Script question

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 145
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 3

Script question

Post by Kalas » Mon Apr 03, 2017 9:42 am

This script is basically for Item Cap, for example 10/50 (50 is the Max value it can reach), I wanted to know how exactly can I change the number to 99 in this script, It's a 4 byte value.

Code: Select all

[ENABLE]

aobscan(aobItemCap,48 63 46 3C 48 89 45 E8)
alloc(newmem,$100,aobItemCap)

label(code)
label(return)

newmem:

code:
  movsxd  rax,dword ptr [rsi+3C]
  mov [rbp-18],rax
  jmp return

aobItemCap:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(aobItemCap)

[DISABLE]

aobItemCap:
  db 48 63 46 3C 48 89 45 E8

unregistersymbol(aobItemCap)
dealloc(newmem)

User avatar
SunBeam
Trouble Makers
Trouble Makers
Posts: 114
Joined: Thu Mar 02, 2017 10:15 pm
Reputation: 20

Re: Script question

Post by SunBeam » Mon Apr 03, 2017 10:25 am

If 4 bytes = a DWORD, and: "movsxd rax, dword ptr [rsi+3C]", then how do you write #99 into [rsi+3C]? :)

User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 145
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 3

Re: Script question

Post by Kalas » Mon Apr 03, 2017 8:07 pm

I KNOW ! :)

User avatar
++METHOS
Administration
Administration
Posts: 160
Joined: Thu Mar 02, 2017 9:02 pm
Reputation: 11

Re: Script question

Post by ++METHOS » Mon Apr 03, 2017 8:41 pm

If you cannot change the cap value, directly, then you need to find in code where the limitation is being set or checked against and change it.

User avatar
Kalas
Expert Cheater
Expert Cheater
Posts: 145
Joined: Fri Mar 03, 2017 9:49 am
Reputation: 3

Re: Script question

Post by Kalas » Mon Apr 03, 2017 8:53 pm

Actually I can, I used Lea so when I hover an item It simply shows the Item Cap and I can change it to for example 999 and I can store more then for example 50 as before.

It works perfectly now though thank you, I used what accesses this address because there is no way to find the instruction with what writes to it as It cannot be changed manually.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest