersymbol(CharMod)
unregistersymbol(iCharSize)
dealloc(CharMod) |
This is supposed to let you control the maximum # of characters on-screen. I sent the value to a memory address to easily edit it via cheat table.
The AA doesn't throw up any error messages when i save the script, but when i try to activate it, nothing happens. The entry doesn't toggle.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Sun Aug 12, 2012 3:05 pm Post subject: |
|
|
If you execute the script manually you will get a message why it fails
Is the process open and is it named orochi.exe
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
HenryEx
Expert Cheater
![]() Reputation: 2
Joined: 18 Dec 2011
Posts: 100
|
| Posted: Sun Aug 12, 2012 3:20 pm Post subject: |
|
|
Yes and yes.
Tried that and the result was not very helpful. It said "This code can be injected. Are you sure?" and then what you see in the attached picture.
/edit: I just tried to jump back into code before the return, since there's enough space to do that, but that doesn't work either. I'm stumped on this. I never had a simple injection just fail without explanation.
| Description: |
|
| Filesize: |
32.33 KB |
| Viewed: |
9328 Time(s) |
|
|
|
| Back to top |
|
|
Csimbi
I post too much
 Reputation: 97
Joined: 14 Jul 2007
Posts: 3327
|
| Posted: Sun Aug 12, 2012 3:57 pm Post subject: |
|
|
Observation #1: the jump in the disable section will produce a long jump (5bytes!); add the short keyword or else you will cause a crash.
But, you're better off writing back the original bytes, so prefix the instructions with // and remove //Alt:
Observation #2: Do not label and (un)register allocated memory blocks manually, alloc and dealloc will do that. So, remove label(CharMod), registersymbol(CharMod) and unregistersymbol(CharMod).
Try again once you fixed these.
|
|
| Back to top |
|
|
HenryEx
Expert Cheater
![]() Reputation: 2
Joined: 18 Dec 2011
Posts: 100
|
| Posted: Sun Aug 12, 2012 4:11 pm Post subject: |
|
|
Thanks for the tips!
I tried to add the short keyword, but, well... You'll see in the attached picture.
Isn't there some other way of doing explicitly short jumps?
Also, fixing problem #2 actually did the trick even without changing the jump. Now it works!
Strange, since i'm pretty sure i've always been in the habit of labeling/registering allocated memory manually and so far i never had problems with that.
| Description: |
|
| Filesize: |
7.89 KB |
| Viewed: |
9293 Time(s) |
|
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Sun Aug 12, 2012 4:35 pm Post subject: |
|
|
The labeling/registering is fine
Is this an online game? If so, it might be protected. See if you can do simple instruction changes or just a alloc and fill that
Perhaps kernelmode memory access must be enabled
And try it with solid hexadecimal addresses instead of the exename. Perhaps this process has two .exe's loaded
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
HenryEx
Expert Cheater
![]() Reputation: 2
Joined: 18 Dec 2011
Posts: 100
|
| Posted: Sun Aug 12, 2012 4:48 pm Post subject: |
|
|
It's the game Warriors Orochi (wikipedia.org/wiki/Warriors_Orochi) and it's an old port of a PS2 game that has no multiplayer. The OROCHI.exe is also the only executable, it doesn't even have external DLLs or something. The only other files in the game directory are .pdf's, .wmv's and .idx/.bin files which hold model/sound/text data.
And taking the script posted in the beginning and simply deleting the two lines
registersymbol(CharMod)
label(CharMod)
makes the script work without a problem.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Sun Aug 12, 2012 5:18 pm Post subject: |
|
|
ah yes, I see, a label and alloc with the same name (CharMod) won't work
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
