Page 1 of 2
is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 10:32 am
by bachou
hey guys please help me, is it possible to create a pointer from a simple AA script ? example :
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [rcx+18],#999999
movsxd rcx,dword ptr [rcx+18]
mov [rax+18],ecx
exit:
jmp returnhere
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a:
movsxd rcx,dword ptr [rcx+18]
mov [rax+18],ecx
//Alt: db 48 63 49 18 89 48 18
this script give 999999 money, is there a way to make a pointer / multi levels pointer out of this script ?
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 10:47 am
by Rysefox
bachou wrote: ↑Wed Jul 03, 2019 10:32 am
hey guys please help me, is it possible to create a pointer from a simple AA script ? example :
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [rcx+18],#999999
movsxd rcx,dword ptr [rcx+18]
mov [rax+18],ecx
exit:
jmp returnhere
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a:
movsxd rcx,dword ptr [rcx+18]
mov [rax+18],ecx
//Alt: db 48 63 49 18 89 48 18
this script give 999999 money, is there a way to make a pointer / multi levels pointer out of this script ?
---------------------------------------
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a)
label(returnhere)
label(originalcode)
label(exit)
label(Money)
registersymbol(Money)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [Money],rcx
movsxd rcx,dword ptr [rcx+18]
mov [rax+18],ecx
exit:
jmp returnhere
Money:
dq 0
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
unregistersymbol(Money)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+4a:
movsxd rcx,dword ptr [rcx+18]
mov [rax+18],ecx
//Alt: db 48 63 49 18 89 48 18
Symbol is money, activate the script, add address manually go to the pointer. Offset is 18 and money is the symbol. I have nothing about the instruction, if it is a direct access you do not have to do anything, or you have to trigger the pointer in which you receive / lose money
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 11:09 am
by bachou
i don't understand... so how do i make the pointer
offset is 18 but what about the bottom address (something like "game.exe"+0098A978") << how do i find this
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 11:30 am
by Rysefox
bachou wrote: ↑Wed Jul 03, 2019 11:09 am
i don't understand... so how do i make the pointer
offset is 18 but what about the bottom address (something like "game.exe"+0098A978") << how do i find this
1. Add Address Manually
2. Check Pointer
3. At the bottom do you write Money
4. Offset is 18
I dont know about your instruction, if it accessing directly. When yes pointers load directly. When not you need to trigger it (earn / loose) some gold
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 1:02 pm
by bachou
i got it working
so you changed mov [rcx+18],#999999 to mov [Money],rcx
but when i tried to do this on another script i got an error
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [rcx+1C],#999999
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
exit:
jmp returnhere
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
//Alt: db 48 63 49 1C 89 48 1C
i changed it to
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66)
label(returnhere)
label(originalcode)
label(exit)
label(Gem)
registersymbol(Gem)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [Gem],rcx
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
exit:
jmp returnhere
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
//Alt: db 48 63 49 1C 89 48 1C
Not all code is injectable.
(Error in line 7 (label(Gem)) :label Gem is not defined in the script)
Are you sure you want to edit it to this?
what is the problem
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 1:12 pm
by Rysefox
bachou wrote: ↑Wed Jul 03, 2019 1:02 pm
i got it working
so you changed mov [rcx+18],#999999 to mov [Money],rcx
but when i tried to do this on another script i got an error
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [rcx+1C],#999999
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
exit:
jmp returnhere
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
//Alt: db 48 63 49 1C 89 48 1C
i changed it to
Code: Select all
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66)
label(returnhere)
label(originalcode)
label(exit)
label(Gem)
registersymbol(Gem)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [Gem],rcx
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
exit:
jmp returnhere
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
Artisan.Neptunia.UI:DataContext:PopuplatoreInventory+66:
movsxd rcx,dword ptr [rcx+1C]
mov [rax+1C],ecx
//Alt: db 48 63 49 1C 89 48 1C
Not all code is injectable.
(Error in line 7 (label(Gem)) :label Gem is not defined in the script)
Are you sure you want to edit it to this?
what is the problem
Definition is missing. write under jmp returnhere
and under disable
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 2:26 pm
by bachou
thanks man didn't know i missed those lines
also there's another question : is it hard to update a script after a game update ? the script i'm having is for version 1.0 but the game is on version 1.6 now, those scripts are outdated but i have no idea how to update them, is it hard to do that ?
