Page 2 of 2
Re: Aobscan tutorials
Posted: Sun Feb 13, 2022 3:55 pm
by VampTY
Hi,
Here's one more awful tutorial making a script with offsets, when the game ain't on unity/unreal/xna or whatever other engine that doesn't have any names assigned to them, to find them easy.Also in this example, i use "[]", if you'll encounter with more offsets, do it like"[[name]+offset]+offset", you understand, 2 offsets, that will mean adding one more"[" to your left and one more "]" to your right, that "]"is after any offset, the last one don't need any "]", so if there were 7 offsets, for example, you'd have to have on your left 7 "[" and to your right to have 7, like "[[[[[[[name]+offset]+offset]+offset]+offset]+offset]+offset]+offset" If the name is "base" and the offsets are 10 and 12, the result will be "[[base]+10]+12".
This will work on whatever machine.Hope this might help somehow!
Take care!
Re: Aobscan tutorials
Posted: Tue Feb 15, 2022 10:44 am
by Messy6666
^ What a wonderful work making those videos for other people VampTY !
I just thought of a CE plugin which will make life a bit easier using those *** brackets:
An extension by FreeER: copyOffsets.lua
[Link]
It will "print" the correct syntax to be used, ready to copy/paste
edit:
* best to only use that plugin when you understand the offsets
Re: Aobscan tutorials
Posted: Fri Apr 29, 2022 7:06 pm
by anl93
Hey there @aanpsx
I finally managed to did auto asseble script.
I will upload my table here as soon as possible.
Card power updates on hovewed units, although i realized that this trick works on few games.
Game is : "Shadowhand"
Thank you kindly,
Re: Aobscan tutorials
Posted: Thu May 26, 2022 8:36 pm
by anl93
Hey there @aanpsx
Your guide here works perfectly for me for some games. I even shared some of my small tables with scripts here on forum.
I want to ask you something new but similar,
Can you make a similar guide for "to update increase/decrease" kind of scripts.
I feel like im slowly improving myself.
If you can make that kind of guide too, i will be very grateful.
Sincerely, thank you.
Re: Aobscan tutorials
Posted: Fri May 27, 2022 5:02 pm
by anl93
newmem:
mov [Pointer],ecx
code:
mov eax,[ecx+eax*4+10]
pop ebp
jmp return
Pointer:
dd 0
ShopPointer:
jmp newmem
return:
not working
pointer constanty changes
can someone help
Re: Aobscan tutorials
Posted: Fri May 27, 2022 5:45 pm
by LeFiXER
anl93 wrote: ↑Fri May 27, 2022 5:02 pm
Code: Select all
newmem:
mov [Pointer],ecx
code:
mov eax,[ecx+eax*4+10]
pop ebp
jmp return
Pointer:
dd 0
ShopPointer:
jmp newmem
return:
not working
pointer constanty changes
can someone help
What about this:
Code: Select all
...
Pointer:
dd 0
newmem:
push edx
lea edx,[ecx+eax*4+10]
mov [Pointer],edx
pop edx
code:
mov eax,[ecx+eax*4+10]
pop ebp
jmp return
...
Re: Aobscan tutorials
Posted: Fri May 27, 2022 6:21 pm
by anl93
No adresses still changes when script is activated.
Re: Aobscan tutorials
Posted: Sat May 28, 2022 5:45 am
by Messy6666
^
Then it's a multipurpose function, ie it's reading/writing also other data(structures).
Before filling the pointer you'll have to check somehow if they are pointing to the right data (
[ecx] or
[ecx+eax] or
[ecx+eax*4+10] )
by disecting data/stuctures and scan for some testing values.
for example
Code: Select all
cmp [ecx], TESTVAL
jne DONT_FILL_POINTER
Code: Select all
cmp [ecx+eax*4], TESTVAL // maybe that contains the value type for +10
jne DONT_FILL_POINTER
hard to say when not having a part of the original code from the injection point
Re: Aobscan tutorials
Posted: Sat Jun 11, 2022 6:41 am
by SunBeam
LeFiXER wrote: ↑Fri May 27, 2022 5:45 pm
...
I would suggest determining where ecx comes from and what the iterator eax represents. If it's a list/array of pointers to same types of structures, then "filtering" won't work as you'd expect, by just storing the lea result into some static.
A bit of research is required than just numb-storing pointers and thinking of only how to save them, but not what they point to, if player or enemy or if representing what you're after. Am saying this in general, not aimed at you, LeFiXER
Re: Aobscan tutorials
Posted: Sat Jun 11, 2022 11:37 am
by LeFiXER
SunBeam wrote: ↑Sat Jun 11, 2022 6:41 am
I would suggest determining where ecx comes from and what the iterator eax represents. If it's a list/array of pointers to same types of structures, then "filtering" won't work as you'd expect, by just storing the lea result into some static.
A bit of research is required than just numb-storing pointers and thinking of only how to save them, but not what they point to, if player or enemy or if representing what you're after. Am saying this in general, not aimed at you, LeFiXER
I did not take offence. I appreciate you taking the time to give your wisdom, thanks
.
Re: Aobscan tutorials
Posted: Sun Jun 19, 2022 9:35 am
by anl93
Hello guys
Code: Select all
newmem:
code:
movsxd rax,dword ptr [rax+6C]
mov [rbp-000000D8],eax
jmp return
How can i adjust this code to adjust HP of selected unit?
Or his one for that matter?
Code: Select all
newmem:
code:
movsxd rax,dword ptr [r15+6C]
test eax,eax
jmp return
I tried changing movsxd to mov but couldnt success so far.
I will find aobscan of another unit, compare and change aobscan(INJECT, ...... (i will replace some of them here with ?? so script should work for all units after i compare to unit aobscans) ) // should be unique
but first i need the correct code that reads current units HP.
Thanks.