View previous topic :: View next topic |
Author |
Message |
mbabo Advanced Cheater Reputation: 0
Joined: 30 Jul 2016 Posts: 74
|
Posted: Thu Sep 22, 2016 2:28 pm Post subject: game crashes after using aob injection |
|
|
hi i have tried a lot but the game am truing to hack seems to crash with code injection although selecting the function that is reducing my ammo and replace it with a code that does nothing is working fine but with aob injection even the original code crashes the game is it becuse of the game or is it becuse of my CE
( note that other games works fine but 3 of my games so far crash after injection)
Code: |
[ENABLE]
aobscanmodule(ammo,EvilWithin.exe,29 41 10 8B 41 10) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+7C37CB)
label(code)
label(return)
newmem:
code:
sub [rcx+10],eax
mov eax,[rcx+10]
jmp return
ammo:
jmp code
nop
return:
registersymbol(ammo)
[DISABLE]
ammo:
db 29 41 10 8B 41 10
unregistersymbol(ammo)
dealloc(newmem)
|
some games works fine but some crashing
note : this code counts every time after i shoot an ammo
mighty dark byte please help :$
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Thu Sep 22, 2016 2:34 pm Post subject: |
|
|
Sounds like some code above your injection attempts to jump to that second instruction (MOV).
Move your injection up one or, if all you want to do is NOP the instruction, don't use the full injection.
Code: | [ENABLE]
aobscanmodule(ammo,EvilWithin.exe,29 41 10 8B 41 10)
ammo:
db 90 90 90
return:
registersymbol(ammo)
[DISABLE]
ammo:
db 29 41 10
unregistersymbol(ammo) |
|
|
Back to top |
|
|
kuntz Cheater Reputation: 0
Joined: 29 Aug 2016 Posts: 44 Location: Canada
|
Posted: Thu Sep 22, 2016 2:48 pm Post subject: |
|
|
What is the original asm code of the game you want to replace?
|
|
Back to top |
|
|
mbabo Advanced Cheater Reputation: 0
Joined: 30 Jul 2016 Posts: 74
|
Posted: Thu Sep 22, 2016 2:54 pm Post subject: |
|
|
Zanzer wrote: | Sounds like some code above your injection attempts to jump to that second instruction (MOV).
Move your injection up one or, if all you want to do is NOP the instruction, don't use the full injection.
Code: | [ENABLE]
aobscanmodule(ammo,EvilWithin.exe,29 41 10 8B 41 10)
ammo:
db 90 90 90
return:
registersymbol(ammo)
[DISABLE]
ammo:
db 29 41 10
unregistersymbol(ammo) |
|
thank you soo much that worked fine so i assume is using the auto tamplete method is wrong ><
ok i need your help with one more thing am trying to use globalalloc function
to store the player Z axis pointer with aob injection
Code: |
[ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+6580C3)
label(code)
label(return)
globalalloc(player,4)
newmem:
code:
mov [player],rcx
movaps [rcx+00000120],xmm0
jmp return
pointer:
jmp code
nop
nop
return:
registersymbol(pointer)
[DISABLE]
pointer:
db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
dealloc(newmem)
|
then by adding pointer player+120 should indecate the adress wich works
then crashes the game i tried it after the game crushed it workd but crushed the game again after 2 seconds >< please help thanks again
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Thu Sep 22, 2016 3:19 pm Post subject: |
|
|
Code: | globalalloc(player,8) |
Code: | code:
push rax
mov rax,player
mov [rax],rcx
pop rax
movaps [rcx+00000120],xmm0
jmp return |
|
|
Back to top |
|
|
mbabo Advanced Cheater Reputation: 0
Joined: 30 Jul 2016 Posts: 74
|
Posted: Thu Sep 22, 2016 3:44 pm Post subject: |
|
|
Zanzer wrote: | Code: | globalalloc(player,8) |
Code: | code:
push rax
mov rax,player
mov [rax],rcx
pop rax
movaps [rcx+00000120],xmm0
jmp return |
|
am soory am new to this how do i use this code ?
