Problems with the Disable

Section's for general approaches on hacking various options in games. No online-related discussions/posts OR warez!
Post Reply
User avatar
SilverRabbit90
Table Makers
Table Makers
Posts: 178
Joined: Fri Jan 15, 2021 12:01 am
Reputation: 149

Problems with the Disable

Post by SilverRabbit90 »

I have some problems with disable, when the script disable the game bugs, sometimes it sticks and sometimes crashes. (I noticed this thing in several games).
I think I understand what the problema is but I don't know how to solve.

Basically AOB changes to each restart of the game so for Inject the code I replaced the different parts with ??, the problem that the pieces of code also change in the Disable. How can I Disable a script in which there are pieces of code that also change in the Disable?
Spoiler

Code: Select all

{ Game   : pcsx2.exe
  Version: 
  Date   : 2023-12-25
  Author : Pc

  This script does blah blah blah
}

[ENABLE]

aobscan(MoneyZa,0F 88 ?? ?? ?? ?? E9 ?? ?? ?? ?? 8B 0D 30 9F ?? 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 ?? ?? ?? BB ?? ?? ?? 30 01 C1 0F 88 ?? ?? ?? ??    8B 01  A3 00 9E ?? 01 8B 0D 10 A0 ?? 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 ?? ?? ?? BB ?? ?? ?? 30 01 C1 0F 88 ?? ?? ?? ?? 8B 01) // should be unique
                //0F 88 7F 14 BB FF E9 3F 62 EC D1 8B 0D 30 9F 3F 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 80 C4 1A BB E8 1D FF 30 01 C1 0F 88 5A 32 E4 D1    8B 01  A3 00 9E 3F 01 8B 0D 10 A0 3F 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 80 C4 1A BB 11 1E FF 30 01 C1 0F 88 31 32 E4 D1 8B 01
                //0F 88 48 D7 E5 D2 E9 3E D7 E5 D2 8B 0D 30 9F 63 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 E0 04 1B BB E9 A8 29 30 01 C1 0F 88 59 A7 DD D2    8B 01  A3 00 9E 63 01 8B 0D 10 A0 63 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 E0 04 1B BB 12 A9 29 30 01 C1 0F 88 30 A7 DD D2 8B 01
                //0F 88 E3 35 BB FF E9 94 65 32 D2 8B 0D 30 9F 85 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 30 9B 1A BB 93 1A FF 30 01 C1 0F 88 AF 35 2A D2    8B 01  A3 00 9E 85 01 8B 0D 10 A0 85 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 30 9B 1A BB BC 1A FF 30 01 C1 0F 88 86 35 2A D2 8B 01
alloc(newmem,$1000)

alloc(lotOfMoney,4)
registersymbol(lotOfMoney)

lotOfMoney:
dd 0

label(code)
label(return)

label(seeMoney)
registersymbol(seeMoney)

label(setMoney)
registersymbol(setMoney)

newmem:

mov [seeMoney],ecx

cmp [lotOfMoney],1
jne code

mov eax,[setMoney]
  mov [ecx],eax

    mov eax,[ecx]
  mov [pcsx2.exe+1199E00],eax
  jmp return

code:
  mov eax,[ecx]
  mov [pcsx2.exe+1199E00],eax
  jmp return

  setMoney:
  dd (float)100000000

  seeMoney:
  db 0

MoneyZa+30:
  jmp newmem
  nop 2
return:
registersymbol(MoneyZa)

[DISABLE]

MoneyZa+30:
  db 8B 01 A3 00 9E ?? 01

unregistersymbol(*)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: 30310290

