Hi.
If we have for example this code:
cmp [ecx+08],1
je ???
cmp eax,eax
mov [ecx+14],(float)100
How can jump from "je" to "cmp eax,eax" or "mov [ecx+14],(float)100".Instead of "???" What should I write that jump to other lines?
Jump in Assembler
-
MangaDrawing
- Cheater
- Posts: 29
- Joined: Sun Mar 05, 2017 11:04 am
- Reputation: 0
-
Bloodybone
- Table Makers
- Posts: 336
- Joined: Thu Aug 03, 2017 6:19 am
- Reputation: 206
Re: Jump in Assembler
you can directly manipulate the bytes at the je so je is in byte form 74 and then the second byte is how long you wan't to jump so if you wan't to jump to cmp eax,eax do 74 00 and if you wan't to jump to mov [ecx+14],(float)100 then do 74 01
-
Bloodybone
- Table Makers
- Posts: 336
- Joined: Thu Aug 03, 2017 6:19 am
- Reputation: 206
Re: Jump in Assembler
Also if you wan't to jump in the Auto Assembler so if
cmp [ecx+08],1
je ???
cmp eax,eax
mov [ecx+14],(float)100
is your code you can add labels
Example:
cmp [ecx+08],1
je ???
cmp eax,eax
mov [ecx+14],(float)100
is your code you can add labels
Example:
Code: Select all
define(address,"Tutorial-i386.exe"+23B78)
define(bytes,8B 83 80 04 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$100)
label(code)
label(return)
label(jumpto)
newmem:
code:
cmp [ecx+08],1
je jumpto
cmp eax,eax
jmp return
jumpto:
mov [ecx+14],(float)100
jmp return
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
dealloc(newmem)-
squall0833
- Table Makers
- Posts: 198
- Joined: Sat Mar 04, 2017 1:46 pm
- Reputation: 83
Re: Jump in Assembler
Spoiler
Bloodybone wrote: ↑Sat Sep 30, 2017 11:22 pmAlso if you wan't to jump in the Auto Assembler so if
cmp [ecx+08],1
je ???
cmp eax,eax
mov [ecx+14],(float)100
is your code you can add labels
Example:Code: Select all
define(address,"Tutorial-i386.exe"+23B78) define(bytes,8B 83 80 04 00 00) [ENABLE] assert(address,bytes) alloc(newmem,$100) label(code) label(return) label(jumpto) newmem: code: cmp [ecx+08],1 je jumpto cmp eax,eax jmp return jumpto: mov [ecx+14],(float)100 jmp return address: jmp newmem nop return: [DISABLE] address: db bytes dealloc(newmem)
i have some question, i saw somewhere that you can jmp to a label and skip few lines, what was it again?
for example my code below
The code above doesn't work properly, it still applies cheat to Player Only no matter what flag is set.[ENABLE]
aobscanmodule(Inf_Money,game.exe,89 87 A4 01 00 00 EB)
alloc(newmem,$1000)
registersymbol(playeronlyflag)
label(code)
label(return)
label(playeronlyflag)
newmem:
cmp [playeronlyflag],1 //check if playeronly is active
jne newmem+4 // is this correct? i was trying to skip 4 lines to sub [edi+000001A4],eax for enable to allplayer
cmp [edi+000001EC],0 //check if this is player
jne code //jump to original code if this is not player
sub [edi+000001A4],eax
push ebx
mov ebx,[edi+000001A4]
mov [edi+000001A4],eax
add [edi+000001A4],ebx // money wont decrease, adding spent money instead of deduct
pop ebx
jmp return
code:
mov [edi+000001A4],eax
jmp return
playeronlyflag:
dd 0 //cheat enable to all players by default
Inf_Money:
jmp newmem
nop
return:
registersymbol(Inf_Money)
[DISABLE]
Inf_Money:
db 89 87 A4 01 00 00
unregistersymbol(Inf_Money)
dealloc(newmem)
unregistersymbol(playeronlyflag)
is there anywhere incorrect? is it correct, the way i use newmem+4: on label for skipping lines?
