| View previous topic :: View next topic |
| Author |
Message |
Paranoiaaa123
How do I cheat?
![]() Reputation: 0
Joined: 21 Feb 2012
Posts: 6
|
 Posted: Wed Feb 29, 2012 7:01 am Post subject: Autoassamble-Code -> C++ .dll for injection ? |
 |
|
Hello.
I have this autoassamble-code:
| Code: |
[ENABLE]
alloc(injectLocWrite,1024)
label(isPlayer)
"abc.exe"+2CD2B6:
jmp injectLocWrite
injectLocWrite:
push eax
mov eax,["abc.exe"+01075E88]
mov eax,[eax+4]
cmp ecx,eax
pop eax
je isPlayer
movss [esi+08],xmm0
jmp "abc.exe"+2CD2BB
isPlayer:
jmp "abc.exe"+2CD2D6
[DISABLE]
dealloc(injectLocWrite)
"abc.exe"+2CD2B6:
movss [esi+08],xmm0
|
Now i want to code a c++ .dll to inject via wininject.
I have the following:
| Code: |
#include <iostream>
#include <Windows.h>
using namespace std;
typedef unsigned int uint;
enum data
{
ncentry=0x2CD2B6,
ncp1=0x1075E88,
ncp2=0x2CD2BB,
ncp3=0x2CD2D6,
};
DWORD base;
DWORD baseentry;
DWORD basepb;
DWORD basep1;
DWORD basep2;
__declspec(naked)void AsmOn()
{
__asm
{
push eax
mov eax, dword ptr basepb
mov eax, [eax+0x4]
cmp ecx, eax
pop eax
je isPlayer
movss [esi+0x08], xmm0
jmp dword ptr basep1
isPlayer:
jmp dword ptr basep2
};
}
extern "C" __declspec(dllexport)DWORD Initialize()
{
base=(DWORD)GetModuleHandle(NULL);
baseentry=base+ncentry;
basepb=base+ncp1;
basep1=base+ncp2;
basep2=base+ncp3;
return 1;
}
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
{
Initialize();
}
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
|
Can you help me to continue?
Where/how do i implement this?
"abc.exe"+2CD2B6:
jmp injectLocWrite
Thanks in advance...
|
|
| Back to top |
|
 |
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Wed Feb 29, 2012 12:22 pm Post subject: |
|
|
Use CE to get original address
go to memory view then right click and "Go address", type "abc.exe"+2CD2B6 and see where does it jump.
Or just get the base address for that process.
_________________
Stylo |
|
| Back to top |
|
|
Paranoiaaa123
How do I cheat?
![]() Reputation: 0
Joined: 21 Feb 2012
Posts: 6
|
| Posted: Wed Feb 29, 2012 1:40 pm Post subject: |
|
|
Thanks for your reply.
The autoassamble-script does work on that game.
I just want to implement the script to a c++ dll - so i can inject the libary.
Do i need to alloc memory in the dll or is this done by the injector?
How can i implement a jump to my code, in "abc.exe"+2CD2B6?
|
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Wed Feb 29, 2012 2:11 pm Post subject: |
|
|
Please read again what i said,
I told you to use CE to get the "real" address for you instead of "abc.exe" (The image has a numeric address), That's the base address for abc.exe
_________________
Stylo |
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 473
Joined: 09 May 2003
Posts: 25907
Location: The netherlands
|
| Posted: Wed Feb 29, 2012 5:55 pm Post subject: |
|
|
write e9 followed by the 4 byte calculation of the destination-origin-5
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Stylo
Grandmaster Cheater Supreme
![]() Reputation: 3
Joined: 16 May 2007
Posts: 1073
Location: Israel
|
| Posted: Thu Mar 01, 2012 12:02 am Post subject: |
|
|
He doesn't need the address to jump to
He needs the address where he set the jump code to go his codecave
_________________
Stylo |
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8585
Location: 127.0.0.1
|
| Posted: Thu Mar 01, 2012 3:16 pm Post subject: |
|
|
Use Module32First/Module32Next to get the base address then add your offset to it for the address you need to write to.
_________________
- Retired. |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 473
Joined: 09 May 2003
Posts: 25907
Location: The netherlands
|
| Posted: Thu Mar 01, 2012 3:43 pm Post subject: |
|
|
Seeing that he already know the way to get the address of abc.exe
| Code: |
base=(DWORD)GetModuleHandle(NULL);
|
I do believe he's just asking how to write the " jmp injectLocWrite" line
Which is formatted as e9 (addressOfAsmOn- ("abc.exe"+2CD2B6)-5)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Paranoiaaa123
How do I cheat?
![]() Reputation: 0
Joined: 21 Feb 2012
Posts: 6
|
| Posted: Mon Mar 05, 2012 2:36 pm Post subject: |
|
|
Thanks. Thats what i need.
It works now
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
