3
"Infinite Ammo"
80000008
Auto Assembler Script
[ENABLE]
aobscan(Ammo,89 87 3C 01 00 00 8B 87 3C) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
//add [edi+0000013C],10
jmp return
Ammo:
jmp code
nop
return:
registersymbol(Ammo)
[DISABLE]
Ammo:
db 89 87 3C 01 00 00
unregistersymbol(Ammo)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 118E9918
118E98FA: 7E 22 - jle 118E991E
118E98FC: 8B 87 3C 01 00 00 - mov eax,[edi+0000013C]
118E9902: 8B 4D A8 - mov ecx,[ebp-58]
118E9905: 8B 49 7C - mov ecx,[ecx+7C]
118E9908: 2B C1 - sub eax,ecx
118E990A: 83 EC 08 - sub esp,08
118E990D: 50 - push eax
118E990E: 6A 00 - push 00
118E9910: E8 63 C7 7F F3 - call 050E6078
118E9915: 83 C4 10 - add esp,10
// ---------- INJECTING HERE ----------
118E9918: 89 87 3C 01 00 00 - mov [edi+0000013C],eax
// ---------- DONE INJECTING ----------
118E991E: 8B 87 3C 01 00 00 - mov eax,[edi+0000013C]
118E9924: 85 C0 - test eax,eax
118E9926: 0F 85 80 00 00 00 - jne 118E99AC
118E992C: 8B 87 A4 00 00 00 - mov eax,[edi+000000A4]
118E9932: 83 EC 08 - sub esp,08
118E9935: 6A 00 - push 00
118E9937: 50 - push eax
118E9938: E8 BB E0 7A F3 - call 050979F8
118E993D: 83 C4 10 - add esp,10
118E9940: 85 C0 - test eax,eax
}
14
"Infinite Health"
80000008
Auto Assembler Script
[ENABLE]
aobscan(Healthplease,89 86 A0 01 00 00 C7 85 24) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
cmp dword [esi+000001A0],64
je return
mov [esi+000001A0],eax
jmp return
Healthplease:
jmp code
nop
return:
registersymbol(Healthplease)
[DISABLE]
Healthplease:
db 89 86 A0 01 00 00
unregistersymbol(Healthplease)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 112F38B9
112F3896: E8 4D FD ED F3 - call 051D35E8
112F389B: 83 C4 10 - add esp,10
112F389E: 85 C0 - test eax,eax
112F38A0: 75 1D - jne 112F38BF
112F38A2: 8B 86 A0 01 00 00 - mov eax,[esi+000001A0]
112F38A8: D9 45 0C - fld dword ptr [ebp+0C]
112F38AB: DD 5D B8 - fstp qword ptr [ebp-48]
112F38AE: F2 0F 10 45 B8 - movsd xmm0,[ebp-48]
112F38B3: F2 0F 2C C8 - cvttsd2si ecx,xmm0
112F38B7: 03 C1 - add eax,ecx
// ---------- INJECTING HERE ----------
112F38B9: 89 86 A0 01 00 00 - mov [esi+000001A0],eax
// ---------- DONE INJECTING ----------
112F38BF: C7 85 24 FF FF FF D8 14 6B 11 - mov [ebp-000000DC],116B14D8
112F38C9: 8B 86 A0 01 00 00 - mov eax,[esi+000001A0]
112F38CF: 85 C0 - test eax,eax
112F38D1: 7F 17 - jg 112F38EA
112F38D3: D9 45 0C - fld dword ptr [ebp+0C]
112F38D6: D9 EE - fldz
112F38D8: DF F1 - fcomip st(0),st(1)
112F38DA: DD D8 - fstp st(0)
112F38DC: 76 0C - jna 112F38EA
112F38DE: C7 85 24 FF FF FF C8 50 14 54 - mov [ebp-000000DC],541450C8
}
Change of mov [edi+000001A0],eax
050EB748
0
00
00
83
C4
10
89
87
A0
01
00
00
83
EC
08
68
80
Change of mov [esi+000001A0],eax
114F1339
0
0F
2C
C8
03
C1
89
86
A0
01
00
00
C7
85
24
FF
FF
Change of mov eax,[esi+000001A0]
114F1349
0
FF
68
86
75
4A
8B
86
A0
01
00
00
85
C0
7F
17
D9
Change of mov eax,[esi+000001A0]
114F14EB
0
00
00
83
C4
20
8B
86
A0
01
00
00
85
C0
0F
8F
15
Change of jnl 114F1BF8
114F1BEC
0
01
00
00
85
C0
7D
0A
C7
86
A0
01
00
Change of mov [esi+000001A0],00000000
116013A8
0
19
01
00
00
01
C7
86
A0
01
00
00
00
00
00
00
8B
86
E4
00
00
Change of mov eax,[edi+000001A0]
0519B5DF
0
87
A4
01
00
00
8B
87
A0
01
00
00
8B
8F
A4
01
00
Change of mov eax,[esi+000001A0]
1162358A
0
10
85
C0
75
1D
8B
86
A0
01
00
00
D9
45
0C
DD
5D
Change of fld dword ptr [ebp+0C]
11623590
0
86
A0
01
00
00
D9
45
0C
DD
5D
B8
F2
0F
Change of fstp qword ptr [ebp-48]
11623593
0
00
00
D9
45
0C
DD
5D
B8
F2
0F
10
45
B8
Healthplease
112F38B9
Ammo
112A1730