Difference between revisions of "Template:Asm:LoadPtrsFromDissectToRegisters"
(Created page with 'Category:Scripting ===Load Pointers From Dissect Data / Structures=== ''sometimes you find valid compare points under pointers'', ''but how to use pointers from dissect data…') |
m |
||
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
===Load Pointers From Dissect Data / Structures=== | ===Load Pointers From Dissect Data / Structures=== | ||
''sometimes you find valid compare points under pointers'', ''but how to use pointers from dissect data / structures?''. | ''sometimes you find valid compare points under pointers'', ''but how to use pointers from dissect data / structures?''. | ||
+ | |||
+ | ''say: mov [ebx+04],eax is writing to your health address as well as your enemy, in dissect d/s CE shows at offset '54' there is a pointer.'' and when expanding that pointer, shows at offset '10' there is a value we can build our compare on. | ||
<code style="background:#FFFFFF"> | <code style="background:#FFFFFF"> | ||
Line 26: | Line 28: | ||
push eax | push eax | ||
− | mov eax,[ebx+54] | + | mov eax,[ebx+54] // moving the pointer into eax |
− | cmp byte ptr [eax+10],01 | + | cmp byte ptr [eax+10],01 // comparing pointer address + 10 with value of '1' which stands for player team |
pop eax | pop eax |
Latest revision as of 11:15, 4 February 2018
Load Pointers From Dissect Data / Structures[edit]
sometimes you find valid compare points under pointers, but how to use pointers from dissect data / structures?.
say: mov [ebx+04],eax is writing to your health address as well as your enemy, in dissect d/s CE shows at offset '54' there is a pointer. and when expanding that pointer, shows at offset '10' there is a value we can build our compare on.
[enable]
aobscan(symbol,01 23 45 67 89 AB CD EF)
alloc(newmem,$1000)
registersymbol(symbol)
label(originalcode)
label(exit)
newmem:
push eax
mov eax,[ebx+54] // moving the pointer into eax
cmp byte ptr [eax+10],01 // comparing pointer address + 10 with value of '1' which stands for player team
pop eax
jz exit
originalcode:
mov [ebx+04],eax
jmp exit
symbol:
jmp newmem
nop
exit:
[disable]
dealloc(newmem)
symbol:
mov [ebx+04],eax
unregistersymbol(symbol)