| View previous topic :: View next topic |
| Author |
Message |
h4c0r-BG
Master Cheater
 Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
 Posted: Sun Nov 04, 2007 7:24 am Post subject: [Help {AA}] Addresses are changing in different OS |
 |
|
[Help {AA}] Addresses are changing in different OS
I've made so far so good a working and nice Script with Codecave.
The bad thing is that the addresses are different for some computers.
The game starts and loads opengl32.dll (which i am hacking)
My addresses for the script are:
| Quote: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
5eda4e1f:
db 8B 44 24 04 83 F8 05 74 10 83 F8 06 74 0B 64 A1 18 00 00 00 E9 BE DA F5 FF 68 71 0B 00 00 E8 06 E0 F5 FF EB E9 90
5ed028f0:
jmp 5eda4e1f
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
5ed028f0:
mov eax, FS:[18] |
In different OS i saw it changed to:
| Quote: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
5f0d4e1f:
db 8B 44 24 04 83 F8 05 74 10 83 F8 06 74 0B 64 A1 18 00 00 00 E9 BE DA F5 FF 68 71 0B 00 00 E8 06 E0 F5 FF EB E9 90
5f0d28f0:
jmp 5f0d4e1f
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
5f0d28f0:
mov eax, FS:[18] |
How to make a script which is working for both of us and any other person whom adresses are different from those?
_________________
Last edited by h4c0r-BG on Sun Nov 04, 2007 7:45 am; edited 1 time in total |
|
| Back to top |
|
 |
samuri25404
Grandmaster Cheater
 Reputation: 7
Joined: 04 May 2007
Posts: 955
Location: Why do you care?
|
| Posted: Sun Nov 04, 2007 7:31 am Post subject: |
|
|
1)
That has got to be the craziest thing I have ever seen...
| Code: |
5eda4e1f:
db 8B 44 24 04 83 F8 05 74 10 83 F8 06 74 0B 64 A1 18 00 00 00 E9 BE DA F5 FF 68 71 0B 00 00 E8 06 E0 F5 FF EB E9 90
|
Use a damned jmp and place your code in something else...
Also, I'm pretty sure that that's going to overwrite some other stuff, and may result in a crash. I don't know if you intended it to do that, but it's pretty crazy.
2)
Unfortunately, I really don't think that there's a way--the different OSs do things different ways... =/
|
|
| Back to top |
|
|
Noz3001
I'm a spammer
 Reputation: 26
Joined: 29 May 2006
Posts: 6220
Location: /dev/null
|
| Posted: Sun Nov 04, 2007 7:41 am Post subject: |
|
|
| Yeah? You didn't think the files would be the same on every OS did you?..
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Sun Nov 04, 2007 7:50 am Post subject: |
|
|
Pardon me.  Forgot to edit the jump addresses.
Umm everything changes. And yes the codecave can be set anywhere else and there i wont have the problem. But the problem is that WHAT I AM HACKING is changing.
I am injecting a code in the codecave then making the patches to the address which i will redirect to read my codecave.
Isn't there a way like opengl32.dll+xxxx o_O?
_________________
|
|
| Back to top |
|
|
Noz3001
I'm a spammer
Reputation: 26
Joined: 29 May 2006
Posts: 6220
Location: /dev/null
|
| Posted: Sun Nov 04, 2007 8:08 am Post subject: |
|
|
| h4c0r-BG wrote: | Pardon me. Forgot to edit the jump addresses.
Umm everything changes. And yes the codecave can be set anywhere else and there i wont have the problem. But the problem is that WHAT I AM HACKING is changing.
I am injecting a code in the codecave then making the patches to the address which i will redirect to read my codecave.
Isn't there a way like opengl32.dll+xxxx o_O? |
Yeah. Thats the base address of the module plus the offset of the address
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Sun Nov 04, 2007 8:47 am Post subject: |
|
|
And yes when i click assing to current CT ....
How to properly do it to evade that error?
_________________
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Sun Nov 04, 2007 9:21 am Post subject: |
|
|
Its still not gonna be the address for both, its gonna be 0x400k+4e1f... (Probably 0x400k, because usally the beginning is at 0x00400000)
You can scan for the aob's dynmicly (like jaac does) or just change them both and hope it won't crash? 
|
|
| Back to top |
|
|
Noz3001
I'm a spammer
Reputation: 26
Joined: 29 May 2006
Posts: 6220
Location: /dev/null
|
| Posted: Sun Nov 04, 2007 11:07 am Post subject: |
|
|
| h4c0r-BG wrote: | And yes when i click assing to current CT ....
How to properly do it to evade that error?
|
Did you assembe it when you were attached to the program using the DLL?
|
|
| Back to top |
|
|
sponge
I'm a spammer
 Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Sun Nov 04, 2007 11:35 am Post subject: |
|
|
The dll must be loaded and recognized as a symbol before you can use module names.
_________________
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Sun Nov 04, 2007 11:35 am Post subject: |
|
|
| noz3001 wrote: |
Did you assembe it when you were attached to the program using the DLL? |
I did not. Thanks mate. Now everything is solved. 
Thanks for the help 
_________________
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
