| View previous topic :: View next topic |
| Author |
Message |
user5594
Advanced Cheater
![]() Reputation: 0
Joined: 03 Oct 2014
Posts: 72
Location: ::1
|
 Posted: Mon Aug 31, 2015 11:16 pm Post subject: Quick help with array of bytes |
 |
|
I found what is subtracting health from the player in Minecraft (singleplayer) and I would like to disable it. It works great when I go into the disassembler and replace the first line with code that does nothing.
Before
| Code: | F3 0F11 44 9F 7C - movss [rdi+rbx*4+7C],xmm0
F3 0F10 87 84000000 - movss xmm0,[rdi+00000084]
F3 0F10 97 80000000 - movss xmm2,[rdi+00000080]
|
After
| Code: | 90 - nop
90 - nop
90 - nop
90 - nop
90 - nop
90 - nop
F3 0F10 87 84000000 - movss xmm0,[rdi+00000084]
F3 0F10 97 80000000 - movss xmm2,[rdi+00000080]
|
The problem I'm having is that when I auto-assemble the first line and do Cheat Table Framework Code --> AOB Injection, I can't seem to get it to work.
Here is the script:
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(INJECT,Minecraft.Win10.DX11.exe,F3 0F 11 44 9F 7C) // should be unique
alloc(newmem,$1000,"Minecraft.Win10.DX11.exe"+1DA18A)
label(code)
label(return)
newmem:
code:
movss [rdi+rbx*4+7C],xmm0
jmp return
INJECT:
jmp code
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 44 9F 7C
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Minecraft.Win10.DX11.exe"+1DA18A
"Minecraft.Win10.DX11.exe"+1DA166: 48 8B 4A 10 - mov rcx,[rdx+10]
"Minecraft.Win10.DX11.exe"+1DA16A: 48 85 C9 - test rcx,rcx
"Minecraft.Win10.DX11.exe"+1DA16D: 74 10 - je Minecraft.Win10.DX11.exe+1DA17F
"Minecraft.Win10.DX11.exe"+1DA16F: F3 0F 10 52 30 - movss xmm2,[rdx+30]
"Minecraft.Win10.DX11.exe"+1DA174: 48 8B 01 - mov rax,[rcx]
"Minecraft.Win10.DX11.exe"+1DA177: 8B 52 34 - mov edx,[rdx+34]
"Minecraft.Win10.DX11.exe"+1DA17A: FF 50 08 - call qword ptr [rax+08]
"Minecraft.Win10.DX11.exe"+1DA17D: EB 05 - jmp Minecraft.Win10.DX11.exe+1DA184
"Minecraft.Win10.DX11.exe"+1DA17F: F3 0F 10 42 08 - movss xmm0,[rdx+08]
"Minecraft.Win10.DX11.exe"+1DA184: F3 0F 58 44 9F 7C - addss xmm0,[rdi+rbx*4+7C]
// ---------- INJECTING HERE ----------
"Minecraft.Win10.DX11.exe"+1DA18A: F3 0F 11 44 9F 7C - movss [rdi+rbx*4+7C],xmm0
// ---------- DONE INJECTING ----------
"Minecraft.Win10.DX11.exe"+1DA190: F3 0F 10 87 84 00 00 00 - movss xmm0,[rdi+00000084]
"Minecraft.Win10.DX11.exe"+1DA198: F3 0F 10 97 80 00 00 00 - movss xmm2,[rdi+00000080]
"Minecraft.Win10.DX11.exe"+1DA1A0: 0F 2F C2 - comiss xmm0,xmm2
"Minecraft.Win10.DX11.exe"+1DA1A3: 48 8B 5C 24 30 - mov rbx,[rsp+30]
"Minecraft.Win10.DX11.exe"+1DA1A8: F3 0F 10 4F 7C - movss xmm1,[rdi+7C]
"Minecraft.Win10.DX11.exe"+1DA1AD: 48 8B 7C 24 20 - mov rdi,[rsp+20]
"Minecraft.Win10.DX11.exe"+1DA1B2: 76 08 - jna Minecraft.Win10.DX11.exe+1DA1BC
"Minecraft.Win10.DX11.exe"+1DA1B4: 0F 28 C2 - movaps xmm0,xmm2
"Minecraft.Win10.DX11.exe"+1DA1B7: 48 83 C4 28 - add rsp,28
"Minecraft.Win10.DX11.exe"+1DA1BB: C3 - ret
}
|
Any help would be appreciated! 
|
|
| Back to top |
|
 |
Rydian
Grandmaster Cheater Supreme
 Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Tue Sep 01, 2015 12:21 am Post subject: |
|
|
What have you tried? Commenting out the movss by putting two forward slashes (//) in front of it?
