FearLess Cheat Engine

Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/

CODE INJECTION HELP

https://fearlessrevolution.com/viewtopic.php?f=15&t=12525

Page 1 of 1

CODE INJECTION HELP

Posted: Tue May 19, 2020 9:31 pm
by KevinDA
Good evening, in my injection code instead of API_x64.exe+FCDC50 I would like to put the future address of the line where there is lea eax, [rcx + 09] (the last line of my script)

How to do ?



[CODE=cea]alloc(newmem,2048,"API_x64.exe"+FCDC50)

label(returnhere)

label(originalcode)

label(exit)



newmem: //this is allocated memory, you have read,write,execute access

ja API_x64.exe+FCDC50

cmp ecx,01

cmove eax,r8d

cmp eax,3F

ja API_x64.exe+FCDC50

mov rdx,[r9+rax*8]

test rdx,rdx

je API_x64.exe+FCDC50

cmp [rdx+00000118],r12d

je API_x64.exe+FCDC50

cmp [rdx+0000011C],r12d

je API_x64.exe+FCDC50

mov eax,ebx

mov [rbp+rax*8+000012D0],rdx

mov ebx,[rbp-70]

inc ebx

mov [rbp-70],ebx

lea eax,[rcx+09]





originalcode:

lea eax,[rcx+08]

cmp eax,09



exit:

jmp returnhere



"API_x64.exe"+FCDC50:

jmp newmem

nop

returnhere:[/CODE]

CODE INJECTION HELP

Posted: Tue May 19, 2020 10:32 pm
by TimFun13
Use and [URL='https://fearlessrevolution.com/threads/6637/'][U]AOB scan[/U][/URL].

[CODE=cea]aobScanModule(injectionPoint, API_x64.exe, )

registerSymbol(injectionPoint)



alloc(newmem,2048, injectionPoint)

label(returnhere)

label(originalcode)

label(exit)



newmem: //this is allocated memory, you have read,write,execute access

ja injectionPoint

cmp ecx,01

cmove eax,r8d

cmp eax,3F

ja injectionPoint

mov rdx,[r9+rax*8]

test rdx,rdx

je injectionPoint

cmp [rdx+00000118],r12d

je injectionPoint

cmp [rdx+0000011C],r12d

je injectionPoint

mov eax,ebx

mov [rbp+rax*8+000012D0],rdx

mov ebx,[rbp-70]

inc ebx

mov [rbp-70],ebx

lea eax,[rcx+09]





originalcode:

lea eax,[rcx+08]

cmp eax,09



exit:

jmp returnhere



injectionPoint:

jmp newmem

nop

returnhere:[/CODE]

CODE INJECTION HELP

Posted: Tue May 19, 2020 10:54 pm
by KevinDA
I entered the following request and it crashed the application. do I have to add something else?

CODE INJECTION HELP

Posted: Tue May 19, 2020 10:58 pm
by TimFun13
Where is says "" you need to add an AOB signature. I linked a post about AOB signatures above.

CODE INJECTION HELP

Posted: Tue May 19, 2020 11:56 pm
by KevinDA
This way is it good ?

I put "API_x64.exe" + FCDC50

and 8D 41 09 corresponds to this: lea eax, [rcx + 09]



aobScanModule(injectionPoint, "API_x64.exe"+FCDC50 , 8D 41 09)

registerSymbol(injectionPoint)



alloc(newmem,2048, injectionPoint)

label(returnhere)

label(originalcode)

label(exit)



newmem: //this is allocated memory, you have read,write,execute access

ja injectionPoint

cmp ecx,01

cmove eax,r8d

cmp eax,3F

ja injectionPoint

mov rdx,[r9+rax*8]

test rdx,rdx

je injectionPoint

cmp [rdx+00000118],r12d

je injectionPoint

cmp [rdx+0000011C],r12d

je injectionPoint

mov eax,ebx

mov [rbp+rax*8+000012D0],rdx

mov ebx,[rbp-70]

inc ebx

mov [rbp-70],ebx

lea eax,[rcx+09]





originalcode:

lea eax,[rcx+08]

cmp eax,09



exit:

jmp returnhere



injectionPoint:

jmp newmem

nop

returnhere:

CODE INJECTION HELP

Posted: Wed May 20, 2020 1:16 am
by TimFun13
You should add a few more bytes, you need it to be unique. And you want the second parameter to be a module not an address.

[CODE=cea]...

aobScanModule(injectionPoint, API_x64.exe, 8D 41 09 ?? ?? ?? ??)

...[/CODE]
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited