Registered Symbol Value Keeps Resetting?
Posted: Fri Jan 21, 2022 7:24 pm
I'm pretty sure I know what the cause of this issue is, the instruction is shared op code. It's being used thousands of times a second by 30+ addresses. I found a 100% guaranteed commonality to get the specific address I want so that's not the issue, the issue is the script is resetting my custom allocated address back to its original value when the instruction is called. How do I fix this?
First script:
infiniteStaminaEnabled is reset immediately.
First script:
Script#1
Code: Select all
[ENABLE]
aobscanmodule(rowerStaminaData,ACOdyssey.exe,F3 44 0F 11 43 50 74) // should be unique
alloc(newmem,$500,rowerStaminaData)
alloc(maxRowerStamina,$4,rowerStaminaData)
alloc(rowerStaminaAddy,$4,rowerStaminaData)
alloc(infiniteStaminaEnabled,$1,rowerStaminaData)
label(code,return)
registersymbol(maxRowerStamina,rowerStaminaAddy,infiniteStaminaEnabled)
newmem:
cmp [rbx+48],#4
jne code
push rdx
mov rdx,[rbx+3C]
mov [maxRowerStamina],rdx
pop rdx
push rdx
mov rdx,[rbx+50]
mov [rowerStaminaAddy],rdx
pop rdx
cmp [infiniteStaminaEnabled],#1 // HERE
jne code
push rdx
mov rdx,[rbx+3C]
mov [rbx+50],rdx
pop rdx
jmp return
code:
movss [rbx+50],xmm8
jmp return
rowerStaminaData:
jmp newmem
nop
return:
registersymbol(rowerStaminaData)
[DISABLE]
rowerStaminaData:
db F3 44 0F 11 43 50
unregistersymbol(*)
dealloc(*)
{
// ORIGINAL CODE - INJECTION POINT: ACOdyssey.exe+308AD89
ACOdyssey.exe+308AD6A: 0F 2F 43 50 - comiss xmm0,[rbx+50]
ACOdyssey.exe+308AD6E: 76 15 - jna ACOdyssey.exe+308AD85
ACOdyssey.exe+308AD70: B2 01 - mov dl,01
ACOdyssey.exe+308AD72: EB 08 - jmp ACOdyssey.exe+308AD7C
ACOdyssey.exe+308AD74: 0F 2F 43 50 - comiss xmm0,[rbx+50]
ACOdyssey.exe+308AD78: 77 0B - ja ACOdyssey.exe+308AD85
ACOdyssey.exe+308AD7A: 33 D2 - xor edx,edx
ACOdyssey.exe+308AD7C: 48 8D 4B 08 - lea rcx,[rbx+08]
ACOdyssey.exe+308AD80: E8 1B A8 93 FD - call ACOdyssey.exe+9C55A0
ACOdyssey.exe+308AD85: 45 0F 2E C8 - ucomiss xmm9,xmm8
// ---------- INJECTING HERE ----------
ACOdyssey.exe+308AD89: F3 44 0F 11 43 50 - movss [rbx+50],xmm8
// ---------- DONE INJECTING ----------
ACOdyssey.exe+308AD8F: 74 07 - je ACOdyssey.exe+308AD98
ACOdyssey.exe+308AD91: 80 8B 82 00 00 00 01 - or byte ptr [rbx+00000082],01
ACOdyssey.exe+308AD98: 0F 28 74 24 50 - movaps xmm6,[rsp+50]
ACOdyssey.exe+308AD9D: 0F 28 7C 24 40 - movaps xmm7,[rsp+40]
ACOdyssey.exe+308ADA2: 44 0F 28 44 24 30 - movaps xmm8,[rsp+30]
ACOdyssey.exe+308ADA8: 44 0F 28 4C 24 20 - movaps xmm9,[rsp+20]
ACOdyssey.exe+308ADAE: 48 83 C4 60 - add rsp,60
ACOdyssey.exe+308ADB2: 5B - pop rbx
ACOdyssey.exe+308ADB3: C3 - ret
ACOdyssey.exe+308ADB4: CC - int 3
}
Script #2
Code: Select all
[ENABLE]
infiniteStaminaEnabled:
db 1
[DISABLE]
infiniteStaminaEnabled:
db 0