We're giving away Borderlands 3 gift key. Click here!

Problem with injecting the code in pointer register

Memory scanning, code injection, debugger internals and other gamemodding related discussion
Post Reply
marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

Problem with injecting the code in pointer register

Post by marek1957 » Mon Jul 09, 2018 8:43 am

Hello People, I need once again help.

I was watching a tutorial from[B] SneakyMofo[/B] about finding REAL value by using Visual Value --> [MEDIA=youtube]06t_hoWGa5c[/MEDIA]



I found that ECX and EBX registers has a real (not visual) value stored - but I am stuck on this part of the code:



[img]https://i.imgur.com/RJl42lE.png[/img]

[img]https://i.imgur.com/bGYTM72.png[/img]



mov eax,[edx+34] is the last place where the ECX register has a REAL value in it, but in one place above ECX is not having real value but totally different value.



I don't know how to inject a code in place: mov eax,[edx+34] to change value in ECX register.



If I change code to mov ecx,#4 for example, it is crashing a game totally.



Thank you for your support to someone like me and helping me all the time.



Marek.

User avatar
koderkrazy
Fearless Donors
Fearless Donors
Posts: 255
Joined: Sun Jun 17, 2018 2:14 pm
Reputation: 177

Problem with injecting the code in pointer register

Post by koderkrazy » Mon Jul 09, 2018 5:17 pm

I think you are injecting at wrong point. This [ICODE]Asphalt8.exe+95A48D addss xmm0, xmm1[/ICODE] does real manipulation to the data.

In your break and trace see what values are there in xmm0 and xmm1 registers.

Do aob inject on Asphalt8.exe+95A48D and manipulate xmm0xmm1 registers in your code.



[edx+30] holds encrypted offset to get value you are looking for. [edx+34 + 2*4] is location of your encrypted value.

Do dissect data structur on pointer [edx] to understand more.



This is how data is encrypted:

(lets say visual data is in eax and we want to store it at edx+34)

Code: Select all

xor  eax, [Asphalt8.exe+1b9d5]     // Asphalt8.exe+1b9d5 is static address holds encryption constant.

lea ecx, [edx+34 ]             // address of the location where value will be stored.

xor  eax,  ecx                    

mov [edx + 34], eax              // store encrypted value


This is how it is dycripted:

(here edx+34 holds encrypted value)

Code: Select all

mov eax, [edx+34]

xor eax, [Asphalt8.exe+1b9d5]      // xor with constant

lea ecx, [edx+34]         //get address of the location where the encrypted value is stored.

xor  eax, ecx

// yey   now eax holds the visual value




Note: if the code(where you are going to inject) writes multiple addresses then add conditions in your injection, as mentioned in the video.
Last edited by koderkrazy on Fri Aug 17, 2018 6:03 am, edited 4 times in total.

marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

Problem with injecting the code in pointer register

Post by marek1957 » Fri Aug 10, 2018 7:37 am

Ok but I forgot how to add conditions xd can you show me any tutorial for that?

User avatar
TheyCallMeTim13
Administration
Administration
Posts: 1626
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 593

Problem with injecting the code in pointer register

Post by TheyCallMeTim13 » Fri Aug 10, 2018 8:27 am

[QUOTE="marek1957, post: 54527, member: 11389"]Ok but I forgot how to add conditions xd can you show me any tutorial for that?[/QUOTE]

Memory and retention, are pretty important when it comes to reversing/hacking. You may want to get a handle on that.



EDIT:

Some recent studies have shown that a lot of "memory" problems are actually storage related, meaning people tend to have problems storing the "memory" and it's not really a problem with retrieving the "memory". So you probably didn't "forget"; but never cared to store it, or you had different brain chemistry when it was stored.
Last edited by TheyCallMeTim13 on Fri Aug 10, 2018 9:04 am, edited 2 times in total.
CE wiki - Tutorials CE wiki - Auto Assembler Basics - CE wiki - Lua Basics If it's not a Personal Message don't PM me, use the forum. I ignore PMs that should be asked on the forum.

marek1957
Expert Cheater
Expert Cheater
Posts: 283
Joined: Sat Dec 16, 2017 4:46 pm
Reputation: 4

Problem with injecting the code in pointer register

Post by marek1957 » Fri Aug 10, 2018 10:12 am

show me some tutorials.

User avatar
TheyCallMeTim13
Administration
Administration
Posts: 1626
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 593

Problem with injecting the code in pointer register

Post by TheyCallMeTim13 » Fri Aug 10, 2018 1:20 pm

[MEDIA=youtube]egZsHq0b1q8[/MEDIA]
CE wiki - Tutorials CE wiki - Auto Assembler Basics - CE wiki - Lua Basics If it's not a Personal Message don't PM me, use the forum. I ignore PMs that should be asked on the forum.

Post Reply

Who is online

Users browsing this forum: No registered users