Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[C#]Asm Script help
Goto page 1, 2, 3  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Thu Feb 12, 2009 12:11 pm    Post subject: [C#]Asm Script help Reply with quote

is there a way to put asm script into C# source? Shocked
i heard "Compile an dll in C++ with this script and use it in C# source" ?

umm ok so i need to put Mouse Travel script for EMS but its BIG? and have Pointers in it Shocked

lets see the script:

Code:
[ENABLE]
Alloc(MouserX,512)
Alloc(MouserY,512)
label(back)
label(return)

006EDC66:
jmp MouserX
back:

006EDCCB:
jmp MouserY
return:

MouserX:
mov eax, [00818c20]
mov eax, [eax+978]
mov eax, [eax+80]
mov [ebx], eax
mov edi,[ebp+10]
jmp back

MouserY:
mov eax, [00818c20]
mov eax, [eax+978]
mov eax, [eax+84]
mov [edi], eax
mov ebx,[ebp+14]
jmp return

[DISABLE]
006EDC66:
mov [ebx], eax
mov edi,[ebp+10]

006EDCCB:
mov [edi],eax
mov ebx,[ebp+14]
dealloc(MouserX)
dealloc(MouserY)

its mouse travel from v.49
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Thu Feb 12, 2009 1:01 pm    Post subject: Reply with quote

that'd be harder than C++ since C# doesn't support inline asm
you'll have to translate those lines to their bytes and write them using WPM
but since ms is blocking WPM it doesn't seem possible ?! or not? never done such thing in C#
but yes there's always the easiest way to write a dll with this script and export it to your C# program
Back to top
View user's profile Send private message
dnsi0
I post too much
Reputation: 0

Joined: 04 Jan 2007
Posts: 2674

PostPosted: Thu Feb 12, 2009 1:07 pm    Post subject: Reply with quote

and to write memory inside a dll u use *(DWORD*)
Back to top
View user's profile Send private message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Thu Feb 12, 2009 1:26 pm    Post subject: Reply with quote

1qaz wrote:
that'd be harder than C++ since C# doesn't support inline asm
you'll have to translate those lines to their bytes and write them using WPM
but since ms is blocking WPM it doesn't seem possible ?! or not? never done such thing in C#
but yes there's always the easiest way to write a dll with this script and export it to your C# program

damm i know only how to change single bytes in C++/C# Shocked

in C++ sctipt should be:
Code:
DWORD Addy1 = 0x006EDC66;
DWORD Addy2 = 0x006EDCCB;


Code:
memory = preader.ReadProcessMemory((IntPtr)0x0081bc50, 4, out bytesread);

pointerbase = BitConverter.ToInt32(memory, 0);

pointerbase += 0x80;
pointerbase1 += 0x978;

memory = preader.ReadProcessMemory((IntPtr)pointerbase, pointerbase1, 4, out bytesread);

MouserXAddy = BitConverter.ToInt32(memory, 0);


Code:
memory = preader.ReadProcessMemory((IntPtr)0x0081bc50, 4, out bytesread);

pointerbase = BitConverter.ToInt32(memory, 0);

pointerbase += 0x84;
pointerbase1 += 0x978;

memory = preader.ReadProcessMemory((IntPtr)pointerbase, pointerbase1, 4, out bytesread);

MouserYAddy = BitConverter.ToInt32(memory, 0);


---edit---
@lolz , up pointers are in C# and down script is in C++ DAM idk

Code:
void __declspec(naked) __stdcall Blink ()
{
   _asm
   {
      Addy1:
      jmp [MouserX]
      
      Addy2:
      jmp [MouserY]
      
      [MouserXAddy]:
      mov [ebx], eax
      mov edi,[ebp+0x10]
      jmp back
      
      [MouserYAddy]:
      mov [edi], eax
      mov ebx,[ebp+0x14]
      
   }
}
Sad
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Thu Feb 12, 2009 2:05 pm    Post subject: Reply with quote

Code:

Addy1:
jmp [MouserX]

won't work on inline asm since it's different from auto assembler
create 2 code caves for both mousex and mousey
Code:

_declspec(naked) void MouseX_CodeCave()
{
  // code for MouseX goes here
  // after code you want to go back to the address + 5 so
  jmp dword ptr ds:[Addy1 + 5]
}

_declspec(naked) void MouseY_CodeCave()
{
  // same as MouseX
  jmp dword ptr ds :[Addy2 + 5]
}

now to force it jump to your code cave just change the address's bytes
Code:

*(BYTE*)0x006EDC66 = 0xe9 // jmp
*(DWORD*)(0x006EDC66 + 0x1) = JMP(006EDC66,MouseX_CodeCave); // JMP(frm,to) will be declared at the top of the code as macro
/* #define JMP(frm,to) (int)(((int)to - (int)frm) - 5) */

and the same for MouseY address
Back to top
View user's profile Send private message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Thu Feb 12, 2009 2:43 pm    Post subject: Reply with quote

i made this

Code:
#include "windows.h"
//#include "stdafx.h" //No File in this directory? ;o??!!
#define JMP(frm, to) (int)(((int)to - (int)frm) - 5);

DWORD Addy1 = 0x006EDC66;
DWORD Addy2 = 0x006EDCCB;

_declspec(naked) void MouseX_CodeCave()
{
   __asm
   {
  // code for MouseX goes here
  // after code you want to go back to the address + 5 so
      mov [ebx], eax
      mov edi,[ebp+0x10]
      jmp back
      jmp dword ptr ds:[Addy1 + 5]
   }
}

_declspec(naked) void MouseY_CodeCave()
{
   __asm
   {
  // same as MouseX
      mov [edi], eax
      mov ebx,[ebp+0x14]
      jmp dword ptr ds :[Addy2 + 5]
   }
}

bool CoreDLL(void)
{
      *(BYTE*)0x006EDC66 = 0xe9 // jmp
      *(DWORD*)(0x006EDC66 + 0x1) = JMP(006EDC66,MouseX_CodeCave); // JMP(frm,to) will be declared at the top of the code as macro
      /* #define JMP(frm,to) (int)(((int)to - (int)frm) - 5) */
}


why i have these errors :O i dont see something wrong here.



Quote:
1>...\core.cpp(20) : error C2094: label 'back' was undefined
1>...\core.cpp(36) : error C2297: '*' : illegal, right operand has type 'DWORD *'
1>...\core.cpp(36) : error C2021: expected exponent value, not 'D'
1>...\core.cpp(36) : error C2059: syntax error : 'bad suffix on number'
1>...l\core.cpp(36) : error C2146: syntax error : missing ')' before identifier 'DC66'
1>...\core.cpp(36) : error C2059: syntax error : ')'
Back to top
View user's profile Send private message
&Vage
Grandmaster Cheater Supreme
Reputation: 0

Joined: 25 Jul 2008
Posts: 1053

PostPosted: Thu Feb 12, 2009 2:58 pm    Post subject: Reply with quote

This is stupid... OP said C# and you post C++.
Back to top
View user's profile Send private message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Thu Feb 12, 2009 3:04 pm    Post subject: Reply with quote

_void_ wrote:
This is stupid... OP said C# and you post C++.

this what i writed up , is in C++ because he told me to make an dll in C++ and using it in C# Confused
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Thu Feb 12, 2009 11:54 pm    Post subject: Reply with quote

first delete jmp back you don't need it
jmp back means jmp address + 5 bytes.
and notice what you've entered to JMP macro -
you've entered the address as it is without 0x
that's why you got bad suffix on number error and all others
it should be more like
Code:

*(DWORD*) (0x006EDC66 + 0x1) = JMP(0x006EDC66,MouseX_CodeCave);

here's an example dll
notice it doesn't have an entry point since you need to export the function from it
and notice the module definition file that makes the function exportable
now to return to his original mode save the original bytes and then write them to your addresses
http://rapidshare.com/files/197483049/mouseVac_dll.rar.html
Back to top
View user's profile Send private message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Fri Feb 13, 2009 7:30 am    Post subject: Reply with quote

@up
oh i see !! thanks for example

and now how in C# i can use functions in this dll ?

inport in class
Code:
    [DllImport("mouseVac_dll")]
    public static extern int puts(string c);


then in button code something or what ? Shocked
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Fri Feb 13, 2009 7:44 am    Post subject: Reply with quote

exactly as you said
Code:

[DllImport("mouseVac_dll.Dll")]
public static extern void MouseVac();

now at your button event
Code:

private void button1_Click(object sender, EventArgs e)
{
   MouseVac();
}
Back to top
View user's profile Send private message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Fri Feb 13, 2009 8:01 am    Post subject: Reply with quote

@up
error popup which says my trainer memory is corrupt or something like that, check this:


http://i41.tinypic.com/2uo13q8.jpg
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Fri Feb 13, 2009 8:05 am    Post subject: Reply with quote

insert into the dll b4 calculating jump bytes the following
Code:

DWORD oldProtection,oldProtection2;
VirtualProtect((LPVOID)addr1,6,PAGE_EXECUTE_READWRITE,&oldProtection);
VirtualProtect((LPVOID)addr2,6,PAGE_EXECUTE_READWRITE,&oldProtection2);

i forgot you need to remove memory protection to edit
Back to top
View user's profile Send private message
Wiw3K
Grandmaster Cheater
Reputation: 0

Joined: 09 Jul 2006
Posts: 762
Location: Poland.

PostPosted: Fri Feb 13, 2009 8:10 am    Post subject: Reply with quote

added this here.

Code:
#include <windows.h>
#define JMP(frm,to) (int)(((int)to - (int)frm) - 5)

DWORD oldProtection,oldProtection2;

...


and this here ye?

Code:
void MouseVac()
{
   VirtualProtect((LPVOID)addr1,6,PAGE_EXECUTE_READWRITE,&oldProtection);
   VirtualProtect((LPVOID)addr2,6,PAGE_EXECUTE_READWRITE,&oldProtection2);

   *(BYTE*)addr1 = 0xe9; // jmp byte
   *(DWORD*)(addr1 + 0x1) = JMP(addr1,MouseX); // calculate bytes for the address we need to jump to
   *(BYTE*)addr2 = 0xe9;
   *(DWORD*)(addr2 + 0x1) = JMP(addr2,MouseY); // same as addr1
}


& still this error Shocked





-edit-
check this
Code:

// Hooked API
// Thanks ferris for VirtualProtectExstatic const FARPROC Vprotect = (FARPROC)((DWORD)GetProcAddress(GetModuleHandleA("kernel32.dll"), "VirtualProtectEx")+5);
_declspec(naked) BOOL WINAPI FixMem(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect)
{
   _asm
   {
      mov edi,edi
      push ebp
      mov ebp,esp
      jmp Vprotect
   }
}


btw both not work Shocked Shocked i think i am doing it wrong Confused
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Fri Feb 13, 2009 8:22 am    Post subject: Reply with quote

did you removed the double slashes from
Code:

//const FARPROC Vprotect = (FARPROC)((DWORD)GetProcAddress(GetModuleHandleA("kernel32.dll"), "VirtualProtectEx")+5);

?
cuz if not ofcourse it won't work
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Goto page 1, 2, 3  Next
Page 1 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites