| View previous topic :: View next topic |
| Author |
Message |
Wiw3K
Grandmaster Cheater
 Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
 Posted: Thu Feb 12, 2009 12:11 pm Post subject: [C#]Asm Script help |
 |
|
is there a way to put asm script into C# source? 
i heard "Compile an dll in C++ with this script and use it in C# source" ?
umm ok so i need to put Mouse Travel script for EMS but its BIG? and have Pointers in it
lets see the script:
| Code: | [ENABLE]
Alloc(MouserX,512)
Alloc(MouserY,512)
label(back)
label(return)
006EDC66:
jmp MouserX
back:
006EDCCB:
jmp MouserY
return:
MouserX:
mov eax, [00818c20]
mov eax, [eax+978]
mov eax, [eax+80]
mov [ebx], eax
mov edi,[ebp+10]
jmp back
MouserY:
mov eax, [00818c20]
mov eax, [eax+978]
mov eax, [eax+84]
mov [edi], eax
mov ebx,[ebp+14]
jmp return
[DISABLE]
006EDC66:
mov [ebx], eax
mov edi,[ebp+10]
006EDCCB:
mov [edi],eax
mov ebx,[ebp+14]
dealloc(MouserX)
dealloc(MouserY) |
its mouse travel from v.49
|
|
| Back to top |
|
 |
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Thu Feb 12, 2009 1:01 pm Post subject: |
|
|
that'd be harder than C++ since C# doesn't support inline asm
you'll have to translate those lines to their bytes and write them using WPM
but since ms is blocking WPM it doesn't seem possible ?! or not? never done such thing in C#
but yes there's always the easiest way to write a dll with this script and export it to your C# program
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Thu Feb 12, 2009 1:07 pm Post subject: |
|
|
| and to write memory inside a dll u use *(DWORD*)
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Thu Feb 12, 2009 1:26 pm Post subject: |
|
|
| 1qaz wrote: | that'd be harder than C++ since C# doesn't support inline asm
you'll have to translate those lines to their bytes and write them using WPM
but since ms is blocking WPM it doesn't seem possible ?! or not? never done such thing in C#
but yes there's always the easiest way to write a dll with this script and export it to your C# program |
damm i know only how to change single bytes in C++/C#
in C++ sctipt should be:
| Code: | DWORD Addy1 = 0x006EDC66;
DWORD Addy2 = 0x006EDCCB; |
| Code: | memory = preader.ReadProcessMemory((IntPtr)0x0081bc50, 4, out bytesread);
pointerbase = BitConverter.ToInt32(memory, 0);
pointerbase += 0x80;
pointerbase1 += 0x978;
memory = preader.ReadProcessMemory((IntPtr)pointerbase, pointerbase1, 4, out bytesread);
MouserXAddy = BitConverter.ToInt32(memory, 0);
|
| Code: | memory = preader.ReadProcessMemory((IntPtr)0x0081bc50, 4, out bytesread);
pointerbase = BitConverter.ToInt32(memory, 0);
pointerbase += 0x84;
pointerbase1 += 0x978;
memory = preader.ReadProcessMemory((IntPtr)pointerbase, pointerbase1, 4, out bytesread);
MouserYAddy = BitConverter.ToInt32(memory, 0);
|
---edit---
@lolz , up pointers are in C# and down script is in C++ DAM idk
| Code: | void __declspec(naked) __stdcall Blink ()
{
_asm
{
Addy1:
jmp [MouserX]
Addy2:
jmp [MouserY]
[MouserXAddy]:
mov [ebx], eax
mov edi,[ebp+0x10]
jmp back
[MouserYAddy]:
mov [edi], eax
mov ebx,[ebp+0x14]
}
} |
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Thu Feb 12, 2009 2:05 pm Post subject: |
|
|
| Code: |
Addy1:
jmp [MouserX]
|
won't work on inline asm since it's different from auto assembler
create 2 code caves for both mousex and mousey
| Code: |
_declspec(naked) void MouseX_CodeCave()
{
// code for MouseX goes here
// after code you want to go back to the address + 5 so
jmp dword ptr ds:[Addy1 + 5]
}
_declspec(naked) void MouseY_CodeCave()
{
// same as MouseX
jmp dword ptr ds :[Addy2 + 5]
}
|
now to force it jump to your code cave just change the address's bytes
| Code: |
*(BYTE*)0x006EDC66 = 0xe9 // jmp
*(DWORD*)(0x006EDC66 + 0x1) = JMP(006EDC66,MouseX_CodeCave); // JMP(frm,to) will be declared at the top of the code as macro
/* #define JMP(frm,to) (int)(((int)to - (int)frm) - 5) */
|
and the same for MouseY address
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Thu Feb 12, 2009 2:43 pm Post subject: |
|
|
i made this
| Code: | #include "windows.h"
//#include "stdafx.h" //No File in this directory? ;o??!!