Last edited by squall0833 on Tue Nov 07, 2017 9:14 am, edited 1 time in total.
Re: Jump in Assembler
newmem+4 is the address of newmem plus 4 BYTES, not 4 lines of code.squall0833 wrote: ↑Tue Nov 07, 2017 9:10 amhello again @BloodyboneSpoiler
Bloodybone wrote: ↑Sat Sep 30, 2017 11:22 pmAlso if you wan't to jump in the Auto Assembler so if
cmp [ecx+08],1
je ???
cmp eax,eax
mov [ecx+14],(float)100
is your code you can add labels
Example:Code: Select all
define(address,"Tutorial-i386.exe"+23B78) define(bytes,8B 83 80 04 00 00) [ENABLE] assert(address,bytes) alloc(newmem,$100) label(code) label(return) label(jumpto) newmem: code: cmp [ecx+08],1 je jumpto cmp eax,eax jmp return jumpto: mov [ecx+14],(float)100 jmp return address: jmp newmem nop return: [DISABLE] address: db bytes dealloc(newmem)
i have some question, i saw somewhere that you can jmp to a label and skip few lines, what was it again?
for example my code below
The code above doesn't work properly, it still applies cheat to Player Only no matter what flag is set.[ENABLE]
aobscanmodule(Inf_Money,game.exe,89 87 A4 01 00 00 EB)
alloc(newmem,$1000)
registersymbol(playeronlyflag)
label(code)
label(return)
label(playeronlyflag)
newmem:
cmp [playeronlyflag],1 //check if playeronly is active
jne newmem+4 // im not sure if this is correct, what I want is jumping to newmem again but skip 4 lines to sub [edi+000001A4],eax (so the inf money cheat applies to all enemies in game too.
cmp [edi+000001EC],0 //check if this is player
jne code //jump to original code if this is not player
sub [edi+000001A4],eax
push ebx
mov ebx,[edi+000001A4]
mov [edi+000001A4],eax
add [edi+000001A4],ebx // money wont decrease, adding spent money instead of deduct
pop ebx
jmp return
code:
mov [edi+000001A4],eax
jmp return
playeronlyflag:
dd 0 //cheat enable to all players by default
Inf_Money:
jmp newmem
nop
return:
registersymbol(Inf_Money)
[DISABLE]
Inf_Money:
db 89 87 A4 01 00 00
unregistersymbol(Inf_Money)
dealloc(newmem)
unregistersymbol(playeronlyflag)
is there anywhere incorrect? is it correct, the way i use newmem+4: on label for skipping lines?
-
squall0833
- Table Makers
- Posts: 198
- Joined: Sat Mar 04, 2017 1:46 pm
- Reputation: 83
Re: Jump in Assembler
Spoiler
jungletek wrote: ↑Tue Nov 07, 2017 9:14 amnewmem+4 is the address of newmem plus 4 BYTES, not 4 lines of code.squall0833 wrote: ↑Tue Nov 07, 2017 9:10 amhello again @BloodyboneSpoiler
Bloodybone wrote: ↑Sat Sep 30, 2017 11:22 pmAlso if you wan't to jump in the Auto Assembler so if
cmp [ecx+08],1
je ???
cmp eax,eax
mov [ecx+14],(float)100
is your code you can add labels
Example:Code: Select all
define(address,"Tutorial-i386.exe"+23B78) define(bytes,8B 83 80 04 00 00) [ENABLE] assert(address,bytes) alloc(newmem,$100) label(code) label(return) label(jumpto) newmem: code: cmp [ecx+08],1 je jumpto cmp eax,eax jmp return jumpto: mov [ecx+14],(float)100 jmp return address: jmp newmem nop return: [DISABLE] address: db bytes dealloc(newmem)
i have some question, i saw somewhere that you can jmp to a label and skip few lines, what was it again?
