Difference between revisions of "Scripting:Asm"
(Created page with 'Category:Scripting ==Values & Address== {{Template:Asm:ValuesWithoutPointers}} {{Template:Asm:AddressesWithoutPointers}}') |
|||
| Line 1: | Line 1: | ||
[[Category:Scripting]] | [[Category:Scripting]] | ||
| − | ==Values & Address== | + | ==Getting Values & Address== |
{{Template:Asm:ValuesWithoutPointers}} | {{Template:Asm:ValuesWithoutPointers}} | ||
{{Template:Asm:AddressesWithoutPointers}} | {{Template:Asm:AddressesWithoutPointers}} | ||
| + | |||
| + | ==Loading Pointers Into Registers== | ||
| + | |||
| + | {{Template:Asm:LoadPtrsToRegisters}} | ||
| + | {{Template:Asm:LoadPtrsFromDissectToRegisters}} | ||
Revision as of 03:31, 3 February 2018
Contents
Getting Values & Address
Get Values Without Pointers
cant find pointers?, pointer scanner takes so long?. use this and change the requirements, dont forget to add VALUE as an address to your address-list.
[enable]
aobscan(symbol,01 23 45 67 89 AB CD EF)
alloc(newmem,$1000)
registersymbol(symbol)
registersymbol(value)
label(value)
label(originalcode)
label(exit)
newmem:
mov eax,[edx+110]
mov [value],eax
originalcode:
mov eax,[edx+110]
jmp exit
value:
dd 00
symbol:
jmp newmem
nop
exit:
[disable]
unregistersymbol(value)
dealloc(newmem)
symbol:
mov eax,[edx+110]
unregistersymbol(symbol)
Get Addresses Without Pointers
cant find pointers?, pointer scanner takes so long?. use this and change the requirements, dont forget to add ADDRESS as an address to your address-list and change diplay type to HEXADECIMAL.
[enable]
aobscan(symbol,01 23 45 67 89 AB CD EF)
alloc(newmem,$1000)
registersymbol(symbol)
registersymbol(address)
label(address)
label(originalcode)
label(exit)
newmem:
lea eax,[edx+110]
mov [address],eax
originalcode:
mov eax,[edx+110]
jmp exit
address:
dd 00
symbol:
jmp newmem
nop
exit:
[disable]
unregistersymbol(address)
dealloc(newmem)
symbol:
mov eax,[edx+110]
unregistersymbol(symbol)
Loading Pointers Into Registers
Load Pointers Into Registers
in some cases you might need to load a pointer into a register, here how its done.
[enable]
aobscan(symbol,01 23 45 67 89 AB CD EF)
alloc(newmem,$1000)
registersymbol(symbol)
label(originalcode)
label(exit)
newmem:
lea eax,[[[[[["Executable.exe"+00123ABC]+4]+56]+0]+789]+DEF]
// do some stuff here
originalcode:
mov eax,[edx+110]
jmp exit
symbol:
jmp newmem
nop
exit:
[disable]
dealloc(newmem)
symbol:
mov eax,[edx+110]
unregistersymbol(symbol)
Load Pointers From Dissect Data / Structures
sometimes you find valid compare points under pointers, but how to use pointers from dissect data / structures?.
say: mov [ebx+04],eax is writing to your health address as well as your enemy, in dissect d/s CE shows at offset '54' there is a pointer. and when expanding that pointer, shows at offset '10' there is a value we can build our compare on.
[enable]
aobscan(symbol,01 23 45 67 89 AB CD EF)
alloc(newmem,$1000)
registersymbol(symbol)
label(originalcode)
label(exit)
newmem:
push eax
mov eax,[ebx+54] // moving the pointer into eax
cmp byte ptr [eax+10],01 // comparing pointer address + 10 with value of '1' which stands for player team
pop eax
jz exit
originalcode:
mov [ebx+04],eax
jmp exit
symbol:
jmp newmem
nop
exit:
[disable]
dealloc(newmem)
symbol:
mov [ebx+04],eax
unregistersymbol(symbol)
