Old Skooler Rquesting help with value retreival for hotkey

[DazHaven]

hey guys i am an old gamer, how old? as a reference, i left school as the first doom came out lol
anyways i was hoping for a little help, keep in mind i am not sharpest tool in the box and just wanted to try learn this for fun

what i was actually trying to do was to increase a game counter with a hotkey, which i did almost successfully with the point scanner method
and using the script command "add [297ff6f0],{int}8000" however over time the values started to slowly change to ?? it actually took most of
the day with multiple restarts of the game until they were all gone and the last time i hit the hotkey it crashed the game.

i did repeat the whole process thinking i just got unlucky but it happened again, i was hoping it was possible to achieve a working result
with a bit more scripting and a value what does not change, what i know is i disabled the counter by removing the command
"movss xmm0,[edi+14]" from a script so i know the correct address (the one changing) is stored in [edi+14] which i confirmed when i checked the
information table. i was hoping somebody could tell me how i can get the address from [edi+14] to replace the one in "add [297ff6f0],{int}8000"
as the edi always has the correct value.

i have tried a few different ways from within err a jump? but it seems for it to work there has to be a repeat of what i
did to find the value (what i did to get the counter to increase) the pointer method is the closest i have got to getting it to work but
unfortunately it does not last. examples or a working script would be sweet haha but any help at all would be amazing thanks.

[MrBaldy]

If you would like more accurate help, could you put your code in a code block like this: [code]code text here[/code]. Also is it your goal to have the counter disabled except for your hotkey?

[DazHaven]

If you would like more accurate help, could you put your code in a code block like this:

Code: Select all

code text here

. Also is it your goal to have the counter disabled except for your hotkey?

Code: Select all

 00530A8E - F3 0F10 47 14 - movss xmm0,[edi+14] [\code] [edi+14] seems to store the address i need to get

the address of evil contained in edi+14 atm is 1B73B108 (for now)

and no matey, i simply want the counter to increase or decrease wile pressing the key  [code] add [1B73B108],{int}8000 

or

Code: Select all

 sub [1B73B108],{int}8000 

the script i used to do this is this one

Code: Select all

[ENABLE]
alloc(newmem,$1000)
label(shouldExit)
registersymbol(shouldExit)

createthread(newmem)

newmem:
  // your code here
  add [1B73B108],{int}8000

  // sleep & check if it should exit
  push #50
  call kernel32.Sleep
  cmp [shouldExit],0
  je newmem
  // free memory, return
  pop eax
  push 8000
  push 0
  push newmem
  push eax
  jmp kernel32.VirtualFree

newmem+800:
shouldExit:
  dd 0

[DISABLE]
unregistersymbol(shouldExit)
shouldExit:
  dd 1

i honestly dont have a clue how most of it works but it did serve its purpose until the injected address changed i even reversed the counter by changing the add to sub.
so i just need a way to grab the address from edi+14 and use that to inject to instead.

hope thats enough nfo, this has had me pulling out whats left of my hair haha

[MrBaldy]

I'm not an expert nor do I know how to deal with timers/loops in code, but what I would try to do is allocate some space to store the value of edi somewhere, then just modify the value directly while also adding +14 to edi as the address. See my attached image, that's not going to be the exact solution but you can kind of get the gist of what I mean. Set a couple of hotkeys on the value in the address list to increase or decrease with 2 keys.

In the image, "Get Counter Value" is the script to get/store edi in my allocated memory "CounterValue", and "Counter Value" in the address list is the address+14, then right click and add hotkeys. This is assuming you use the auto-generated AOB script on your injection point.

[DazHaven]

I'm not an expert nor do I know how to deal with timers/loops in code, but what I would try to do is allocate some space to store the value of edi somewhere, then just modify the value directly while also adding +14 to edi as the address. See my attached image, that's not going to be the exact solution but you can kind of get the gist of what I mean. Set a couple of hotkeys on the value in the address list to increase or decrease with 2 keys.

In the image, "Get Counter Value" is the script to get/store edi in my allocated memory "CounterValue", and "Counter Value" in the address list is the address+14, then right click and add hotkeys. This is assuming you use the auto-generated AOB script on your injection point.

thank you very much, i was able to learn enough from your post to get the result i wanted.