Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


WPM question, again

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496
PostPosted: Mon Dec 31, 2007 12:27 pm    Post subject: WPM question, again Reply with quote
Well since I got all this allocating stuff to work I've got another problem.
I allocated memory on lulz (pointer).
so:
Code:
  lulz := VirtualAllocEx(HandleWindow, nil, 128, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE);


and now I want to write on $006DF140: call lulz
But I don't know how I should do that.
Help please Smile
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25932
Location: The netherlands
PostPosted: Mon Dec 31, 2007 12:31 pm    Post subject: Reply with quote
e8 (addressoflulz-6DF140)-5
_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping


Last edited by Dark Byte on Mon Dec 31, 2007 1:34 pm; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496
PostPosted: Mon Dec 31, 2007 12:48 pm    Post subject: Reply with quote
Dark Byte wrote:
e8 (addressoflulz-6d5140)-5


But how to use this?
like
Code:
WriteProcessMemory(HandleWindow,  ptr($006DF140), $e8+(lulz-$6d5140)-5, 2, Write);

or with ptr().

Well it's not working with this.
Explain how to use it please Smile
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25932
Location: The netherlands
PostPosted: Mon Dec 31, 2007 12:56 pm    Post subject: Reply with quote
var callinstruction: array [0..4] of byte;

callinstruction[0]:=$e8;
pdword(@callinstruction[1])^:=(lulz-$006DF140)-5;

writeprocessmemory(processhandle, pointer($006DF140), @x[0],5,write);
_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping


Last edited by Dark Byte on Mon Dec 31, 2007 1:35 pm; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496
PostPosted: Mon Dec 31, 2007 1:33 pm    Post subject: Reply with quote
for
Code:
pdword(@callinstruction[1])^:=(lulz-$6d5140)-5;


It keeps saying:
[Error] Unit1.pas(500): Operator not applicable to this operand type

and what is $6d5140 actually?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25932
Location: The netherlands
PostPosted: Mon Dec 31, 2007 1:36 pm    Post subject: Reply with quote
I meant 006DF140

and if lulz isn't a dword but a pointer then typecast it to a dword.
pdword(@callinstruction[1])^:=(dword(lulz)-$006DF140)-5;
_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496
PostPosted: Tue Jan 01, 2008 9:47 am    Post subject: Reply with quote
Thank you alot, it's working perfect.
You are god in these things. Smile thx

Edit:
Well here's the script I want to "convert" to delphi:
Code:
[Enable]
alloc(CSX,128)
alloc(CSY,128)
alloc(VACRange,4)
registerSymbol(VACRange)

VACRange:
dd 1E

CSX:
mov eax, [80c898]
push eax
mov eax, [eax+640]
pop eax
mov eax, [eax+648]
mov [ebx],eax
mov edi,[ebp+10]
ret

CSY:
mov eax, [80c898]
push eax
mov eax, [eax+644]
add eax,[VACRange]
pop eax
mov eax, [eax+64C]
mov [edi],eax
mov ebx,[ebp+14]
ret

006DF140:
call CSX

006DF1A5:
call CSY

[Disable]
006DF140:
mov [ebx],eax
mov edi,[ebp+10]

006DF1A5:
mov [edi],eax
mov ebx,[ebp+14]

dealloc(CSX)
dealloc(CSY)
dealloc(VACRange)
unregisterSymbol(VACRange)


My only problem is the VACRange.

I tried this:
Code:
  lulz3 := VirtualAllocEx(HandleWindow, nil, $512, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE);
  WriteProcessMemory(HandleWindow, lulz3, @test, 1, Write);
callinstruction3[0]:=$03;
callinstruction3[1]:=$05;
lulz4 := ptr(integer(lulz2)+12);
pdword(@callinstruction3[2])^:=(dword(lulz3)-dword(lulz4))-5;
  WriteProcessMemory(HandleWindow, ptr(integer(lulz2)+12), @callinstruction3, 4, Write); //lulz2 is the allocation for CSY


vars:

Code:
lulz, lulz2, lulz3, lulz4: pointer;
  callinstruction3: array [0..4] of byte;
  test: Array [0..15] of Byte=($1E, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00, $00);


If you don't understand this (I think it's not that easy) I can post the whole code.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites