Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cheat Engine Forum Index
PostGo back to topic
Pingo
Grandmaster Cheater
Reputation: 8
Joined: 12 Jul 2007
Posts: 571
PostPosted: Wed Jul 06, 2011 8:15 pm    Post subject:
Edit:
So i just downloaded VB to make you guys an example app. Dont mind the noobness, this was the first time i used VB.
Sample for CrazyH4x0r
This one was straight forward. Your script
Code:
[enable]
0049183D:
jmp 004918bd
00498ED7:
jmp 00498f57

[disable]
0049183D:
jle 004918bd
00498ED7:
jle 00498f57

Converted
Code:
        If Not Patch Then
            Mem.Patch(&H49183D, "e99c160200")
            Mem.Patch(&H498ED7, "e9368d0200")
        Else
            Mem.Patch(&H49183D, "0f8e9b160200")
            Mem.Patch(&H498ED7, "0f8e358d0200")
        End If
        Patch = Not Patch


Sample for sunbinyuan
This one involved alot more since it creates a cave and converts jumps and all that other good stuff.
Your Script
Code:
[ENABLE]
alloc(lol,128)
label(lol1)

009FD306:
jmp lol
db 90
lol1:

lol:
pushad
mov eax,[00DC7CB8]
mov eax,[eax+978]
mov eax,[eax+8C]
mov ecx,[00DC7CB8]
mov ecx,[ecx+978]
mov ecx,[ecx+88]
mov ebx,[00DC775C]
mov [ebx+43D8],eax
mov [ebx+43DC],ecx
mov [ebx+43D0],01
popad
jmp lol1

[DISABLE]
009FD306:
db 0F 84 5C 01 00 00

Converted
Code:
        Dim Inj As String = "60a1b87cdc008b80780900008b808c0000008b0db87cdc008b89780900" +
            "008b89880000008b1d5c77dc008983d8430000898bdc430000c783d04300000100000061"
        If Not Inject Then
            Mem.Inject_Jmp(&H9FD306, 6, Inj)
        Else
            Mem.Deallocate(&H9FD306, "0F845C010000")
        End If
        Inject = Not Inject


The 6 in Mem.Inject_Jmp(&H9FD306,6, Inj)
is the distance to next instruction. Your disable was only 6 bytes so i used 6.
The deallocate part will deallocate the cave plus write the original instructions back.
The jump to and from the cave is calculated for you.
The Inj is only this converted to bytes.
Code:
pushad
mov eax,[00DC7CB8]
mov eax,[eax+978]
mov eax,[eax+8C]
mov ecx,[00DC7CB8]
mov ecx,[ecx+978]
mov ecx,[ecx+88]
mov ebx,[00DC775C]
mov [ebx+43D8],eax
mov [ebx+43DC],ecx
mov [ebx+43D0],01
popad


VB Injection Example.zip
_________________


Last edited by Pingo on Fri Jul 08, 2011 2:12 am; edited 1 time in total
Back to top
View user's profile Send private message
Post reviews:   Approve 1
Author Review
sunbinyuan
Review: Approve
Post reference:
ReviewPosted: Fri Jul 08, 2011 5:19 pm

Back to top
View user's profile Send private message
Display:  
Cheat Engine Forum Index


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites