[TOOL] (Updated 3/14/2021) AOB Tool

Upload *YOUR* gamehacking tools/helpers here
Post Reply
Fear3d
Noobzor
Noobzor
Posts: 5
Joined: Mon Sep 14, 2020 5:04 am
Reputation: 2

[TOOL] (Updated 3/14/2021) AOB Tool

Post by Fear3d »

I made an AOB signature generator that can handle a practically unlimited number of bytes and arrays, in what I consider to be a relatively user-friendly approach.

Image

Basically, it's a fully functioning text editor, that can also generate AOB Wildcards for you. Just paste as many AOBs as you want, each on their own line, and then click the 'Wildcard' button (or press Ctrl + G), and it will generate an AOB signature for you. It also allows you save and load your AOB lists, in case you need to come back and add more AOBs later or something.

While I would personally recommend that you align the bytes in a uniform manner, it should be able to handle any additional or missing whitespaces, and also additional linebreaks. It's also fine to use either uppercase or lowercase characters. Just make sure that each AOB is on its own line, and each one has the same total number of bytes:
Image

I also tried to make it smart enough to tell you what you did wrong if you do something it can't handle:
Image

New feature as of v0.06: You can now use comments in the editor. Just type two forward slashes (//) and then the rest of that line will be treated as a comment and ignored by the parser:
Image

This tool is written in Delphi, and I believe it should work fine on any semi-modern version of Windows, but I have only tested it on Windows 10 so far. If you experience any errors, or have any issues with it, please let me know. So far, it seems pretty solid on my system, but I wouldn't be surprised if there are some scenarios that I've failed to account for.

Please also don't hesitate to let me know if you have any suggestions for improvements or requests for new features. Really, don't hesitate to give me any feedback of any nature, whether positive or negative. It's helpful to know what I'm doing wrong, and what I'm doing right. It's also helpful to know whether or not anybody actually uses this tool, so I can determine how much time to spend on trying to improve it. Even if you have suggestions for non-AOB-related features, go ahead and hit me with them. I don't mind turning it into a general game hacking multi-tool, if someone has some ideas that are both useful enough to be worth adding and also within my capabilities of implementing.

Installation:
No installation necessary. Just unzip it and then run AOBTool.exe. It will create a settings file (AOBTool.ini) in whichever directory you run it from, so I would personally keep the app in its own folder, but you do you.

Downloads:
AOBTool-v0.06.7z
v0.06 (3/14/21)
(2.07 MiB) Downloaded 447 times
AOBTool-v0.05.7z
v0.05 (3/11/21)
(2.06 MiB) Downloaded 230 times
Archive Password: Fear3d
Changelog
v0.06 (3/14/21):
  • Added the ability to include comments in your AOB list. Any line that starts with two forward slashes (//) is treated as a comment and ignored by the AOB parser. Inline comments are also possible.
  • Slight performance improvements.
  • Fixed a bug where the file name shown in the title bar of the application did not always immediately update after starting a new file or saving with a new name.
  • Fixed a bug that prevented the user from generating wildcards while the first line is empty.
v0.05 (3/11/21):
  • Some UI tweaks (changed some icons, removed button captions, added some additional hints)
  • Added message to let you know when it's calculating wildcards (in case you're generating a huge list or something)
  • Added button that opens up Windows Calculator
Preemptive FAQ

Q: Why'd you make this, bro? There are already AOB wildcard generators, bro.
A: With the other tools, I was having to keep track of all my AOBs in Notepad, and then switch over to a separate tool and then individually paste each AOB from Notepad into different text boxes. I felt that it would be way more convenient/productive if I could just handle everything from the same application, so I decided to make a fusion of Notepad and an AOB wildcard generator. Additionally, I thought that this method seemed like the best way to handle unlimited AOBs.

Q: Can you add X, Y, or Z features to this tool, bro? I'll show you my feet, bro.
A: Maybe. Don't show me your feet though. Just let me know what feature you want, and if it seems like something that would be useful enough to be worth the effort of adding, then I'll see what I can do.

Q: This program doesn't even work right, bro. Your tool is crap, bro.
A: That's not actually a question, but just calmly describe the problem in as much detail as you can, and I'll try to fix it as soon as I can.

Q: You've barely ever made any posts before, and now you're suddenly releasing some kind of "tool"? That's mad fishy bro.
A: If you've got doubts about this tool, or any other, it's probably best to avoid using it. However, the reason I don't have many posts is because I'm not particularly experienced at hacking games, so I've never really had much to contribute before, and thus no reason to post. But I have used other people's cheat tables from this site, so I felt that I wanted to give something back to the community, and this is the only way that I know how.
Last edited by Fear3d on Sun Mar 14, 2021 12:01 pm, edited 5 times in total.

User avatar
SunBeam
RCE Fanatics
RCE Fanatics
Posts: 4665
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4186

Re: [TOOL] *The* AOB Tool

Post by SunBeam »

"Bro", what would you do if in version 1 of a game, this is part of your aob:

Code: Select all

00007FF620E771E8 | 48:8BC8                                | MOV RCX,RAX
00007FF620E771EB | 48:8BD7                                | MOV RDX,RDI
Then in version 2 of the game (say it updates), you now see this:

Code: Select all

0000000150570188 | 48:89C1                                | MOV RCX,RAX
000000015057018B | 48:89FA                                | MOV RDX,RDI
See the bytes :) Each of the two instruction sets can have those 2 forms. So if in version 1 of the aob I include "488BC8" and the game updates, having "4889C1" in version 2, my aob is fucked? Right? :)

P.S.#1: I'm not inventing the above. Denuvo's protection mechanism involves copying instructions that are > 5 bytes to its section. This "copying" is actually a reassembly of the instructions. And when it recompiles "MOV RCX,RAX", from 488BC8 form it will appear as 4889C1 (or vice-versa, forgot which form MSVS assembles and which Denuvo).

P.S.#2: The point of my post is very simple. I believe you've never considered instructions such as "MOV RCX,RAX" having multiple forms, let alone think something so harmless could impact aobs not working with updates :P

Fear3d
Noobzor
Noobzor
Posts: 5
Joined: Mon Sep 14, 2020 5:04 am
Reputation: 2

Re: [TOOL] *The* AOB Tool

Post by Fear3d »

SunBeam wrote:
Thu Mar 11, 2021 3:28 pm
...
Just to make sure that I understand what you're getting at, are you suggesting that I make the tool detect a change in instruction forms, and replace it with the new form instead of replacing it with wildcards? Sorry, I'm kind of a noob, so I'm trying to make sure.

User avatar
SunBeam
RCE Fanatics
RCE Fanatics
Posts: 4665
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4186

Re: [TOOL] (Updated) AOB Tool

Post by SunBeam »

My point was just as you know that an E8 xx xx xx xx is a CALL and you should wildcard the 4 following bytes after the E8, in the same way you should be aware some instructions can have multiple mnemonics. And you should consider a MOV RCX,RAX safe to use as 48 8B C8 (cuz "it will never change"..) in an AOB. Rephrase: review your masking/wildcard rules to also include instructions with multiple mnemonics (you gotta find them first). If you don't have such rules anywhere in the tool, then ignore me.

P.S.: Those arrays you show as examples in the images are for finding data (like save game data or some object data in memory). We mostly use AOBs for executable code. To find locations where we can hook the code and re-route it to code caves (allocated empty memory where we write what we want, then jump back to original code). I am sure you know most of this.

Fear3d
Noobzor
Noobzor
Posts: 5
Joined: Mon Sep 14, 2020 5:04 am
Reputation: 2

Re: [TOOL] (Updated) AOB Tool

Post by Fear3d »

Gotcha. That makes sense. Right now, all the tool does is compare the arrays against each other, and replace any changed bytes with wildcards. And it allows you to manually put in wildcards, if you know that certain bytes will be changing (if at least one of your input AOBs has a wildcard in it, then that wildcard will carry down to the result). I did mostly make it with the intention of using it to find object data in memory, because AFAIK, CE already has a built in generator for AOB-based code injection.

I do like your suggestion though. I'll consider trying to make the tool smart enough to take individual instructions into account, so it can parse code as well. Unfortunately, that might be a feature for the distant future, because my current knowledge of x86-64 assembly is insufficient. I might just be overthinking it, but at a glance, it seems like I would basically need to implement a disassembler in order to detect where each instruction ends and the next one begins. And then I would also need to actually have knowledge of all the different instructions that have the properties that you mentioned, which I currently lack.

There are probably a lot of potentially useful features that I haven't considered, due to my lack of game hacking experience. So if you have any other feature requests, don't hesitate to let me know--though if they require a lot of specialized knowledge to implement, I might have to put them on the back-burner for now.

Chenzen
Cheater
Cheater
Posts: 31
Joined: Tue Mar 14, 2023 2:01 pm
Reputation: 11

Re: [TOOL] (Updated 3/14/2021) AOB Tool

Post by Chenzen »

Really cool app ! I like the gui and its really usefull :-)

Is it open source by any chance ? I'm a delphi learner and I like to collect lots of source code lol

Post Reply

Who is online

Users browsing this forum: Google Adsense [Bot], rayliu