Code injection with value

[CJtheTiger]

Using the Auto Assembler I created a little snippet which modifies which value will be set to a specific address.

Initially it was:

mov [esi+9A],al

What I want it to be is:

mov [esi+9A],<my value>

I'd like to define the value in the table. How would I accomplish this?

This is the complete script:

[ENABLE]

alloc(valuemod,2048)
label(valuemodexit)

valuemod:
mov [esi+9A],<my value>
jmp valuemodexit

"MyGame.exe"+ABCDEF:
jmp valuemod
valuemodexit:
 
[DISABLE]
"MyGame.exe"+ABCDEF:
mov [esi+9A],al

I could just make another entry in the table which writes the value into allocated memory for the injection and then just retrieve it in there, but I figured there must be some way to do this in a more elegant way.

 

[TheyCallMeTim13]

if your push value is always the same then you can just put your value in like you have it, but CE will interpret this as hex but you can use (int)#

mov [esi+9A],(int)100

Or you could define a value:

define(PushValue,(int)100)
...
mov [esi+9A],PushValue

 

[++METHOS]

You can also create a custom symbol and add it to your table as a custom address:

[ENABLE]

alloc(valuemod,2048)
label(valuemodexit)
label(originalcode)
label(value)

registersymbol(value)

valuemod:

{--optional-->>
cmp [value],0
je originalcode
<<--optional--}

push edi
mov edi,[value]
mov [esi+9A],edi
pop edi
jmp valuemodexit //may need to add some original code before the jump

originalcode:
//originalcode here
jmp valuemodexit

value:
dd 0

"MyGame.exe"+ABCDEF:
jmp valuemod
valuemodexit:

[DISABLE]
"MyGame.exe"+ABCDEF:
mov [esi+9A],al

unregistersymbol(value)

Once the script is activated, add a custom address to your table and put value in the address field. You can assign hotkeys for setting/freezing values etc..

 

[CJtheTiger]

Thanks guys!

 

[Zanzer]

Be sure to include "byte ptr" so you're not overwriting more than the 1 address.

mov byte ptr [esi+9A],<my value>

mov al,[value]

 

[CJtheTiger]

Be sure to include "byte ptr" so you're not overwriting more than the 1 address.

mov byte ptr [esi+9A],<my value>

mov al,[value]

From my understanding it will take the smallest common size, so when I move some value to AL which is one byte in size, it will only take one byte from the value I want to move there. Feel free to correct me there though.