|
|
Back to top |
|
|
kuntz Cheater Reputation: 0
Joined: 29 Aug 2016 Posts: 44 Location: Canada
|
Posted: Thu Sep 22, 2016 3:55 pm Post subject: |
|
|
mbabo wrote: | am soory am new to this how do i use this code ? |
I think he means to replace those sections with his code (which looks correct to me):
Code: | [ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+6580C3)
label(code)
label(return)
globalalloc(player,8)
newmem:
code:
push rax
mov rax,player
mov [rax],rcx
pop rax
movaps [rcx+00000120],xmm0
jmp return
pointer:
jmp code
db 66 90
return:
registersymbol(pointer)
[DISABLE]
pointer:
db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
dealloc(newmem) |
|
|
Back to top |
|
|
mbabo Advanced Cheater Reputation: 0
Joined: 30 Jul 2016 Posts: 74
|
Posted: Thu Sep 22, 2016 4:02 pm Post subject: |
|
|
kuntz wrote: | mbabo wrote: | am soory am new to this how do i use this code ? |
I think he means to replace those sections with his code (which looks correct to me):
Code: | [ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48) // should be unique
alloc(newmem,$1000,"EvilWithin.exe"+6580C3)
label(code)
label(return)
globalalloc(player,8)
newmem:
code:
push rax
mov rax,player
mov [rax],rcx
pop rax
movaps [rcx+00000120],xmm0
jmp return
pointer:
jmp code
db 66 90
return:
registersymbol(pointer)
[DISABLE]
pointer:
db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
dealloc(newmem) |
|
it crushed the game imeaddiatly
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Thu Sep 22, 2016 5:28 pm Post subject: |
|
|
Code: | [ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48)
alloc(newmem,$1000,pointer)
label(code)
label(return)
label(player)
newmem:
code:
push rax
mov rax,player
mov [rax],rcx
pop rax
movaps [rcx+00000120],xmm0
jmp return
player:
dq 0
pointer:
jmp code
nop
nop
return:
registersymbol(pointer)
registersymbol(player)
[DISABLE]
pointer:
db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
unregistersymbol(player)
dealloc(newmem) |
|
|
Back to top |
|
|
mbabo Advanced Cheater Reputation: 0
Joined: 30 Jul 2016 Posts: 74
|
Posted: Thu Sep 22, 2016 5:33 pm Post subject: |
|
|
Zanzer wrote: | Code: | [ENABLE]
aobscanmodule(pointer,EvilWithin.exe,0F 29 81 20 01 00 00 48)
alloc(newmem,$1000,pointer)
label(code)
label(return)
label(player)
newmem:
code:
push rax
mov rax,player
mov [rax],rcx
pop rax
movaps [rcx+00000120],xmm0
jmp return
player:
dq 0
pointer:
jmp code
nop
nop
return:
registersymbol(pointer)
registersymbol(player)
[DISABLE]
pointer:
db 0F 29 81 20 01 00 00
unregistersymbol(pointer)
unregistersymbol(player)
dealloc(newmem) |
|
still crashing the game crashes if you inject aob .
even if you inject the original code ( also even you disable it after enabling )
( quick enable then disable )
it crashes
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Thu Sep 22, 2016 5:54 pm Post subject: |
|
|
Do you have the variable "player" defined in some other script? I don't see anything wrong.
Maybe trying replacing Code: | movaps [rcx+00000120],xmm0 | with Code: | db 0F 29 81 20 01 00 00 |
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Thu Sep 22, 2016 6:40 pm Post subject: |
|
|
When seeking help with your scripts, it is good practice to use the AOB Injection or Full Injection Template and paste them in their entirety so that we can see the assembly code around your injection point to determine if that could be causing any issues.
|
|
Back to top |
|
|
|