Edit2:
Couldn't figure it out. Could someone please help me with doing this properly as I'm stuck after the Break And Trace for RAX. Below are the screenshots and values of the registers for reference: I followed this YouTube tutorial related to another game using the same VCRUNTIME140.dll and many instructions going through 1 OpCode - [Link]
I'm finding it difficult since the RDX address is being accessed by literally 100s of other OpCodes. So I'm stuck there and not able to proceed further. Any help is really helpful and appreciated.
Thanks.
References if someone else is still interested for any game which uses "VCRUNTIME140.dll" Hi guys, I need help in moving a float value into [rax] in the code below.
My AOB script looks like below:
Code: Select all
[ENABLE]
aobscanmodule(INJECT,VCRUNTIME140.dll,8B 0A 89 08 C3 90 49 83 F8 20 77 17 F3 0F 6F 0A F3 42 0F 6F 54 02 F0 F3 0F 7F 09 F3 42 0F 7F 54 01 F0 C3 48 3B D1 73 0E 4E 8D 0C 02 49 3B C9 0F 82 41 04 00 00 90 83 3D D1 4B 01 00 03 0F 82 E3 02 00 00 49 81 F8 00 20 00 00 76 16 49 81 F8 00 00 18 00 77 0D F6 05 56 4F 01 00 02 0F 85 64 FE FF FF C5 FE 6F 02 C4 A1 7E 6F 6C 02 E0 49 81 F8 00 01 00 00 0F 86 C4 00 00 00 4C 8B C9 49 83 E1 1F 49 83 E9 20 49 2B C9 49 2B D1 4D 03 C1 49 81 F8 00 01 00 00 0F 86 A3 00 00 00 49 81 F8 00 00 18 00 0F 87 3E 01 00 00 66 66 66 66 66 66 0F 1F 84 00 00 00 00 00) // should be unique
alloc(newmem,$1000,"VCRUNTIME140.dll"+140A)
label(code)
label(return)
newmem:
code:
mov ecx,[rdx]
mov [rax],ecx
ret
jmp return
INJECT:
jmp newmem
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 8B 0A 89 08 C3
unregistersymbol(INJECT)
dealloc(newmem)Code: Select all
mov ecx,(float)100Code: Select all
push ebx
mov ebx,(float)100
mov [rax],ebxCode: Select all
mov [rax],(float)100any suggestions, feedback and help is appreciated. Thanks.
I also put a Cheat Table request post, in case someone wants to post there - viewtopic.php?f=2&t=17491&p=212158#p212158
Thanks