#define JMP(frm, to) (int)(((int)to - (int)frm) - 5);
DWORD Addy1 = 0x006EDC66;
DWORD Addy2 = 0x006EDCCB;
_declspec(naked) void MouseX_CodeCave()
{
__asm
{
// code for MouseX goes here
// after code you want to go back to the address + 5 so
mov [ebx], eax
mov edi,[ebp+0x10]
jmp back
jmp dword ptr ds:[Addy1 + 5]
}
}
_declspec(naked) void MouseY_CodeCave()
{
__asm
{
// same as MouseX
mov [edi], eax
mov ebx,[ebp+0x14]
jmp dword ptr ds :[Addy2 + 5]
}
}
bool CoreDLL(void)
{
*(BYTE*)0x006EDC66 = 0xe9 // jmp
*(DWORD*)(0x006EDC66 + 0x1) = JMP(006EDC66,MouseX_CodeCave); // JMP(frm,to) will be declared at the top of the code as macro
/* #define JMP(frm,to) (int)(((int)to - (int)frm) - 5) */
} |
why i have these errors :O i dont see something wrong here.
| Quote: | 1>...\core.cpp(20) : error C2094: label 'back' was undefined
1>...\core.cpp(36) : error C2297: '*' : illegal, right operand has type 'DWORD *'
1>...\core.cpp(36) : error C2021: expected exponent value, not 'D'
1>...\core.cpp(36) : error C2059: syntax error : 'bad suffix on number'
1>...l\core.cpp(36) : error C2146: syntax error : missing ')' before identifier 'DC66'
1>...\core.cpp(36) : error C2059: syntax error : ')' |
|
|
| Back to top |
|
|
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Thu Feb 12, 2009 2:58 pm Post subject: |
|
|
| This is stupid... OP said C# and you post C++.
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Thu Feb 12, 2009 3:04 pm Post subject: |
|
|
| _void_ wrote: | | This is stupid... OP said C# and you post C++. |
this what i writed up , is in C++ because he told me to make an dll in C++ and using it in C# 
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Thu Feb 12, 2009 11:54 pm Post subject: |
|
|
first delete jmp back you don't need it
jmp back means jmp address + 5 bytes.
and notice what you've entered to JMP macro -
you've entered the address as it is without 0x
that's why you got bad suffix on number error and all others
it should be more like
| Code: |
*(DWORD*) (0x006EDC66 + 0x1) = JMP(0x006EDC66,MouseX_CodeCave);
|
here's an example dll
notice it doesn't have an entry point since you need to export the function from it
and notice the module definition file that makes the function exportable
now to return to his original mode save the original bytes and then write them to your addresses
http://rapidshare.com/files/197483049/mouseVac_dll.rar.html
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Fri Feb 13, 2009 7:30 am Post subject: |
|
|
@up
oh i see !! thanks for example
and now how in C# i can use functions in this dll ?
inport in class
| Code: | [DllImport("mouseVac_dll")]
public static extern int puts(string c); |
then in button code something or what ?
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Fri Feb 13, 2009 7:44 am Post subject: |
|
|
exactly as you said
| Code: |
[DllImport("mouseVac_dll.Dll")]
public static extern void MouseVac();
|
now at your button event
| Code: |
private void button1_Click(object sender, EventArgs e)
{
MouseVac();
}
|
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Fri Feb 13, 2009 8:01 am Post subject: |
|
|
@up
error popup which says my trainer memory is corrupt or something like that, check this:
http://i41.tinypic.com/2uo13q8.jpg
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Fri Feb 13, 2009 8:05 am Post subject: |
|
|
insert into the dll b4 calculating jump bytes the following
| Code: |
DWORD oldProtection,oldProtection2;
VirtualProtect((LPVOID)addr1,6,PAGE_EXECUTE_READWRITE,&oldProtection);
VirtualProtect((LPVOID)addr2,6,PAGE_EXECUTE_READWRITE,&oldProtection2);
|
i forgot you need to remove memory protection to edit
|
|
| Back to top |
|
|
Wiw3K
Grandmaster Cheater
Reputation: 0
Joined: 09 Jul 2006
Posts: 762
Location: Poland.
|
| Posted: Fri Feb 13, 2009 8:10 am Post subject: |
|
|
added this here.
| Code: | #include <windows.h>
#define JMP(frm,to) (int)(((int)to - (int)frm) - 5)
DWORD oldProtection,oldProtection2;
... |
and this here ye?
| Code: | void MouseVac()
{
VirtualProtect((LPVOID)addr1,6,PAGE_EXECUTE_READWRITE,&oldProtection);
VirtualProtect((LPVOID)addr2,6,PAGE_EXECUTE_READWRITE,&oldProtection2);
*(BYTE*)addr1 = 0xe9; // jmp byte
*(DWORD*)(addr1 + 0x1) = JMP(addr1,MouseX); // calculate bytes for the address we need to jump to
*(BYTE*)addr2 = 0xe9;
*(DWORD*)(addr2 + 0x1) = JMP(addr2,MouseY); // same as addr1
} |
& still this error
-edit-
check this
| Code: |
// Hooked API
// Thanks ferris for VirtualProtectExstatic const FARPROC Vprotect = (FARPROC)((DWORD)GetProcAddress(GetModuleHandleA("kernel32.dll"), "VirtualProtectEx")+5);
_declspec(naked) BOOL WINAPI FixMem(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect)
{
_asm
{
mov edi,edi
push ebp
mov ebp,esp
jmp Vprotect
}
} |
btw both not work i think i am doing it wrong
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Fri Feb 13, 2009 8:22 am Post subject: |
|
|
did you removed the double slashes from
| Code: |
//const FARPROC Vprotect = (FARPROC)((DWORD)GetProcAddress(GetModuleHandleA("kernel32.dll"), "VirtualProtectEx")+5);
|
?
cuz if not ofcourse it won't work
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
