Yeah I'm still really nubish at converting larger eMS scripts to C++, so somebody (Krow maybe) can help me with converting these scripts: Pvac Right Code (Text): [enable] alloc(PrevNext,50) label(PrevNextRet) 0091638A://8B 86 ?? ?? ?? ?? 8B 58 ?? 8B 86 ?? ?? ?? ?? 57 8d 48 ?? e8 ?? ?? ?? ?? dd 5d ?? 8b 86 ?? ?? ?? ?? dd 40 ?? 51 51 dd 1c 24 e8 jmp PrevNext db 90 PrevNextRet: PrevNext: mov eax,[esi+110] // main opcode mov [eax+4c],00 jmp PrevNextRet [disable] 0091638A: db 8B 86 10 01 00 00 dealloc(PrevNext) Lemmings Code (Text): [ENABLE] Alloc(MAXONE,512) Alloc(ONEKEY00,4) Alloc(JUPKEY,4) Alloc(JUPKEY2,4) Registersymbol(MAXONE) Registersymbol(ONEKEY00) Registersymbol(JUPKEY) Registersymbol(JUPKEY2) Label(MAXONE00) Label(ONE) Label(ONE00) Label(TWO) Label(TWO00) ONEKEY00: dd 1 JUPKEY: dd 1 JUPKEY2: dd 1 MAXONE: fld qword ptr [ebp-14] leave cmp [ONEKEY00],0 je MAXONE00 cmp dword ptr [esp],009215C6 //DC 6D ?? 83 C4 10 DD 55 ?? DC 1D ?? ?? ?? ?? DF E0 9E 0F 84 je ONE // take the first result -.- you will get 2 addresses cmp dword ptr [esp],00921AC2 //DC 5D ?? 59 59 DF E0 9E ?? ?? DD 45 ?? 8B CE 51 51 DD 1C 24 E8 ?? ?? ?? ?? 89 46 ?? 83 BF ?? ?? 00 00 00 74 ?? 6A 00 6A je TWO // take the first result -.- you will get 2 addresses MAXONE00: ret ONE: add esp,4 cmp [JUPKEY],1 jne ONE00 cmp [ebx+248],2 // 8B 83 ?? ?? 00 00 83 F8 01 0F 85 ?? ?? ?? ?? DD 45 jne ONE00 mov [ebx+4A8],0 // + the same as the one above fsubr qword ptr [ebp-18] add esp,10 fst qword ptr [ebp-18] fcomp qword ptr [00A38C30] //00 00 00 00 00 00 00 00 66 00 61 00 69 00 ?? 00 00 00 jmp 00921955 //FF 75 ?? 8B CB FF 75 ?? E8 ?? ?? ?? ?? 5F 5E 5B C9 C2 ?? ?? 55 8B EC 51 51 53 56 8B D9 57 ONE00: fsubr qword ptr [ebp-18] jmp 009215C9 //83 C4 ?? DD 55 ?? DC 1D ?? ?? ?? ?? DF E0 9E 0F 84 ?? ?? ?? ?? 8B 83 ?? ?? 00 00 83 F8 01 TWO: add esp,4 cmp [JUPKEY2],1 jne TWO00 fcomp qword ptr [ebp-08] pop ecx pop ecx jmp 00921B2C //83 BF ?? ?? ?? ?? 03 0F 85 ?? ?? ?? ?? FF 77 ?? 83 65 ?? 00 TWO00: fcomp qword ptr [ebp-08] jmp 00921AC5 //59 59 DF E0 9E 73 21 DD 45 F8 8B CE 51 51 DD 1C 24 E8 0059E202: //DD 45 ?? C9 C3 56 6A FF FF 74 24 ?? 8B F1 E8 ?? ?? ?? ?? 8B c6 5e c2 jmp MAXONE [DISABLE] 0059E202: db DD 45 EC C9 C3 dealloc(MAXONE) dealloc(ONEKEY00) dealloc(JUPKEY) dealloc(JUPKEY2) unregistersymbol(MAXONE) unregistersymbol(ONEKEY00) unregistersymbol(JUPKEY) unregistersymbol(JUPKEY2) And yeah, please explain how to do it, cuz I can't ask you guys the whole time :P If someone can explain that good, I would really appreciate it! Thanks :D ~ Tariq
