|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sat Feb 06, 2016 7:43 am Post subject: |
|
|
++METHOS wrote: | Yeah, I don't know why DB changed that. I still catch myself missing that sometimes. |
Probably because the first alloc is aligned and we can init variables there.
For example below script has high chances to fail:
Code: | [ENABLE]
alloc(newmem,2048)
...
label(minusone)
...
newmem:
...
...
mulps xmm1,[minusone]
...
...
...
jmp returnhere
minusone:
dd (float)-1 (float)-1 (float)-1 (float)-1
... |
Because minusone can be not aligned on a 16-byte boundary.
So we have to use this:
Code: | [ENABLE]
alloc(newmem,2048)
...
label(minusone)
...
newmem:
...
...
mulps xmm1,[minusone]
...
...
...
jmp returnhere
newmem+700:
minusone:
dd (float)-1 (float)-1 (float)-1 (float)-1
... |
or this (another alloc and dealloc):
Code: | [ENABLE]
alloc(newmem,2048)
...
alloc(minusone,16)
...
newmem:
...
...
mulps xmm1,[minusone]
...
...
...
jmp returnhere
minusone:
dd (float)-1 (float)-1 (float)-1 (float)-1
... |
Or the new template:
Code: | [ENABLE]
alloc(newmem,2048)
...
label(minusone)
...
newmem:
minusone:
dd (float)-1 (float)-1 (float)-1 (float)-1
code:
...
...
mulps xmm1,[minusone]
...
...
...
jmp returnhere
... |
_________________
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Sat Feb 06, 2016 11:27 am Post subject: |
|
|
Maybe. I just use a variation of this:
Code: | [ENABLE]
alloc(newmem,2048)
...
alloc(minusone,16)
...
newmem:
...
...
mulps xmm1,[minusone]
...
...
...
jmp returnhere
minusone:
dd (float)-1 (float)-1 (float)-1 (float)-1
... |
This is why we really need to be able to create custom templates.
For example, if someone wanted to save even more time, they could create a template that could auto-create their scripts like this (or, however they wanted):
Code: | [ENABLE]
aobscanmodule(aob_ammo,firefox.exe+250A,8bxxxxc6xxxxxx85xx75xxxxe8)
alloc(newmem_ammo,2048,firefox.exe+250A)
label(originalcode_ammo)
label(returnhere_ammo)
//label(ammo_enable)
registersymbol(aob_ammo)
//registersymbol(ammo_enable)
//======================================================
newmem_ammo:
originalcode_ammo:
mov ecx,[ebp+08]
mov byte ptr [esi+0C],00
jmp returnhere_ammo
//ammo_enable:
//db 0
//======================================================
aob_ammo:
jmp newmem_ammo
nop
nop
returnhere_ammo:
[DISABLE]
dealloc(newmem_ammo)
aob_ammo:
db 8B 4D 08 C6 46 0C 00
unregistersymbol(aob_ammo)
//unregistersymbol(ammo_enable) |
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|