Page 1 of 1
PULSAR Lost Colony Script Issue
Posted: Thu Apr 27, 2017 6:23 am
by Kalas
I'm trying to use lea so the current value will display always:
Code: Select all
push ebx
lea ebx,[eax+74]
mov [CoreTempValue],ebx
pop ebx
fstp dword ptr [eax+74]
jmp 28229A60
jmp return
I added those as well:
Code: Select all
alloc(CoreTempValue,8)
registersymbol(CoreTempValue)
unregistersymbol(CoreTempValue)
dealloc(CoreTempValue)
The code itself looks like that:
Code: Select all
[ENABLE]
aobscan(aobCoreTemp,D9 58 74 E9 70 00 00 00)
alloc(newmem,$100,aobCoreTemp)
alloc(CoreTempValue,8)
label(code)
label(return)
registersymbol(CoreTempValue)
newmem:
code:
push ebx
lea ebx,[eax+74]
mov [CoreTempValue],ebx
pop ebx
fstp dword ptr [eax+74]
jmp 28229A60
jmp return
aobCoreTemp:
jmp newmem
nop
nop
nop
return:
registersymbol(aobCoreTemp)
[DISABLE]
aobCoreTemp:
db D9 58 74 E9 70 00 00 00
unregistersymbol(aobCoreTemp)
unregistersymbol(CoreTempValue)
dealloc(newmem)
dealloc(CoreTempValue)
The issue here is that, after adding address manually the value will just display as ?? rather then show my current stat, what could be the issue in my code?
PS: Is there any other way of doing what I'm trying in this code, Like more smaller then using lea like that.?
Re: PULSAR Lost Colony Script Issue
Posted: Thu Apr 27, 2017 8:41 am
by Eric
has your injected code been executed at least once ? Else CoreTempValue will stay 0
what you can also do is:
mov [CoreTempValue],eax
and then as pointer give as base address CoreTempValue and as offset 74
Re: PULSAR Lost Colony Script Issue
Posted: Thu Apr 27, 2017 9:26 am
by Kalas
Ohh...
Thank you Eric
Re: PULSAR Lost Colony Script Issue
Posted: Thu Apr 27, 2017 9:33 am
by Kalas
Hmm I have a question:
So I did a compare between first script and then I found the instrcution agian when I opened the game again, this is weird:
Version 1:
Code: Select all
fstp dword ptr [eax+74]
jmp 28229A60
jmp return
Version 2:
Code: Select all
fstp dword ptr [eax+74]
jmp 1D9F0418
jmp return
The jmp is different, could it be the reason why my game sometimes crush when I activate the script?
Re: PULSAR Lost Colony Script Issue
Posted: Thu Apr 27, 2017 9:39 am
by Kalas
Should it look like that:?
Code: Select all
[ENABLE]
aobscan(aobCoreTemp,D9 58 74 E9 70 00 00 00)
alloc(newmem,$100,aobCoreTemp)
label(code)
label(return)
label(CoreTempPtr)
registersymbol(CoreTempPtr)
newmem:
code:
fstp dword ptr [eax+74]
mov [CoreTempPtr],ebx
jmp 1D9F0418
jmp return
CoreTempPtr:
aobCoreTemp:
jmp newmem
nop
nop
nop
return:
registersymbol(aobCoreTemp)
[DISABLE]
aobCoreTemp:
db D9 58 74 E9 70 00 00 00
unregistersymbol(aobCoreTemp)
unregistersymbol(CoreTempValue)
dealloc(newmem)
Re: PULSAR Lost Colony Script Issue
Posted: Thu Apr 27, 2017 2:33 pm
by Kalas
SunBeam wrote: ↑Thu Apr 27, 2017 2:28 pm
Your problem is exactly that JMP. The address changes because the game's code is allocated differently in memory every time you run it (the base for the process changes). In Memory View change display to show module names (View > Show module addresses), then instead of "1D9F0418" use its symbolic name (e.g.: game.exe+50418). That's always going to be static, as CE will read base of game, no matter where it's allocated and calculate your address' location based on the offset.
Oh Alright, thank you ill try