Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How to define a specific address of a symbol?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Auto Assembler tutorials
View previous topic :: View next topic  
Author Message
movss
Cheater
Reputation: 0

Joined: 10 Feb 2018
Posts: 38

PostPosted: Mon Feb 12, 2018 3:49 am    Post subject: How to define a specific address of a symbol? Reply with quote

Sometimes, before the hook api function, the first 5 bytes have been hooked,The first 5 bytes are often fixed:
mov edi ,edi
push ebp
mov ebp,esp
So, I think, can you hook the first 6 bytes of the function?don't care be hooked or not
But generateAPIHookScript () need to provide a symbol, how to define a symbol, it is equal to the function address +5?

_________________
A wild programmer
Back to top
View user's profile Send private message
FreeER
Grandmaster Cheater Supreme
Reputation: 53

Joined: 09 Aug 2013
Posts: 1091

PostPosted: Mon Feb 12, 2018 6:03 am    Post subject: Reply with quote

Quickest answer would be to simply try it... here's the result of putting 0054E930, 0057E930, and 436345 in the boxes.

Code:

alloc(originalcall,2048)
label(returnhere)

436345:

dd originalcall

originalcall:

mov byte ptr [0054F500],00
jmp returnhere

0054E930:
jmp 0057E930
nop
nop
returnhere:


in fact if you put in a,b,c then you get
Code:

alloc(originalcall,2048)
label(returnhere)

c:

dd originalcall

originalcall:

??
??
??
??
??
jmp returnhere

a:
jmp b
returnhere:
presumably if they were registered symbols it could have copied the actual instruction but they weren't.
Back to top
View user's profile Send private message
movss
Cheater
Reputation: 0

Joined: 10 Feb 2018
Posts: 38

PostPosted: Mon Feb 12, 2018 7:56 am    Post subject: Reply with quote

i know this ,
but how write use generateAPIHookScript ()?
generateAPIHookScript () looks likes detours,,also has a bridge function

_________________
A wild programmer
Back to top
View user's profile Send private message
FreeER
Grandmaster Cheater Supreme
Reputation: 53

Joined: 09 Aug 2013
Posts: 1091

PostPosted: Mon Feb 12, 2018 8:11 am    Post subject: Reply with quote

Well if you look at the code generated it's pretty clear that it takes an address to write a jmp at, the address to jmp to, and (optionally) an address to write the address of the allocated memory (originalcall label) to.

If you don't already have an address you want it to jump to then you're probably better off just using either the full injection or aobscan template which do allocate memory for it to jump to.


Personally I don't believe I've ever wanted to hook the start of a function to do anything more than ret, or move a constant value in rax and then ret, which rarely needs to jump to new memory since just the prologue is usually large enough for that (and it returns so what the rest of the code looks like doesn't matter). But then I'm not usually trying to "mod" the game, just hack a few things to eliminate grinding or max stats for some quick power-fantasy fun.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Auto Assembler tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites