BlaxFly wrote: ↑Sat Mar 09, 2024 10:16 pm
The first AOB is fine, but the second isn't working.
ill do you a quick lesson you have this at the bottom of your script
Code: Select all
{
// ORIGINAL CODE - INJECTION POINT: INJECT
NBA2K23.exe+1B43BBF: E9 EF 00 00 00 - jmp NBA2K23.exe+1B43CB3
NBA2K23.exe+1B43BC4: 44 8B 4E 44 - mov r9d,[rsi+44]
NBA2K23.exe+1B43BC8: 4C 8D 46 30 - lea r8,[rsi+30]
NBA2K23.exe+1B43BCC: 0F 28 CE - movaps xmm1,xmm6
NBA2K23.exe+1B43BCF: 48 8B CF - mov rcx,rdi
NBA2K23.exe+1B43BD2: E8 49 05 FC FF - call NBA2K23.exe+1B04120
NBA2K23.exe+1B43BD7: 48 8B 87 90 09 00 00 - mov rax,[rdi+00000990]
NBA2K23.exe+1B43BDE: [u]8B F3[/u] - mov esi,ebx
NBA2K23.exe+1B43BE0: [u]0F 2F F0[/u] - comiss xmm6,xmm0
NBA2K23.exe+1B43BE3: [u]40 0F 97 C6[/u] - seta sil
// ---------- INJECTING HERE ----------
INJECT:[b] 89 B0 3C 02 00 00[/b] - mov [rax+0000023C],esi
// ---------- DONE INJECTING ----------
NBA2K23.exe+1B43BED: 48 8B 05 24 9B 6F 05 - mov rax,[NBA2K23.exe+723D718]
NBA2K23.exe+1B43BF4: 40 F6 C5 02 - test bpl,02
NBA2K23.exe+1B43BF8: 75 31 - jne NBA2K23.exe+1B43C2B
NBA2K23.exe+1B43BFA: 48 85 C0 - test rax,rax
NBA2K23.exe+1B43BFD: 74 4F - je NBA2K23.exe+1B43C4E
NBA2K23.exe+1B43BFF: 48 8B 88 A8 03 00 00 - mov rcx,[rax+000003A8]
NBA2K23.exe+1B43C06: 48 85 C9 - test rcx,rcx
NBA2K23.exe+1B43C09: 74 20 - je NBA2K23.exe+1B43C2B
NBA2K23.exe+1B43C0B: 48 8B 51 40 - mov rdx,[rcx+40]
NBA2K23.exe+1B43C0F: 48 85 D2 - test rdx,rdx
}
there is the aob marked with
, you can use the bytes around it to search for the function, if the functions around it didnt change so lets say for example 8B F3 0F 2F F0 40 0F 97 C6 89 B0 ?? ?? 00 00, try this aob, i marked with
the bytes im using to search, and ?? means it could be any combination of bytes i ?? the offsets because thats what most likely to change