_________________
|
|
| Back to top |
|
|
vng21092
Grandmaster Cheater
 Reputation: 15
Joined: 05 Apr 2013
Posts: 644
|
| Posted: Tue Sep 01, 2015 8:12 am Post subject: |
|
|
Your code isn't working because you didn't change the code at all, you should have deleted the movss [rdi+rbx*4+7C],xmm0 under code:. Also, since all you're doing is nopping the code, you could have just written this.
| Code: | [ENABLE]
aobscanmodule(INJECT,Minecraft.Win10.DX11.exe,F3 0F 11 44 9F 7C)
registersymbol(INJECT)
INJECT:
db 90 90 90 90 90 90
[DISABLE]
INJECT:
db F3 0F 11 44 9F 7C
unregistersymbol(INJECT) |
|
|
| Back to top |
|
|
user5594
Advanced Cheater
![]() Reputation: 0
Joined: 03 Oct 2014
Posts: 72
Location: ::1
|
| Posted: Tue Sep 01, 2015 10:31 am Post subject: |
|
|
Oops...I left that part out. Yes I tried nopping the code but it kept crashing the game...anyways I tried vng21092's script and it's working! Looks about the same as what I had but I think I was adding the nop after the jmp.
Why do you need 6 nops? Wouldn't nopping that one line have the same effect? Sorry I'm still learning.
Thanks!
|
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Tue Sep 01, 2015 10:49 am Post subject: |
|
|
The movss is 6 bytes in total, so you need 6 nops (as one nop is 1 byte).
Versus if you're using the injection script, deleting the movss line (or commenting it out) is enough since what's under code: is stuck in as-is.
_________________
|
|
| Back to top |
|
|
user5594
Advanced Cheater
![]() Reputation: 0
Joined: 03 Oct 2014
Posts: 72
Location: ::1
|
| Posted: Tue Sep 01, 2015 11:10 am Post subject: |
|
|
| Rydian wrote: | The movss is 6 bytes in total, so you need 6 nops (as one nop is 1 byte).
Versus if you're using the injection script, deleting the movss line (or commenting it out) is enough since what's under code: is stuck in as-is. |
Ahh OK, I understand it a little better now thanks!
I updated my Minecraft table to have a better god mode now 
|
|
| Back to top |
|
|
vng21092
Grandmaster Cheater
Reputation: 15
Joined: 05 Apr 2013
Posts: 644
|
| Posted: Tue Sep 01, 2015 11:18 am Post subject: |
|
|
| which is why in your AOB injection script, you see only 1 nop, a jmp command takes up 5 bytes (iirc), so 5+1 = 6 . I always dump this around the site in case you want to learn more.
|
|
| Back to top |
|
|
user5594
Advanced Cheater
![]() Reputation: 0
Joined: 03 Oct 2014
Posts: 72
Location: ::1
|
| Posted: Tue Sep 01, 2015 3:47 pm Post subject: |
|
|
| vng21092 wrote: | | which is why in your AOB injection script, you see only 1 nop, a jmp command takes up 5 bytes (iirc), so 5+1 = 6 . I always dump this around the site in case you want to learn more. |
Cool, looks a little over my head right now but I'll try to make sense of it all 
|
|
| Back to top |
|
|
razakhan
Newbie cheater
![]() Reputation: 0
Joined: 14 May 2015
Posts: 16
Location: pakistan
|
| Posted: Thu Sep 03, 2015 3:14 pm Post subject: from where are you learning plz letme know |
|
|
from where are you learning plz letme know
_________________
i am not asking for hack or cheat
i am asking for help |
|
| Back to top |
|
|
user5594
Advanced Cheater
![]() Reputation: 0
Joined: 03 Oct 2014
Posts: 72
Location: ::1
|
| Posted: Thu Sep 03, 2015 3:21 pm Post subject: Re: from where are you learning plz letme know |
|
|
| razakhan wrote: | | from where are you learning plz letme know |
?
|
|
| Back to top |
|
|
razakhan
Newbie cheater
![]() Reputation: 0
Joined: 14 May 2015
Posts: 16
Location: pakistan
|
| Posted: Thu Sep 03, 2015 3:38 pm Post subject: you siad |
|
|
that you are learning coding and aob , i am asking from where
_________________
i am not asking for hack or cheat
i am asking for help |
|
| Back to top |
|
|
user5594
Advanced Cheater
![]() Reputation: 0
Joined: 03 Oct 2014
Posts: 72
Location: ::1
|
| Posted: Thu Sep 03, 2015 11:37 pm Post subject: Re: you siad |
|
|
| razakhan wrote: | | that you are learning coding and aob , i am asking from where |
Teaching myself...and some of the guys here on the forum helped me with specific questions.
Rydian has good tutorials, check out his signature. Lots of great links.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