for example my code below
The code above doesn't work properly, it still applies cheat to Player Only no matter what flag is set.[ENABLE]
aobscanmodule(Inf_Money,game.exe,89 87 A4 01 00 00 EB)
alloc(newmem,$1000)
registersymbol(playeronlyflag)
label(code)
label(return)
label(playeronlyflag)
newmem:
cmp [playeronlyflag],1 //check if playeronly is active
jne newmem+4 // im not sure if this is correct, what I want is jumping to newmem again but skip 4 lines to sub [edi+000001A4],eax (so the inf money cheat applies to all enemies in game too.
cmp [edi+000001EC],0 //check if this is player
jne code //jump to original code if this is not player
sub [edi+000001A4],eax
push ebx
mov ebx,[edi+000001A4]
mov [edi+000001A4],eax
add [edi+000001A4],ebx // money wont decrease, adding spent money instead of deduct
pop ebx
jmp return
code:
mov [edi+000001A4],eax
jmp return
playeronlyflag:
dd 0 //cheat enable to all players by default
Inf_Money:
jmp newmem
nop
return:
registersymbol(Inf_Money)
[DISABLE]
Inf_Money:
db 89 87 A4 01 00 00
unregistersymbol(Inf_Money)
dealloc(newmem)
unregistersymbol(playeronlyflag)
is there anywhere incorrect? is it correct, the way i use newmem+4: on label for skipping lines?
If there isn't any, then I have to write the flag different way.
Re: Jump in Assembler
Somebody already told you above...
Just define another label, and unless you have a globally declared playeronlyflag flag variable elsewhere, declare it here like so:
This should work if I understand what you're trying to do (it helps people like me to leave the auto-generated "surrounding code" at the bottom so we can see the original code flow, BTW). If you want to add a third 'state' that affects the enemies differently if it's enabled (the flag doesn't have to be treated like a boolean, it's actually a byte after all, so you can have up to 16 'states' (0x0-0xF)), just add another label and do a cmp [playeronlyflag],2 (for example) and jump to a different section via another label.
Makes more sense now?
Just define another label, and unless you have a globally declared playeronlyflag flag variable elsewhere, declare it here like so:
Code: Select all
[ENABLE]
aobscanmodule(Inf_Money,game.exe,89 87 A4 01 00 00 EB)
alloc(newmem,$1000)
globalalloc(playeronlyflag,1)
playeronlyflag:
db 0 //Write a '0' byte to the playeronlyflag to initialize it after allocating. db writes a byte, dd 4 bytes, dq 8 bytes. A flag is (usually) a boolean (true/false, 1/0) so we only need a byte.
label(code)
label(return)
label(player)
newmem:
cmp [edi+000001EC],0 //check if this is player
jne code //jump to original code if this is not player
cmp [playeronlyflag],1 //check if playeronly is active
je player
code:
mov [edi+000001A4],eax
jmp return
player:
sub [edi+000001A4],eax
push ebx
mov ebx,[edi+000001A4]
mov [edi+000001A4],eax
add [edi+000001A4],ebx // money wont decrease, adding spent money instead of deduct
pop ebx
jmp return
Inf_Money:
jmp newmem
nop
return:
registersymbol(Inf_Money)
[DISABLE]
Inf_Money:
db 89 87 A4 01 00 00
unregistersymbol(Inf_Money)
unregistersymbol(playeronlyflag)
dealloc(newmem)
dealloc(playeronlyflag)
Makes more sense now?
-
squall0833
- Table Makers
- Posts: 198
- Joined: Sat Mar 04, 2017 1:46 pm
- Reputation: 83
Re: Jump in Assembler
yes, thanks
that really helped alot
i just need to find another fix value offset to identify player, the current 1EC seems like there is a small chance could change to different value
that really helped alot
i just need to find another fix value offset to identify player, the current 1EC seems like there is a small chance could change to different value
Who is online
Users browsing this forum: No registered users