| View previous topic :: View next topic |
| Author |
Message |
darkfuryex
Expert Cheater
![]() Reputation: 0
Joined: 09 May 2006
Posts: 100
|
 Posted: Sat Oct 11, 2008 3:49 am Post subject: [help!]3 question on auto assemble.. |
 |
|
Hi i am new to auto assemble pls help me pls as no one explained( i think so) why/how should i do this 3 things below..
1. why will messing around with code that decreases/increases ur health in an online game server sided? lets take maple for example...isnt it calculated by the server? why when we mess with THE CODE/MEMORY, it actually DOES DO god mode? isnt it client sided? im confused X_X
2. when we alloac unused memory to something..how do i know how much KB i need? and is it confirm that EVERY game has got unused memories??
3. why is it that sometimes when i do code injection on an address, it will have one command line...and when i do it on others..it will have about 3? is it link together or something?? ill show a picture...its so confusing X_X
|
|
| Back to top |
|
 |
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Sat Oct 11, 2008 4:27 am Post subject: |
|
|
Because when you jump out from gamecode, a standard jump will take 5 bytes. 5 bytes will destroy that dec edx command as it is only 1 byte in length. It will also take the mov eax,ebx and call 4f316c as they are 'eaten-into' so-to-speak. Whereas that first example you gave... the opcode has enough bytes (6), so a jump can be created and the jump balanced with a NOP. It doesn't usually matter what you destroy on the proviso that you re-create the instructions in the code-cave before returning back 
~Psych
|
|
| Back to top |
|
|
darkfuryex
Expert Cheater
![]() Reputation: 0
Joined: 09 May 2006
Posts: 100
|
| Posted: Sat Oct 11, 2008 4:35 am Post subject: |
|
|
| [Psych] wrote: | Because when you jump out from gamecode, a standard jump will take 5 bytes. 5 bytes will destroy that dec edx command as it is only 1 byte in length. It will also take the mov eax,ebx and call 4f316c as they are 'eaten-into' so-to-speak. Whereas that first example you gave... the opcode has enough bytes (6), so a jump can be created and the jump balanced with a NOP. It doesn't usually matter what you destroy on the proviso that you re-create the instructions in the code-cave before returning back
~Psych |
O_O i see...what about question 1 and 2 O_O
thanks in advance for any replies..
edit: o yea hey i covered up the bytes but how did u know it was 6!?!? O_O
|
|
| Back to top |
|
|
DarkArc
Cheater
![]() Reputation: 0
Joined: 02 Oct 2008
Posts: 31
|
| Posted: Sat Oct 11, 2008 4:54 am Post subject: |
|
|
| darkfuryex wrote: | | [Psych] wrote: | Because when you jump out from gamecode, a standard jump will take 5 bytes. 5 bytes will destroy that dec edx command as it is only 1 byte in length. It will also take the mov eax,ebx and call 4f316c as they are 'eaten-into' so-to-speak. Whereas that first example you gave... the opcode has enough bytes (6), so a jump can be created and the jump balanced with a NOP. It doesn't usually matter what you destroy on the proviso that you re-create the instructions in the code-cave before returning back
~Psych |
O_O i see...what about question 1 and 2 O_O
thanks in advance for any replies..
edit: o yea hey i covered up the bytes but how did u know it was 6!?!? O_O |
probably because the server just doesnt know your character touched by monster or you can blink forever  , im almost sure that searching for you HP bar usless because of these calculations of the server.
about the Kbytes its probably something with the array of the addresses
you use but im not sure about that.
|
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Sat Oct 11, 2008 5:11 am Post subject: |
|
|
Ok, one, what I think you mean is "why when I change my health does it not work on online games?". And the answer to that is that the variable is known as 'server-sided', 'sync'ed' or similar. Basically the server has the last say, and it will override the value you hold on the client, or kick/ban you. Depends on the game itself and any memory protection it might have.
And two, allo and dealloc just assign memory for your use, and then strips it away when you don't need it anymore. Its space you use for your code-injection, and is known as a cave. Strictly speaking you don't need to allocate anything, as there is always free space within a game's modules that you can use for the same purpose.
As for the size of these allocations, it depends on how much your going to use. Just leaving it at the default of 2kb (2048 bytes) is more than enough for most people. If you however you are using the same area for multiple, sizeable injections, then that would warrant an increase.
Good enough? 
~Psych
|
|
| Back to top |
|
|
darkfuryex
Expert Cheater
![]() Reputation: 0
Joined: 09 May 2006
Posts: 100
|
| Posted: Sat Oct 11, 2008 8:12 am Post subject: |
|
|
| [Psych] wrote: | Ok, one, what I think you mean is "why when I change my health does it not work on online games?". And the answer to that is that the variable is known as 'server-sided', 'sync'ed' or similar. Basically the server has the last say, and it will override the value you hold on the client, or kick/ban you. Depends on the game itself and any memory protection it might have.
And two, allo and dealloc just assign memory for your use, and then strips it away when you don't need it anymore. Its space you use for your code-injection, and is known as a cave. Strictly speaking you don't need to allocate anything, as there is always free space within a game's modules that you can use for the same purpose.
As for the size of these allocations, it depends on how much your going to use. Just leaving it at the default of 2kb (2048 bytes) is more than enough for most people. If you however you are using the same area for multiple, sizeable injections, then that would warrant an increase.
Good enough?
~Psych |
yea its good enough..thanks for help too darkarc..
btw i got one more question...i covered up the bytes of 004F314D how did u know that it has got 6 bytes?
|
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Sat Oct 11, 2008 8:24 am Post subject: |
|
|
| If you study assembly long enough you can pretty much tell what all the common appearances of the opcodes with be. Moving the value in an address like that into a 32-bit register is 6-bytes for example
|
|
| Back to top |
|
|
DarkArc
Cheater
![]() Reputation: 0
Joined: 02 Oct 2008
Posts: 31
|
| Posted: Sat Oct 11, 2008 9:13 am Post subject: |
|
|
*Edited*
Last edited by DarkArc on Sat Oct 11, 2008 9:39 am; edited 5 times in total |
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Sat Oct 11, 2008 9:16 am Post subject: |
|
|
DarkArc, I suggest you read the thread again. He was talking about the number of bytes in an opcode, not how large data-types are for variables. Also, I hope your not implying that I simply 'found that info anywhere'. Despite what people may think, some of us do actually half-know stuff and work hard.
~Psych
|
|
| Back to top |
|
|
DarkArc
Cheater
![]() Reputation: 0
Joined: 02 Oct 2008
Posts: 31
|
| Posted: Sat Oct 11, 2008 9:37 am Post subject: |
|
|
| [Psych] wrote: | DarkArc, I suggest you read the thread again. He was talking about the number of bytes in an opcode, not how large data-types are for variables. Also, I hope your not implying that I simply 'found that info anywhere'. Despite what people may think, some of us do actually half-know stuff and work hard.
~Psych |
no i actualy didnt see your last post, i just read it.
before, i saw the value i knew i saw something at my book i thought is helpful so i posted it.
i havent looked at the pics, didnt pay attention he was talking about opcodes
so sorry i will edit my last post.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