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 03, 2019 2:45 pm
by Rysefox
bachou wrote: ↑Wed Jul 03, 2019 2:26 pm
thanks man didn't know i missed those lines
also there's another question : is it hard to update a script after a game update ? the script i'm having is for version 1.0 but the game is on version 1.6 now, those scripts are outdated but i have no idea how to update them, is it hard to do that ?
When you know what to do, then no
Re: is it possible to create a pointer from a simple AA script ?
Posted: Thu Jul 04, 2019 12:56 am
by bachou
can you help me update them when you have time ?
i'll stream my screen from discord
Re: is it possible to create a pointer from a simple AA script ?
Posted: Thu Jul 04, 2019 12:24 pm
by SunBeam
I literally said in my mind "let's see, it starts with a question then digresses into 'help mi plix'". And boom ^ That post
So predictable.
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 10, 2019 11:17 am
by bachou
can anyone help me fix this script : i want to add 5 more address, each of them is +4 from the "potion" pointer
this is my script
Code: Select all
function addMoreAddresses(baseAddress, num, step)
local al = getAddressList()
local base = al.createMemoryRecord()
base.setAddress("potion")
base.setDescription("items")
base.Type = vtString
base.String.Size = 0
for i=0, num-1 do
local rec = al.createMemoryRecord()
local str = string.format("+%X", i * step)
rec.setAddress(str)
rec.setDescription(str)
rec.appendToEntry(base)
end
end
addMoreAddresses("potion", 5, 4)
and it doesn't work
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 10, 2019 5:31 pm
by SunBeam
See that "num" there? What happens if you do 'addMoreAddresses("potion", 9, 4)'?
Re: is it possible to create a pointer from a simple AA script ?
Posted: Wed Jul 10, 2019 6:14 pm
by Cake-san
Code: Select all
function addMoreAddresses(baseAddress, num, step)
for i=1, num do
local rec = getAddressList().createMemoryRecord()
local str = string.format("+%X", i * step)
rec.setAddress(str)
rec.setDescription(str)
rec.appendToEntry(getAddressList().getMemoryRecordByDescription(baseAddress))
end
end
addMoreAddresses("potion", 5, 4)
Re: is it possible to create a pointer from a simple AA script ?
Posted: Thu Jul 11, 2019 8:02 am
by bachou
SunBeam wrote: ↑Wed Jul 10, 2019 5:31 pm
See that "num" there? What happens if you do 'addMoreAddresses("potion",
9, 4)'?
well i don't know a thing about LUA... i just copied this script on the internet, it worked for adding normal address but not the pointer
Cake-san wrote: ↑Wed Jul 10, 2019 6:14 pm
Code: Select all
function addMoreAddresses(baseAddress, num, step)
for i=1, num do
local rec = getAddressList().createMemoryRecord()
local str = string.format("+%X", i * step)
rec.setAddress(str)
rec.setDescription(str)
rec.appendToEntry(getAddressList().getMemoryRecordByDescription(baseAddress))
end
end
addMoreAddresses("potion", 5, 4)
thanks gonna try this
Re: is it possible to create a pointer from a simple AA script ?
Posted: Tue Jul 30, 2019 11:42 am
by bachou
digging up thread because i got this new script and don't know what i do to create a pointer
original :
Code: Select all
=]
[ENABLE]
aobscanmodule(fill_bGauge,Atelier_Lulua.exe,0F 48 C6 89 47 10)
alloc(newmem,$1000,"Atelier_Lulua.exe"+E246)
label(code)
