| View previous topic :: View next topic |
| Author |
Message |
vng21092
Grandmaster Cheater
 Reputation: 15
Joined: 05 Apr 2013
Posts: 644
|
 Posted: Wed Sep 24, 2014 5:17 pm Post subject: Help? Code doesn't turn back into original |
 |
|
The instructions on the left side is how it normally is, but for some reason when I toggle the code, after turning it on and off the instructions change (the red ones)... why? How can I fix this? The left script is the default, the right script it what I wrote.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Wed Sep 24, 2014 5:30 pm Post subject: |
|
|
With the way you alloc memory your jmp is going to take 16 bytes, so restore those as well(right now you only restore 7)
You could also try alloc(newmem_1, 128, metro.exe)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
vng21092
Grandmaster Cheater
Reputation: 15
Joined: 05 Apr 2013
Posts: 644
|
| Posted: Wed Sep 24, 2014 5:54 pm Post subject: |
|
|
| How would I restore those? Also, if you don't mind, can you explain what the third parameter in the alloc statement does, thanks.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Wed Sep 24, 2014 7:08 pm Post subject: |
|
|
Actually, it's just 14 bytes
You save and restore them like you always do when a jmp instruction is going to overwrite more than one instruction
E.g the originalcode needs to contain 4 instructions, and the return needs some padding for extra nops, or hardcode the return
Or you can just use the 3th parameter of alloc.
The third parameter specifies the general region the allocated memory will go.
By specifying that it should be nearby where metro.exe is located you can make sure that the distance is less then 2GB, and thus no "stupidly long jmp"(14 byte) instruction will be used, but instead the "long jmp" (5 bytes)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
vng21092
Grandmaster Cheater
Reputation: 15
Joined: 05 Apr 2013
Posts: 644
|
| Posted: Wed Sep 24, 2014 7:29 pm Post subject: |
|
|
| well I added the metro.exe as a third parameter and that worked out well. Still not so clear on the whole padding for nops thing, gotta read up on that. but nonetheless, thanks.
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
 Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Thu Sep 25, 2014 7:08 am Post subject: |
|
|
You can always try other built-in templates:
- "AOB Injection"
- "Full Injection"
The first one will produce AA script with unique signature (array of byte). Unique at that runtime. It means that autogenerated script could work with newer versions of game. More advanced users adjust signature a little more - longer signature with wildcards on appropriate places.
Note: symbol name must be simple word without spaces and other weird characters, just use English chars a-zA-Z.
The second will work only for that one version. It won't work in newer game version (if module has changed, EXE or DLL).
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
