View previous topic :: View next topic |
Author |
Message |
jeps997 Newbie cheater Reputation: 0
Joined: 07 Sep 2019 Posts: 10
|
Posted: Fri Jan 10, 2020 7:37 am Post subject: How to log game's chat by reading its memory? |
|
|
Hi! How to log a game's chat console by reading it's memory? (Have googled alot for answer to this but have not found answer) I already know the dynamic address of the OnConsoleMessage/OnPlayerChat message but I can not find a static pointer to that so I need to edit the assembly code of the game. (So basically in the game when you tępe something into the chat as a player, in the game memory is string like this: "OnPlayerChat=whateverityped")
So I know what instruction accesses this address, I have just no idea how to save the value. (By saving it I mean logging it into a text file for example or getting some address for it that can be used in my chat bot program) Instruction is this:
mov [r14],r9l
And I also know that this instruction writes every single character in that string. So what do I need to do? If this question was not too informative for you please tell me what more info you need.
|
|
Back to top |
|
|
jeps997 Newbie cheater Reputation: 0
Joined: 07 Sep 2019 Posts: 10
|
Posted: Fri Jan 31, 2020 2:27 am Post subject: |
|
|
bump, anyone please help?
|
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Fri Jan 31, 2020 8:01 am Post subject: |
|
|
jeps997 wrote: | I have just no idea how to save the value. |
By value do you mean the address on which the new character will be written, or the value of the character that will be written?
in any case if the instruction is:
we have that "r14" is a pointer on the character that will be written and "r9" is the character that will be written.
if you tried to get a static pointer on the value of "r14" and you did not succeed it is probably because its address varies according to the amount of characters contained in the string, example:
considering that the pointer on the first character of the string is 0x10000000 as soon as you insert a character in the chat buffer "r14" it will be 0x10000000, if you insert a second character you will have that the pointer contained in "r14" will vary by pointing to the next character then 0x10000001 if it is a char or 0x10000002 if it is a wide char.
a couple of instructions first you should have an instruction that probably through an LEA (or a MOV but I think it is less likely) moves the pointer of "r14" to the next character, an instruction like:
Code: | lea r14, [ecx + eax * 2] |
or
Code: | lea r14, [ecx + eax] |
in this case you should scan the pointers on the ecx value
|
|
Back to top |
|
|
|