30310260: 0F 88 9F 7D AD D2     - js pcsx2.exe+2C58005
30310266: E9 95 7D AD D2        - jmp pcsx2.exe+2C58000
3031026B: 8B 0D 30 9F 32 01     - mov ecx,[pcsx2.exe+1199F30]
30310271: 81 C1 60 0B 00 00     - add ecx,00000B60
30310277: 89 C8                 - mov eax,ecx
30310279: C1 E8 0C              - shr eax,0C
3031027C: 8B 04 85 30 C0 EC 1A  - mov eax,[eax*4+1AECC030]
30310283: BB 92 02 31 30        - mov ebx,30310292
30310288: 01 C1                 - add ecx,eax
3031028A: 0F 88 B0 4D A5 D2     - js pcsx2.exe+2BD5040
// ---------- INJECTING HERE ----------
30310290: 8B 01                 - mov eax,[ecx]
// ---------- DONE INJECTING  ----------
30310292: A3 00 9E 32 01        - mov [pcsx2.exe+1199E00],eax
30310297: 8B 0D 10 A0 32 01     - mov ecx,[pcsx2.exe+119A010]
3031029D: 83 C1 44              - add ecx,44
303102A0: 89 C8                 - mov eax,ecx
303102A2: C1 E8 0C              - shr eax,0C
303102A5: 8B 04 85 30 C0 EC 1A  - mov eax,[eax*4+1AECC030]
303102AC: BB BB 02 31 30        - mov ebx,303102BB
303102B1: 01 C1                 - add ecx,eax
303102B3: 0F 88 87 4D A5 D2     - js pcsx2.exe+2BD5040
303102B9: 8B 01                 - mov eax,[ecx]
}
As you can see, the code changes in disabled precisely the line:

[Disable]
MoneyZa+30:
db 8B 01 A3 00 9E ?? 01

The piece where did I put ?? Change at each restart of the game.

The script works perfectly until it disable it.

Any solution?
Top
Eric
Hall of Famer
Hall of Famer
Posts: 174
Joined: Thu Mar 02, 2017 11:01 pm
Reputation: 90

Re: Problems with the Disable

Post by Eric »

use readmem to store the original bytes

Code: Select all

{ Game   : pcsx2.exe
  Version: 
  Date   : 2023-12-25
  Author : Pc

  This script does blah blah blah
}

[ENABLE]

aobscan(MoneyZa,0F 88 ?? ?? ?? ?? E9 ?? ?? ?? ?? 8B 0D 30 9F ?? 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 ?? ?? ?? BB ?? ?? ?? 30 01 C1 0F 88 ?? ?? ?? ??    8B 01  A3 00 9E ?? 01 8B 0D 10 A0 ?? 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 ?? ?? ?? BB ?? ?? ?? 30 01 C1 0F 88 ?? ?? ?? ?? 8B 01) // should be unique
                //0F 88 7F 14 BB FF E9 3F 62 EC D1 8B 0D 30 9F 3F 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 80 C4 1A BB E8 1D FF 30 01 C1 0F 88 5A 32 E4 D1    8B 01  A3 00 9E 3F 01 8B 0D 10 A0 3F 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 80 C4 1A BB 11 1E FF 30 01 C1 0F 88 31 32 E4 D1 8B 01
                //0F 88 48 D7 E5 D2 E9 3E D7 E5 D2 8B 0D 30 9F 63 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 E0 04 1B BB E9 A8 29 30 01 C1 0F 88 59 A7 DD D2    8B 01  A3 00 9E 63 01 8B 0D 10 A0 63 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 E0 04 1B BB 12 A9 29 30 01 C1 0F 88 30 A7 DD D2 8B 01
                //0F 88 E3 35 BB FF E9 94 65 32 D2 8B 0D 30 9F 85 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 30 9B 1A BB 93 1A FF 30 01 C1 0F 88 AF 35 2A D2    8B 01  A3 00 9E 85 01 8B 0D 10 A0 85 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 30 9B 1A BB BC 1A FF 30 01 C1 0F 88 86 35 2A D2 8B 01
alloc(newmem,$1000)

alloc(lotOfMoney,4)
alloc(originalbytes_scriptx,7)
registersymbol(originalbytes_scriptx) 
registersymbol(lotOfMoney)


originalbytes_scriptx:
readmem(MoneyZa+30,7)


lotOfMoney:
dd 0

label(code)
label(return)

label(seeMoney)
registersymbol(seeMoney)

label(setMoney)
registersymbol(setMoney)

newmem:

mov [seeMoney],ecx

cmp [lotOfMoney],1
jne code

mov eax,[setMoney]
  mov [ecx],eax

    mov eax,[ecx]
  mov [pcsx2.exe+1199E00],eax
  jmp return

code:
  mov eax,[ecx]
  mov [pcsx2.exe+1199E00],eax
  jmp return

  setMoney:
  dd (float)100000000

  seeMoney:
  db 0

MoneyZa+30:
  jmp newmem
  nop 2
return:
registersymbol(MoneyZa)