label(return)
registersymbol(fill_bGauge)
newmem:
code:
cmovs eax,esi
mov [rdi+10],#200 //original: mov [rdi+10],eax
jmp return
fill_bGauge:
jmp newmem
nop
return:
[DISABLE]
fill_bGauge:
db 0F 48 C6 89 47 10
unregistersymbol(fill_bGauge)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Atelier_Lulua.exe"+E246
"Atelier_Lulua.exe"+E224: BB 0C 00 00 00 - mov ebx,0000000C
"Atelier_Lulua.exe"+E229: EB 05 - jmp Atelier_Lulua.exe+E230
"Atelier_Lulua.exe"+E22B: BB 03 00 00 00 - mov ebx,00000003
"Atelier_Lulua.exe"+E230: 01 5F 10 - add [rdi+10],ebx
"Atelier_Lulua.exe"+E233: B9 C8 00 00 00 - mov ecx,000000C8
"Atelier_Lulua.exe"+E238: 8B 47 10 - mov eax,[rdi+10]
"Atelier_Lulua.exe"+E23B: 3B C1 - cmp eax,ecx
"Atelier_Lulua.exe"+E23D: 0F 4F C1 - cmovg eax,ecx
"Atelier_Lulua.exe"+E240: 48 8B 4F 18 - mov rcx,[rdi+18]
"Atelier_Lulua.exe"+E244: 85 C0 - test eax,eax
// ---------- INJECTING HERE ----------
"Atelier_Lulua.exe"+E246: 0F 48 C6 - cmovs eax,esi
"Atelier_Lulua.exe"+E249: 89 47 10 - mov [rdi+10],eax
// ---------- DONE INJECTING ----------
"Atelier_Lulua.exe"+E24C: E8 9F DD 39 00 - call Atelier_Lulua.exe+3ABFF0
"Atelier_Lulua.exe"+E251: 48 8B 74 24 38 - mov rsi,[rsp+38]
"Atelier_Lulua.exe"+E256: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"Atelier_Lulua.exe"+E25B: 48 83 C4 20 - add rsp,20
"Atelier_Lulua.exe"+E25F: 5F - pop rdi
"Atelier_Lulua.exe"+E260: C3 - ret
"Atelier_Lulua.exe"+E261: CC - int 3
"Atelier_Lulua.exe"+E262: CC - int 3
"Atelier_Lulua.exe"+E263: CC - int 3
"Atelier_Lulua.exe"+E264: CC - int 3
}
my edit (not working)
Code: Select all
[ENABLE]
aobscanmodule(fill_bGauge,Atelier_Lulua.exe,0F 48 C6 89 47 10)
alloc(newmem,$1000,"Atelier_Lulua.exe"+E246)
label(code)
label(return)
registersymbol(fill_bGauge)
label(AP)
registersymbol(AP)
newmem:
code:
cmovs eax,esi
mov [rdi+10],#200 //original: mov [rdi+10],eax
jmp return
fill_bGauge:
jmp newmem
AP:
dq 0
nop
return:
[DISABLE]
fill_bGauge:
db 0F 48 C6 89 47 10
unregistersymbol(fill_bGauge)
dealloc(newmem)
unregistersymbol(AP)
{
// ORIGINAL CODE - INJECTION POINT: "Atelier_Lulua.exe"+E246
"Atelier_Lulua.exe"+E224: BB 0C 00 00 00 - mov ebx,0000000C
"Atelier_Lulua.exe"+E229: EB 05 - jmp Atelier_Lulua.exe+E230
"Atelier_Lulua.exe"+E22B: BB 03 00 00 00 - mov ebx,00000003
"Atelier_Lulua.exe"+E230: 01 5F 10 - add [rdi+10],ebx
"Atelier_Lulua.exe"+E233: B9 C8 00 00 00 - mov ecx,000000C8
"Atelier_Lulua.exe"+E238: 8B 47 10 - mov eax,[rdi+10]
"Atelier_Lulua.exe"+E23B: 3B C1 - cmp eax,ecx
"Atelier_Lulua.exe"+E23D: 0F 4F C1 - cmovg eax,ecx
"Atelier_Lulua.exe"+E240: 48 8B 4F 18 - mov rcx,[rdi+18]
"Atelier_Lulua.exe"+E244: 85 C0 - test eax,eax
// ---------- INJECTING HERE ----------
"Atelier_Lulua.exe"+E246: 0F 48 C6 - cmovs eax,esi
"Atelier_Lulua.exe"+E249: 89 47 10 - mov [rdi+10],eax
// ---------- DONE INJECTING ----------
"Atelier_Lulua.exe"+E24C: E8 9F DD 39 00 - call Atelier_Lulua.exe+3ABFF0
"Atelier_Lulua.exe"+E251: 48 8B 74 24 38 - mov rsi,[rsp+38]
"Atelier_Lulua.exe"+E256: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"Atelier_Lulua.exe"+E25B: 48 83 C4 20 - add rsp,20
"Atelier_Lulua.exe"+E25F: 5F - pop rdi
"Atelier_Lulua.exe"+E260: C3 - ret
"Atelier_Lulua.exe"+E261: CC - int 3
"Atelier_Lulua.exe"+E262: CC - int 3
"Atelier_Lulua.exe"+E263: CC - int 3
"Atelier_Lulua.exe"+E264: CC - int 3
}