COD WWII Code Injection

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
User avatar
l0wb1t
Expert Cheater
Expert Cheater
Posts: 56
Joined: Mon May 29, 2017 4:16 pm
Reputation: 19
Contact:

COD WWII Code Injection

Post by l0wb1t » Sat Nov 04, 2017 8:18 am

Any Ideas here`?

User avatar
seikur0
Expert Cheater
Expert Cheater
Posts: 155
Joined: Sat Aug 26, 2017 10:48 am
Reputation: 109

Re: COD WWII Code Injection

Post by seikur0 » Sat Nov 04, 2017 9:25 am

You can't do the necessary far jump with the conditional jump instructions (apparently). Just put a label in front of your jmp return and jne to that. But even then you do have the test rdi,rdi and that other jne instruction from the original code in your injection, to avoid that I'd inject two lines higher.

Also and I'm not sure if that can happen, but if you get memory allocated near the injection point that'll shorten your jump instruction and screw up your return so to make sure I'd probably set the return point explicitly like this:
_Test2:
jmp newmem

_Test2+F: (this is for an injection point 2 lines higher, +10 would be for your current injection point)
return:

STN
Founder
Founder
Posts: 2844
Joined: Thu Mar 02, 2017 7:48 pm
Reputation: 255

Re: COD WWII Code Injection

Post by STN » Sat Nov 04, 2017 9:30 am

CE can't allocate near where you're injecting so a far jump is used. Seems to be a CE bug as manually allocation does work using the API (at least that's what Booboo told me, haven't tested myself) so maybe CE' has a strict allocation filters? I don't know.

Here is my solution

aobscanmodule(freespacee,ACOrigins.exe,00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00)
FULLACCESS(freespacee,1000)

You can increase the number of zeroes to find a bigger code cave but this should suffice. I was able to find a 500-800 bytes free zone with that consistently (used like 300 bytes in my injections without any issues for anyone).
For site updates, follow FRF's official Twitter, Facebook

User avatar
l0wb1t
Expert Cheater
Expert Cheater
Posts: 56
Joined: Mon May 29, 2017 4:16 pm
Reputation: 19
Contact:

Re: COD WWII Code Injection

Post by l0wb1t » Sat Nov 04, 2017 12:04 pm

Thanks for the ideas. Dark Byte told me "Query Memory Region Routines" needs to be disabled when activating scripts, else memory allocation fails.

Now everything is fine.
Image

Post Reply

Who is online

Users browsing this forum: No registered users