View previous topic :: View next topic |
Author |
Message |
greatveemon Cheater Reputation: 0
Joined: 26 Feb 2010 Posts: 48
|
Posted: Mon Sep 25, 2017 10:45 am Post subject: AOBScan results give me different addresses? |
|
|
How do you use AOBScan properly? When I use this code for testing:
Code: | {$lua}
[ENABLE]
local aobs = AOBScan('88 00 00 00 00 ?? ?? ?? ?? 00 00 00 00 ?? ?? ?? ?? 00 00 00 00 ?? ?? ?? ?? 00 00 00 00 ?? ?? ?? ?? 02 00 00 00 ?? ?? ?? ?? 00 00 00 00 00 ?0 ?? 40')
print(aobs)
[DISABLE] |
Every time I switch it, it just give me random addresses even I'm not touching the game. But when I'm manually searching that AoB, it gives me a proper result and the same address every time.
EDIT: Solved it.. must be print(aobs[0]) instead.
And btw. How do you transfer an aobscan to globalalloc? I tried this:
Code: | [ENABLE]
[ENABLE]
aobscan(someAoB,09 21 00 00 00 00 ?? 00 00 00 00 10 FF FF FF FF 22)
globalloc(_AobPtr)
aobhealth+08:
mov [_AobPtr],someAoB
[DISABLE]
|
I was expecting when I use '_AobPtr' as the pointer address. It will give me the address of the aobscan. But it just give me some random address too.
But this works though:
Code: |
[ENABLE]
aobscan(someAoB,09 21 00 00 00 00 ?? 00 00 00 00 10 FF FF FF FF 22)
registersymbol(_getAoB)
label(_getAoB)
aobhealth+08:
_getAoB:
[DISABLE]
unregistersymbol(_getAoB)
|
but I put it directly in address textbox.
Thanks for taking the time to read my problem
Cheers
EDIT: Okay, I probably solve the Lua AOBScan one. Thanks to this.
But I still don't know how to transfer the aobscan to globalalloc.
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4310
|
Posted: Mon Sep 25, 2017 11:20 am Post subject: |
|
|
greatveemon wrote: | How do you transfer an aobscan to globalalloc? |
I guess you could do this, but it's a little stupid and adds an unnecessary level of abstraction:
Code: | aobscan(foo,AA BB CC DD)
globalalloc(bar,4)
bar:
dd foo |
If you want to use the symbol from aobscan outside the script, just register it.
Code: | aobscan(foo,AA BB CC DD)
registersymbol(foo) |
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
greatveemon Cheater Reputation: 0
Joined: 26 Feb 2010 Posts: 48
|
Posted: Mon Sep 25, 2017 11:33 am Post subject: |
|
|
ParkourPenguin wrote: | greatveemon wrote: | How do you transfer an aobscan to globalalloc? |
I guess you could do this, but it's a little stupid and adds an unnecessary level of abstraction:
Code: | aobscan(foo,AA BB CC DD)
globalalloc(bar,4)
bar:
dd foo |
If you want to use the symbol from aobscan outside the script, just register it.
Code: | aobscan(foo,AA BB CC DD)
registersymbol(foo) |
|
Oh yeah! I was blindsided, I forgot that I can use the newly allocated memory to copy the value from the aobscan.
But shouldn't the code I wrote would also work? I copying the aobscan result to the globalalloc. Btw, I add that globalloc(_AobPtr,4) before and still not working.
Anyway, thanks..
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4310
|
Posted: Mon Sep 25, 2017 11:47 am Post subject: |
|
|
greatveemon wrote: | But shouldn't the code I wrote would also work? |
If you're referring to this:
greatveemon wrote: | Code: | [ENABLE]
[ENABLE]
aobscan(someAoB,09 21 00 00 00 00 ?? 00 00 00 00 10 FF FF FF FF 22)
globalloc(_AobPtr)
aobhealth+08:
mov [_AobPtr],someAoB
[DISABLE]
|
|
That code won't work because:
- You have two enable sections.
- You didn't pass a size to globalloc.
- The symbol aobhealth hasn't been defined.
- The mov instruction has to be executed in order to do what it's suppose to do.
- If this is 64-bit, that instruction probably can't be assembled.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
greatveemon Cheater Reputation: 0
Joined: 26 Feb 2010 Posts: 48
|
Posted: Mon Sep 25, 2017 12:24 pm Post subject: |
|
|
oooppsss sorry. I was rushing to find a help, I forgot to edit the others. This is not the real code for the game just some abstract. The aobhealth was the the same as the aobscan. But this would work?
Code: | [ENABLE]
aobscan(someAoB,09 21 00 00 00 00 ?? 00 00 00 00 10 FF FF FF FF 22)
globalloc(_AobPtr,4)
someAoB+08:
mov [_AobPtr],someAoB
[DISABLE]
|
I ended up using your second recommendation. Thanks again.
For a reason, I was using an injection copies that sometimes don't work and still need to make a manual activation. But the injection copy needs to put symbol in a pointer address instead directly on the address. I will end up duplicating the addresses for injection copy and manual aobscan.
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4310
|
Posted: Mon Sep 25, 2017 12:42 pm Post subject: |
|
|
No, it still wouldn't work. Again, the mov instruction has to be executed in order for it to do what it's suppose to do. Think of it like a grocery list: writing stuff down on a list won't make food magically appear in your kitchen. Likewise, writing instructions down in memory won't make them magically run on their own.
It's possible the game could run it, but that AoB doesn't even look like machine code. It looks like you're writing an instruction randomly in the middle of some data.
You should take a step back and learn the basics first. Try the CE tutorial; it may help.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
greatveemon Cheater Reputation: 0
Joined: 26 Feb 2010 Posts: 48
|
Posted: Mon Sep 25, 2017 1:07 pm Post subject: |
|
|
ohhh..
so if I understand this correctly. I need to inject this to the game opcode?
Okay, I'll re-follow ce tutorial again.
|
|
Back to top |
|
|
|