SunBeam wrote: ↑Tue Jan 29, 2019 4:28 pm
@Tim: Just freakin' backtrace from the
visibility hook. Audio is nearby. I suggest you simply start by RET-ing the function in which the visibility hook is. See if that makes any difference when you move around; if not, exit that function and head to its prologue; RET here as well. Repeat till you find a location where, if RET applied, fuckers don't hear you. Then start the normal trace inside that function and see where the check is
So, the function it's read in (camo level hook), I get a funny dance after trying to move forward.
Code: Select all
{
Process : mgsvtpp.exe - (x64)
Module : mgsvtpp.exe
Game Title : mgsvtpp
Game Version : 1.0.15.0
CE Version : 6.7
Script Version : 0.0.1
Date : 01/29/19
Author : ShyTwig16
Name : NoVisabilityHook
No Visability Hook
48xxxx48xxxxxx48xxxxxx48xxxxxxxx41xx41xx41xx41xx48xxxxxxxxxxxx
488BC4488958104889701848897820554154415541564157488DA848FEFFFF
}
{$STRICT}
define(address, mgsvtpp.exe+12C7580)
define(bytes, 48 8B C4)
////
//// ------------------------------ ENABLE ------------------------------
[ENABLE]
aobScanModule(aobNoVisabilityHook, mgsvtpp.exe, 488BC4488958104889701848897820554154415541564157488DA848FEFFFF)
//i2aobScanModule(aobNoVisabilityHook, mgsvtpp.exe, 488BC4488958104889701848897820554154415541564157488DA848FEFFFF)
define(injNoVisabilityHook, aobNoVisabilityHook)
assert(injNoVisabilityHook, bytes)
//i2assert(injNoVisabilityHook, bytes)
registerSymbol(injNoVisabilityHook)
////
//// ---------- Injection Point ----------
injNoVisabilityHook:
db C3 90 90
////
//// ------------------------------ DISABLE ------------------------------
[DISABLE]
////
//// ---------- Injection Point ----------
injNoVisabilityHook:
db bytes
unregisterSymbol(injNoVisabilityHook)
{
//// Injection Point: mgsvtpp.exe+12C7580 - 00000001412C7580
//// AOB address: 00000001412C7580 - mgsvtpp.exe+12C7580
//// Process: mgsvtpp.exe - 0000000140000000
//// Module: mgsvtpp.exe - 0000000140000000
//// Module Size: 000000000E1BB000
mgsvtpp.exe+12C756C: CC - int 3
mgsvtpp.exe+12C756D: CC - int 3
mgsvtpp.exe+12C756E: CC - int 3
mgsvtpp.exe+12C756F: CC - int 3
mgsvtpp.exe+12C7570: CC - int 3
mgsvtpp.exe+12C7571: CC - int 3
mgsvtpp.exe+12C7572: CC - int 3
mgsvtpp.exe+12C7573: CC - int 3
mgsvtpp.exe+12C7574: CC - int 3
mgsvtpp.exe+12C7575: CC - int 3
mgsvtpp.exe+12C7576: CC - int 3
mgsvtpp.exe+12C7577: CC - int 3
mgsvtpp.exe+12C7578: CC - int 3
mgsvtpp.exe+12C7579: CC - int 3
mgsvtpp.exe+12C757A: CC - int 3
mgsvtpp.exe+12C757B: CC - int 3
mgsvtpp.exe+12C757C: CC - int 3
mgsvtpp.exe+12C757D: CC - int 3
mgsvtpp.exe+12C757E: CC - int 3
mgsvtpp.exe+12C757F: CC - int 3
//// INJECTING START ----------------------------------------------------------
mgsvtpp.exe+12C7580: 48 8B C4 - mov rax,rsp <<<--- AOB Starts Here
//// INJECTING END ----------------------------------------------------------
mgsvtpp.exe+12C7583: 48 89 58 10 - mov [rax+10],rbx
mgsvtpp.exe+12C7587: 48 89 70 18 - mov [rax+18],rsi
mgsvtpp.exe+12C758B: 48 89 78 20 - mov [rax+20],rdi
mgsvtpp.exe+12C758F: 55 - push rbp
mgsvtpp.exe+12C7590: 41 54 - push r12
mgsvtpp.exe+12C7592: 41 55 - push r13
mgsvtpp.exe+12C7594: 41 56 - push r14
mgsvtpp.exe+12C7596: 41 57 - push r15
mgsvtpp.exe+12C7598: 48 8D A8 48FEFFFF - lea rbp,[rax-000001B8]
mgsvtpp.exe+12C759F: 48 81 EC 90020000 - sub rsp,00000290
mgsvtpp.exe+12C75A6: 0F29 70 C8 - movaps [rax-38],xmm6
mgsvtpp.exe+12C75AA: 0F29 78 B8 - movaps [rax-48],xmm7
mgsvtpp.exe+12C75AE: 44 0F29 40 A8 - movaps [rax-58],xmm8
mgsvtpp.exe+12C75B3: 44 0F29 48 98 - movaps [rax-68],xmm9
mgsvtpp.exe+12C75B8: 44 0F29 50 88 - movaps [rax-78],xmm10
mgsvtpp.exe+12C75BD: 44 0F29 98 78FFFFFF - movaps [rax-00000088],xmm11
mgsvtpp.exe+12C75C5: 44 0F29 A0 68FFFFFF - movaps [rax-00000098],xmm12
mgsvtpp.exe+12C75CD: 44 0F29 A8 58FFFFFF - movaps [rax-000000A8],xmm13
mgsvtpp.exe+12C75D5: 44 0F29 B0 48FFFFFF - movaps [rax-000000B8],xmm14
mgsvtpp.exe+12C75DD: 44 0F29 B8 38FFFFFF - movaps [rax-000000C8],xmm15
//// Template: I2CEA_AOBInjection
//// Generated with: I2 Cheat Engine Auto Assembler Script Template Generator
//// Code Happy, Code Freely, Be Awesome.
}
And so far I just get crashes everywhere else I try, but there is a different read area when spotted so I'm trying there as well.