[ENABLE]
aobscanmodule(INJECT,Stronghold_Crusader_Extreme.exe,66 89 86 C4 D3 45 01 5E 5D 5B C3 66 83 FA 07) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
label(mycustomvalue1)
label(mycustomvalue2)
label(mycustomvalue3)
label(mycustomvalue4)
registersymbol(mycustomvalue1)
registersymbol(mycustomvalue2)
registersymbol(mycustomvalue3)
registersymbol(mycustomvalue4)
newmem:
push ebx
mov ebx,[mycustomvalue1]
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],ebx
pop ebx
jmp return
mycustomvalue1:
dd 0
mycustomvalue2:
dd 0
mycustomvalue3:
dd 0
mycustomvalue4:
dd 0
code:
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],0x32
jmp return
INJECT:
jmp newmem
nop 2
return:
registersymbol(INJECT)
aobscanmodule(INJECT2,Stronghold_Crusader_Extreme.exe,66 89 86 C4 D3 45 01 57 B9 28 CA 45 01 66 C7) // should be unique
alloc(newmem2,$1000)
label(code2)
label(return2)
newmem2:
push ebx
mov ebx,[mycustomvalue2]
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],ebx
pop ebx
jmp return2
code2:
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],0x32
jmp return2
INJECT2:
jmp newmem2
nop 2
return2:
registersymbol(INJECT2)
aobscanmodule(INJECT3,Stronghold_Crusader_Extreme.exe,66 89 86 C4 D3 45 01 5E 5D 5B C3 66 83 FA 05 0F 85 B2) // should be unique
alloc(newmem3,$1000)
label(code3)
label(return3)
newmem3:
push ebx
mov ebx,[mycustomvalue3]
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],ebx
pop ebx
jmp return3
code3:
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],0x32
jmp return3
INJECT3:
jmp newmem3
nop 2
return3:
registersymbol(INJECT3)
aobscanmodule(INJECT4,Stronghold_Crusader_Extreme.exe,66 89 86 C4 D3 45 01 5E 5D 5B C3 66 83 FA 05 0F 85 E1) // should be unique
alloc(newmem4,$1000)
label(code4)
label(return4)
newmem4:
push ebx
mov ebx,[mycustomvalue4]
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],ebx
pop ebx
jmp return4
code4:
mov [esi+Stronghold_Crusader_Extreme.exe+105D3C4],0x32
jmp return4
INJECT4:
jmp newmem4
nop 2
return4:
registersymbol(INJECT4)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db 66 89 86 C4 D3 45 01
unregistersymbol(INJECT)
dealloc(newmem)
INJECT2:
db 66 89 86 C4 D3 45 01
unregistersymbol(INJECT2)
dealloc(newmem2)
INJECT3:
db 66 89 86 C4 D3 45 01
unregistersymbol(INJECT3)
dealloc(newmem3)
INJECT4:
db 66 89 86 C4 D3 45 01
unregistersymbol(INJECT4)
dealloc(newmem4)
unregistersymbol(mycustomvalue1)
unregistersymbol(mycustomvalue2)
unregistersymbol(mycustomvalue3)
unregistersymbol(mycustomvalue4)
Please use code tags when posting code. Secondly, the changes you have made are not distinguishable from the original code. Also, the templates do not produce clunky code, the user does. That said, you should a) place new instructions under newmem so that you can distinguish modified code from the original, and b) use more meaningful names other than "INJECT". The reasons being that when you come to update the table at a later date you will have a better idea of what's happening and it will make your life easier.
To create create symbols to use within the address list, you allocate memory for them, register them as a symbol then adapt the code to move the value from the allocated symbol's memory location for use depending on how the game handles the value to be used. See the adapted code above for an idea how this is done.
not rly sure what you mean
but JIT the method... set a breakpoint... then create an AOB ? ( not a fan here of using mono names )
Sorry for the late reply for some reason i did not get a notification. I managed to get the address i am looking for using breakpoint and tracing it. For example if gold value is XXXX+40, i found XXXX and just added 40 to create the gold pointer by creating a script and taking that XXXX value from a register. But this was all done using break and trace in the memory disassesmbler.