here is pvac Code (Text): #define jmp(frm, to) (int)(((int)to - (int)frm) - 5) DWORD pvacPointer = 0x0091638A; DWORD pvacReturn = pvacPointer + 5; __declspec(naked) void __stdcall pvacHook() { __asm { mov eax, [esi + 0x110] mov dword ptr[eax + 0x4c], 0x00 jmp pvacReturn } } void enablePvac() { *(BYTE*)pvacPointer = 0xe9; //jump *(DWORD*)(pvacPointer + 1) = jmp(pvacPointer, pvacHook); *(BYTE*)(pvacPointer + 5) = 0x90; } other one is too long to long. no time =P
Thanks ;) Can you also explain it maybe? :P Cuz I don't want to ask those things all the time, I wanna do it by myself you know :P
if you just want to learn AA -> ASM, you alone will suffice to give a few glances at a few source codes and you can understand, I am new to ASM yet but what is AA -> ASM is not difficult
Hmm allright, cuz I was like making a little trainer for some friends and shit, and I encountered this problem :P So I first have to go learn AA -> ASM a lil'?
This is AA Code (Text): [enable] alloc(PrevNext,50) label(PrevNextRet) 0091638A://8B 86 ?? ?? ?? ?? 8B 58 ?? 8B 86 ?? ?? ?? ?? 57 8d 48 ?? e8 ?? ?? ?? ?? dd 5d ?? 8b 86 ?? ?? ?? ?? dd 40 ?? 51 51 dd 1c 24 e8 jmp PrevNext db 90 PrevNextRet: PrevNext: mov eax,[esi+110] // main opcode mov [eax+4c],00 jmp PrevNextRet [disable] 0091638A: db 8B 86 10 01 00 00 dealloc(PrevNext) This is ASM Code (Text): mov eax, [esi + 0x110] mov dword ptr[eax + 0x4c], 0x00 jmp pvacReturn
Code (Text): [enable] alloc(7Miss,60) label(7MissRet) 008C064B: // 39 75 ?? 75 ?? 39 75 ?? 74 ?? 8b 45 ?? db 45 ?? 8b 88 ?? ?? ?? ?? 51 51 dd 1c 24 jmp 7Miss 7MissRet: 7Miss: [COLOR="Red"][B]mov [ebp+0c],00//KB (Main) inc [7Miss+32] cmp dword ptr [7Miss+32],07//Miss Amount jg 7Miss+22 mov [ebp+08],00 jmp 7MissRet 7Miss+22: mov [7Miss+32],00 jmp 7MissRet[/B][/COLOR] [disable] 008C064B: db 39 5D 0C 75 05 dealloc(7Miss) Red part is ASM part?
yep do not forget to add 0x to the numbers That would look so: Code (Text): mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [Miss7C+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet]
Hmm, so this script is going to be in C++: Code (Text): __declspec(naked) void __stdcall 7MissGodmode() { __asm { mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [Miss7C+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet] } } What do I have to put in DWORD and such now?
dw7MissKB = 0x008C064B; dw7MissKBRet = dw7MissKB+5; 7MissRet : the value of this comes to be your addy + the number of byte that has your addy Code (Text): Addy : 008C064B Byte :39 5D 0C 75 05 then 7MissRet = you addy +5
So if it was: Code (Text): Addy : 008C064B Byte : 0C 75 05 then 7MissRet = +3 right? But why are you writer dw and not DWORD or something?
