View previous topic :: View next topic |
Author |
Message |
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Thu Sep 17, 2015 10:01 pm Post subject: Scan and replace very long AOB |
|
|
Does some one can help to make a function which able to scan and replace very long AOB ?
Code: |
AOB to scan :
27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05
60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df
01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fe 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06
62 08 12 da 01 00 d2 82 63 07 62 08 96 11 cd 01 00 10 c2 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 1a 01 00 62 04 66 a9
5a 62 09 11 c0 00 00 60 f8 13 66 ab e9 01 62 09 11 f7 00 00 ab 62 09 96 12 cd 00 00 2a 62 08 12 bb 00 00 12 43 00 00 62 09 11
b0 00 00 29 62 08 12 41 00 00 62 04 66 a1 10 62 08 96 11 87 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 08 96 11 b9 00 00 ab 62
09 10 0d 00 00 2a d6 07 92 07 08 05 d2 2a c3 02 08 03 11 a2 00 00 12 4e 00 00 62 09 96 12 7c 00 00 5d 82 41 62 04 66 ca 89 01
66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12
4a 82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12
90 00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00
00 60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04
66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80
93 b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04
5d d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04
66 a1 10 62 05 61 83 e6 01 32 07 06 11 37 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 47 47
AOB replace
27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05
60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df
01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fd 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06
62 08 12 d9 01 00 d2 82 63 07 62 08 96 11 cc 01 00 10 c1 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 19 01 00 62 04 66 a9
5a 62 09 11 bf 00 00 60 f8 13 66 ab e9 01 62 09 11 f6 00 00 ab 62 09 96 12 cc 00 00 2a 62 08 12 ba 00 00 12 00 00 00 62 09 11
af 00 00 29 62 08 12 40 00 00 62 04 66 a1 10 62 08 96 11 00 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 09 11 00 00 00 af 62 08
10 0d 00 00 c0 63 07 c3 08 af 08 03 1f 08 07 c2 04 96 12 00 00 00 12 00 00 00 62 09 12 00 00 00 5d 82 41 62 04 66 ca 89 01 66
ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a
82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12 90
00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00 00
60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04 66
ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80 93
b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04 5d
d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04 66
a1 10 62 05 61 83 e6 01 32 07 06 11 38 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 02 47 47
|
Thanks and regard
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Thu Sep 17, 2015 10:13 pm Post subject: |
|
|
Code: | [ENABLE]
aobscan(myaob,27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05 60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df 01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fe 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06 62 08 12 da 01 00 d2 82 63 07 62 08 96 11 cd 01 00 10 c2 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 1a 01 00 62 04 66 a9 5a 62 09 11 c0 00 00 60 f8 13 66 ab e9 01 62 09 11 f7 00 00 ab 62 09 96 12 cd 00 00 2a 62 08 12 bb 00 00 12 43 00 00 62 09 11 b0 00 00 29 62 08 12 41 00 00 62 04 66 a1 10 62 08 96 11 87 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 08 96 11 b9 00 00 ab 62 09 10 0d 00 00 2a d6 07 92 07 08 05 d2 2a c3 02 08 03 11 a2 00 00 12 4e 00 00 62 09 96 12 7c 00 00 5d 82 41 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a 82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12 90 00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00 00 60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80 93 b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04 5d d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04 66 a1 10 62 05 61 83 e6 01 32 07 06 11 37 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 47 47)
myaob:
db 27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05 60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df 01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fd 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06 62 08 12 d9 01 00 d2 82 63 07 62 08 96 11 cc 01 00 10 c1 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 19 01 00 62 04 66 a9 5a 62 09 11 bf 00 00 60 f8 13 66 ab e9 01 62 09 11 f6 00 00 ab 62 09 96 12 cc 00 00 2a 62 08 12 ba 00 00 12 00 00 00 62 09 11 af 00 00 29 62 08 12 40 00 00 62 04 66 a1 10 62 08 96 11 00 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 09 11 00 00 00 af 62 08 10 0d 00 00 c0 63 07 c3 08 af 08 03 1f 08 07 c2 04 96 12 00 00 00 12 00 00 00 62 09 12 00 00 00 5d 82 41 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a 82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12 90 00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00 00 60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80 93 b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04 5d d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04 66 a1 10 62 05 61 83 e6 01 32 07 06 11 38 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 02 47 47
[DISABLE] |
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Fri Sep 18, 2015 12:13 am Post subject: |
|
|
Thanks Zanzer,
I am not think about use AA before.
I did by separate AOB into 2 part for manual scan and also can do by use simple aobswap(scan, replace) function if want put the code in a game trainer by ignoring result list found.
Regards
|
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Fri Sep 18, 2015 1:56 am Post subject: |
|
|
Sir Why Don't U Use Luacall ?
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Fri Sep 18, 2015 9:07 am Post subject: |
|
|
MasterHacking321,
I just want other method, even that will easy use luacall, aobscan, or aobswap and ignoring how much AOB codes found as result list.
As you know aobscan will doing for first record / address found and then stop. We able manipulating it by "scan till end" or "scan till not found", to process scan and replace all codes found.
In other case if need, we also able to save that AOB code as string and load it with a function.
My point is just to progress it with very simple way and put the method into a game trainer. And the easy way is like shown by Zanzer.
regards
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Fri Sep 18, 2015 10:13 am Post subject: |
|
|
Not sure if unpack() has a limit in the number of results it can return.
