| View previous topic :: View next topic |
| Author |
Message |
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
 Posted: Thu Dec 18, 2008 10:16 am Post subject: AoB Scanning |
 |
|
I made my own Signature scanner and it always seem to return an invalid address
| Code: |
DWORD Search(char* addr){
int min = 0x00400000;
int max = 0x7FFFFFFF;
char *temp;
int length = strlen(addr);
for(; min <=max ; min++){
temp = new char[length];
memcpy((void*)temp,(void*)min, length);
if(addr == temp){
return (DWORD)min;
}
}
return 0;
}
|
:S
Last edited by &Vage on Thu Dec 18, 2008 11:49 am; edited 2 times in total |
|
| Back to top |
|
 |
b6ooy
Grandmaster Cheater
![]() Reputation: 0
Joined: 21 Sep 2006
Posts: 653
|
| Posted: Thu Dec 18, 2008 10:37 am Post subject: |
|
|
| why zeromemory min of you are going to return it ?
|
|
| Back to top |
|
|
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Thu Dec 18, 2008 10:50 am Post subject: |
|
|
| b6ooy wrote: | | why zeromemory min of you are going to return it ? |
I wanted to take off some memory usage.
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Thu Dec 18, 2008 11:19 am Post subject: |
|
|
but didn't you cleaned min's memory b4 you returned it?
edit: btw what's the meaning of (void*) always wondered o_O
|
|
| Back to top |
|
|
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Thu Dec 18, 2008 11:21 am Post subject: |
|
|
| 1qaz wrote: | but didn't you cleaned min's memory b4 you returned it?
edit: btw what's the meaning of (void*) always wondered o_O |
Oh! Lol! Ok fixed  , still doesn't work :/
|
|
| Back to top |
|
|
Reak
I post too much
 Reputation: 0
Joined: 15 May 2007
Posts: 3496
|
| Posted: Thu Dec 18, 2008 11:21 am Post subject: Re: AoB Scanning |
|
|
| _void_ wrote: | | Code: | ZeroMemory((void*)min,sizeof(min));
ZeroMemory((void*)max,sizeof(max));
ZeroMemory((void*)temp,sizeof(temp));
return (DWORD)min; |
|
Makes no sense to me :S.
Edit: nuuu I ish late 
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Thu Dec 18, 2008 11:26 am Post subject: |
|
|
ZeroMemory((void*)min,sizeof(min));
ZeroMemory((void*)max,sizeof(max));
ZeroMemory((void*)temp,sizeof(temp));
is going to do horrible things.
use &, not (void*)
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Thu Dec 18, 2008 12:09 pm Post subject: |
|
|
how about
| Code: |
if (strcmp(addr,temp) == 0) return (DWORD)min;
|
?
|
|
| Back to top |
|
|
smartz993
I post too much
 Reputation: 2
Joined: 20 Jun 2006
Posts: 2013
Location: USA
|
| Posted: Thu Dec 18, 2008 12:46 pm Post subject: |
|
|
| 1qaz wrote: | but didn't you cleaned min's memory b4 you returned it?
edit: btw what's the meaning of (void*) always wondered o_O |
(void*) will cast whatever follows it as a pointer.
| 1qaz wrote: | how about
| Code: |
if (strcmp(addr,temp) == 0) return (DWORD)min;
|
? |
doesn't matter, i think he's using Borland C++ Builder.
|
|
| Back to top |
|
|
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Thu Dec 18, 2008 12:57 pm Post subject: |
|
|
| smartz993 wrote: | | 1qaz wrote: | but didn't you cleaned min's memory b4 you returned it?
edit: btw what's the meaning of (void*) always wondered o_O |
(void*) will cast whatever follows it as a pointer.
| 1qaz wrote: | how about
| Code: |
if (strcmp(addr,temp) == 0) return (DWORD)min;
|
? |
doesn't matter, i think he's using Borland C++ Builder. |
MSVC++, my C++ builder trial ran out, to lazy to make a new account :/
|
|
| Back to top |
|
|
Spawnfestis
GO Moderator
 Reputation: 0
Joined: 02 Nov 2007
Posts: 1746
Location: Pakistan
|
| Posted: Thu Dec 18, 2008 1:12 pm Post subject: |
|
|
| _void_ wrote: | | smartz993 wrote: | | 1qaz wrote: | but didn't you cleaned min's memory b4 you returned it?
edit: btw what's the meaning of (void*) always wondered o_O |
(void*) will cast whatever follows it as a pointer.
| 1qaz wrote: | how about
| Code: |
if (strcmp(addr,temp) == 0) return (DWORD)min;
|
? |
doesn't matter, i think he's using Borland C++ Builder. |
MSVC++, my C++ builder trial ran out, to lazy to make a new account :/ |
MSVC++ is good.. 
_________________
CLICK TO HAX MAPLESTORAY ^ !!!! |
|
| Back to top |
|
|
nog_lorp
Grandmaster Cheater
 Reputation: 0
Joined: 26 Feb 2006
Posts: 743
|
| Posted: Thu Dec 18, 2008 1:17 pm Post subject: |
|
|
Several major mistakes.
A) You are doing a shallow compare of the pointers, not a deep compare of the values they contain. addr == temp is just checking if the two addresses are the same.
B) strlen is wrong in this case. char * does not necessarily mean c string. You may want AOBS with 0s midway. You should make the function take the array and a length.
C) Minor point, no reason to copy the bytes at min into temp.
| Code: | DWORD Search(char* addr, int length) {
char *min = 0x00400000;
char *max = 0x7FFFFFFF;
int i;
for (; min <= max - length; min++) {
for (i = 0; i < length; i++) {
if(addr[i] != min[i])
break;
}
if (i == length)
return (DWORD)min;
}
return 0;
} |
You may also want to use the true image base, GetModuleHandle(NULL), or the true code base,
| Code: | DWORD *min = (DWORD *)GetModuleHandle(NULL);
DWORD *tmp = min + min[0x3c / 4]/4;
tmp = min + tmp[0x2c / 4]/4;
printf("%x", tmp); |
_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish |
|
| Back to top |
|
|
crayzbeef
Expert Cheater
![]() Reputation: 0
Joined: 21 Jan 2007
Posts: 101
|
| Posted: Mon Dec 22, 2008 8:22 pm Post subject: |
|
|
| Spawnfestis wrote: | | _void_ wrote: | | smartz993 wrote: | | 1qaz wrote: | but didn't you cleaned min's memory b4 you returned it?
edit: btw what's the meaning of (void*) always wondered o_O |
(void*) will cast whatever follows it as a pointer.
| 1qaz wrote: | how about
| Code: |
if (strcmp(addr,temp) == 0) return (DWORD)min;
|
? |
doesn't matter, i think he's using Borland C++ Builder. |
MSVC++, my C++ builder trial ran out, to lazy to make a new account :/ |
MSVC++ is good.. |
Yeah.. borland is shit.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