Yep Code (Text): DWORD dw7MissKB = 0x008C064B; DWORD dw7MissKBRet = dw7MissKB+5; just remove it to make the example
Code (Text): DWORD dw7MissKB = 0x008C064B; DWORD dw7MissKBRet = dw7MissKB+5; __declspec(naked) void __stdcall 7MissGodmode() { __asm { mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [Miss7C+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet] } } So that's the C++ then right?
do not forget this Code (Text): [enable] alloc(7Miss,60) label(7MissRet) 008C064B: // 39 75 ?? 75 ?? 39 75 ?? 74 ?? 8b 45 ?? db 45 ?? 8b 88 ?? ?? ?? ?? 51 51 dd 1c 24 jmp 7Miss 7MissRet: 7Miss: mov [ebp+0c],00//KB (Main) inc [[COLOR="Red"]7Miss[/COLOR]+32] cmp dword ptr [7Miss+32],07//Miss Amount jg 7Miss+22 mov [ebp+08],00 jmp 7MissRet 7Miss+22: mov [7Miss+32],00 jmp 7MissRet [disable] 008C064B: db 39 5D 0C 75 05 dealloc(7Miss) Code (Text): DWORD dw7MissKB = 0x008C064B; DWORD dw7MissKBRet = dw7MissKB+5; __declspec(naked) void __stdcall 7MissGodmode() { __asm { mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [[COLOR="Red"]Miss7C[/COLOR]+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet] } } I would fail because that is not declared all I had to do was declare it, but always look out for that very reason all is well Code (Text): DWORD dw7MissKB = 0x008C064B; DWORD dw7MissKBRet = dw7MissKB+5; DWORD Miss7C; __declspec(naked) void __stdcall Miss7NoKBASM(){ __asm{ mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [Miss7C+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet] } }
So I've to declare everything *not bytes* between this [text+0x00] And in the 7Miss, the Miss7C only is DWORD, because it doesn't have a own addy or something?
uhmmm would not know how to explain, just see this, if that variable is not declared'll get an error. Now ask yourself in the code AA is some value to be declared? Like I said I am still new to ASM, and thus take it logically and I think it's okay
Code (Text): DWORD dw7MissKB = 0x008C064B; DWORD dw7MissKBRet = dw7MissKB+5; DWORD Miss7C; VOID MissGodmode(__in BOOL bEnable) [COLOR="Red"] __declspec(naked) void __stdcall MissGodmode(){[/COLOR] __asm{ mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [Miss7C+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet] } } That's my script but I get error at red line: " Error 1 error C2144: syntax error : 'void' should be preceded by ';'
what you're doing is really bad, I recommend you see some source code that contains code cave but I'll leave it Code (Text): DWORD dw7MissKB = 0x008C064B;//39 75 0C 75 ?? 39 75 10 74 ?? 8B 45 F0 DB 45 10 8B 88 ?? ?? 00 00 51 51 DD 1C DWORD dw7MissKBRet = dw7MissKB+5; DWORD Miss7C; BYTE b7MissOriginal[] = {0x39, 0x5D, 0x0C, 0x75, 0x05}; __declspec(naked) void __stdcall Miss7KBASM(){ __asm{ mov dword ptr ds: [ebp+0x0c],0x00 //KB inc [Miss7C+0x32] cmp dword ptr [Miss7C+0x32],0x07 //Miss Amount jg Miss mov dword ptr ds: [ebp+0x08],0x00//Dmg jmp [dw7MissKBRet] Miss: mov [Miss7C+0x32],0x00 jmp [dw7MissKBRet] } } void Miss7KB(bool state) { if (state) { *(BYTE*)dw7MissKB = 0xE9; *(DWORD*)(dw7MissKB + 1) = jmp(dw7MissKB, Miss7KBASM); } else { for (int i = 0; i < sizeof(b7MissOriginal); i++) *(BYTE*)(dw7MissKB + i) = b7MissOriginal[i]; } }
