How to update AOB script when the functions are changed?

marek1957

Expert Cheater
Dec 16, 2017
90
0
6
#1
Hello Smart People!
I have question about - how to update aob script when the functions are changed? - how then update script?
I have one script and I found 100% correct memory region of the script but in new version of the game, the address where the script should be activated - has totally different functions but the rest memory region is 100% correct.

Is it possible to update such a script? or I must hack game once again?



 

marek1957

Expert Cheater
Dec 16, 2017
90
0
6
#2
For [edx+3A4] I was doing something like that:



Memory region for SHOOT doesn't change at all. Only in TARGET memory region functions are changed and now I don't know what to do to make this script works again.

If I follow the CALL in the NEW MEMORY REGION I have something like this:



If I follow the next call at E8 80 00 00 00, then I have something like this:



So how to update that script?
 

SunBeam

RCE Fanatics
Talents
Fearless Donors
Feb 4, 2018
743
397
63
#4
As long as the function doesn't change ASM shape between updates, you can rely on an AOB. Else - as seen in Dishonored 2 with major function cosmetics - you will have to find it again. One way I'd recommend to do it is - and this submits again to the same idea I started this reply with - finding one or all references to your function (open DLL in a debugger) and AOB those instead ;)

Example:

141000000:
push rbp
mov rbp,rsp
..
..
pop rbp
ret

Let's say the above is your function. And it's located at address 141000000. By finding all references to it you will encounter lots of "CALL 141000000" or "JMP 141000000". What you can then do - if the code around these CALLs/JMPs doesn't change - is AOB them to get to them. Then is only a matter of going inside the CALL or following the JMP to get to your function ;) This also works if the function at 141000000 changes its ASM form.

BR,
Sun
 
Top Bottom