[DISABLE]

MoneyZa+30:
readmem(originalbytes_scriptx,7)


unregistersymbol(*)
dealloc(newmem)
Top
User avatar
SilverRabbit90
Table Makers
Table Makers
Posts: 178
Joined: Fri Jan 15, 2021 12:01 am
Reputation: 149

Re: Problems with the Disable

Post by SilverRabbit90 »

Eric wrote:
Sun Jan 07, 2024 2:42 pm
 use readmem to store the original bytes

Code: Select all

{ Game   : pcsx2.exe
  Version: 
  Date   : 2023-12-25
  Author : Pc

  This script does blah blah blah
}

[ENABLE]

aobscan(MoneyZa,0F 88 ?? ?? ?? ?? E9 ?? ?? ?? ?? 8B 0D 30 9F ?? 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 ?? ?? ?? BB ?? ?? ?? 30 01 C1 0F 88 ?? ?? ?? ??    8B 01  A3 00 9E ?? 01 8B 0D 10 A0 ?? 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 ?? ?? ?? BB ?? ?? ?? 30 01 C1 0F 88 ?? ?? ?? ?? 8B 01) // should be unique
                //0F 88 7F 14 BB FF E9 3F 62 EC D1 8B 0D 30 9F 3F 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 80 C4 1A BB E8 1D FF 30 01 C1 0F 88 5A 32 E4 D1    8B 01  A3 00 9E 3F 01 8B 0D 10 A0 3F 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 80 C4 1A BB 11 1E FF 30 01 C1 0F 88 31 32 E4 D1 8B 01
                //0F 88 48 D7 E5 D2 E9 3E D7 E5 D2 8B 0D 30 9F 63 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 E0 04 1B BB E9 A8 29 30 01 C1 0F 88 59 A7 DD D2    8B 01  A3 00 9E 63 01 8B 0D 10 A0 63 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 E0 04 1B BB 12 A9 29 30 01 C1 0F 88 30 A7 DD D2 8B 01
                //0F 88 E3 35 BB FF E9 94 65 32 D2 8B 0D 30 9F 85 01 81 C1 60 0B 00 00 89 C8 C1 E8 0C 8B 04 85 30 30 9B 1A BB 93 1A FF 30 01 C1 0F 88 AF 35 2A D2    8B 01  A3 00 9E 85 01 8B 0D 10 A0 85 01 83 C1 44 89 C8 C1 E8 0C 8B 04 85 30 30 9B 1A BB BC 1A FF 30 01 C1 0F 88 86 35 2A D2 8B 01
alloc(newmem,$1000)

alloc(lotOfMoney,4)
alloc(originalbytes_scriptx,7)
registersymbol(originalbytes_scriptx) 
registersymbol(lotOfMoney)


originalbytes_scriptx:
readmem(MoneyZa+30,7)


lotOfMoney:
dd 0

label(code)
label(return)

label(seeMoney)
registersymbol(seeMoney)

label(setMoney)
registersymbol(setMoney)

newmem:

mov [seeMoney],ecx

cmp [lotOfMoney],1
jne code

mov eax,[setMoney]
  mov [ecx],eax

    mov eax,[ecx]
  mov [pcsx2.exe+1199E00],eax
  jmp return

code:
  mov eax,[ecx]
  mov [pcsx2.exe+1199E00],eax
  jmp return

  setMoney:
  dd (float)100000000

  seeMoney:
  db 0

MoneyZa+30:
  jmp newmem
  nop 2
return:
registersymbol(MoneyZa)

[DISABLE]

MoneyZa+30:
readmem(originalbytes_scriptx,7)


unregistersymbol(*)
dealloc(newmem)
It works perfectly, thank you very much Eric :)
Top
Post Reply

Return to “Generic Tutorials”

Who is online

Users browsing this forum: No registered users