Code: | [ENABLE]
{$lua}
aob_replace = {0x90, 0x90, 0x90, 0x90}
aob_original = {0x48, 0x83, 0xEC, 0x28}
aob = AOBScan(unpack(aob_original))
for i=0, aob.Count-1 do
writeBytes(aob[i], unpack(aob_replace))
end
{$asm}
[DISABLE]
{$lua}
for i=0, aob.Count-1 do
writeBytes(aob[i], unpack(aob_original))
end
aob.Destroy()
aob = nil
{$asm} |
|
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Fri Sep 18, 2015 11:52 am Post subject: |
|
|
Nice Work Zanzer
Thanks A lot
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Fri Sep 18, 2015 7:13 pm Post subject: |
|
|
Thank so much Zanzer,
This is about unpack() -- from REDIS scripting unpack(ARGV)
Code: |
That said, unpack() actually has a limit on the size of the table which
is defined by LUAI_MAXCSTACK in luaconf.h forcing a maximum number of Lua
stack slots that a C function can use. This limit is set to 8000 by
default, meaning that your ARGV table can contain up to 8000 elements (it's
more than reasonable in this context).
|
Maybe this condition is similar in LUA 5.2 / 5.3
Next with Zanzer function, i have problem to adding 0x.. for every bytes.
If the AOB is short then no problem, but if very long, it give a problem.
Maybe this function able to handle it, if I not wrong.
Code: |
local scan = '48 83 EC 28';
local replace = '90 90 90 90';
local replace_table = {};
for byte in string.gfind(replace, "[^%s]+") do
table.insert(replace_table, tonumber('0x'..byte));
end
print(unpack(replace_table));
local data = AOBScan(scan);
if (data) then
local count = data.getCount();
for i=0, count-1 do
local address = data.getString(i);
writeBytes(address, replace_table);
end
end
|
regards
Last edited by Corroder on Fri Sep 18, 2015 7:38 pm; edited 1 time in total |
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Fri Sep 18, 2015 7:28 pm Post subject: |
|
|
Code: | local replace_str = "90 90 90 90"
local aob_replace = {}
for i in string.gmatch(replace_str, "%S+") do
aob_replace[#aob_replace+1] = tonumber(i,16)
end |
Code: | [ENABLE]
{$lua}
aob_pattern_str = "48 83 EC 28"
aob_replace_str = "90 90 90 90"
aob_pattern_arr = {}
aob_replace_arr = {}
for i in string.gmatch(aob_pattern_str, "%S+") do
aob_pattern_arr[#aob_pattern_arr+1] = tonumber(i,16)
end
for i in string.gmatch(aob_replace_str, "%S+") do
aob_replace_arr[#aob_replace_arr+1] = tonumber(i,16)
end
aob_scan = AOBScan(unpack(aob_pattern_arr))
for i=0, aob_scan.Count-1 do
writeBytes(aob_scan[i], unpack(aob_replace_arr))
end
{$asm}
[DISABLE]
{$lua}
for i=0, aob_scan.Count-1 do
writeBytes(aob_scan[i], unpack(aob_pattern_arr))
end
aob_scan.Destroy()
aob_scan = nil
aob_pattern_str = nil
aob_replace_str = nil
aob_pattern_arr = nil
aob_replace_arr = nil
{$asm} |
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Fri Sep 18, 2015 7:42 pm Post subject: |
|
|
Thanks Zanzer for very quick reply...
I am use the second code and it work properly.
Regards
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Fri Sep 18, 2015 8:08 pm Post subject: |
|
|
Here's an even better script. It allows you to use the '??' wildcard for both the search and replace.
So the code below will only overwrite the function call bytes: "E8 ?? ?? ?? ??"
Code: | [ENABLE]
{$lua}
local pattern = "48 83 EC 28 E8 ?? ?? ?? ?? 48 83 C4 28 EB"
local replace = "?? ?? ?? ?? 90 90 90 90 90 ?? ?? ?? ?? ??"
aob_scan_results = AOBScan(pattern)
aob_backup_bytes = {}
local length = (#replace + 1) / 3
for i = 0, aob_scan_results.Count - 1 do
local backup = readBytes(aob_scan_results[i], length, true)
local bytes = {}
for hex in string.gmatch(replace, "%S+") do
local size = #bytes + 1
if hex == "??" then
bytes[size] = backup[size]
else
bytes[size] = tonumber(hex, 16)
end
end
aob_backup_bytes[i] = backup
writeBytes(aob_scan_results[i], bytes)
end
{$asm}
[DISABLE]
{$lua}
for i = 0, aob_scan_results.Count - 1 do
writeBytes(aob_scan_results[i], aob_backup_bytes[i])
end
aob_scan_results.Destroy()
aob_scan_results = nil
aob_backup_bytes = nil |
|
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Fri Sep 18, 2015 9:09 pm Post subject: |
|
|
Thanks Zanzer and Corroder both of u did awesome
Thanks a lot
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Sat Sep 19, 2015 5:45 am Post subject: |
|
|
Ahaa....very nice function Zanzer.
Also work properly and very useful code.
Thank so much...
|
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Sat Sep 19, 2015 5:46 am Post subject: |
|
|
Yup Sir It Is Awesome
|
|
Back to top |
|
|
Demadom How do I cheat? Reputation: 0
Joined: 15 Nov 2014 Posts: 8
|
Posted: Wed Mar 08, 2017 11:54 pm Post subject: |
|
|
I cant get any of the above coeds to work. I keeps giveing me an error.
The error is
[string "[ENABLE]
....."]:1: unexpected symbol near '['
Never ran across this so wtf does it mean?
|
|
Back to top |
|
|
|