API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 4th, 2015
57
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.08 KB | None | 0 0
raw download clone embed print report
  1. alloc(mainmem,2048)
  2. alloc(stackdata, 64)
  3. alloc(testcommand, 512)
  4. alloc(facecommand, 512)
  5. alloc(facecommandstorage, 64)
  6. alloc(vertexcommand, 512)
  7. alloc(setready, 512)
  8. alloc(vertexcommandstorage, 64)
  9. alloc(convertascii, 512)
  10. alloc(convertasciistorage, 64)
  11. alloc(convertbyte, 512)
  12. alloc(numberoffaces, 4)
  13. alloc(numberofvertexes, 4)
  14. alloc(facestorage, 102400)
  15. alloc(vertexstorage, 102400)
  16. alloc(dounion, 512)
  17. alloc(shouldinject, 4)
  18. label(addvertexfalse)
  19. label(convert0)
  20. label(convert1)
  21. label(convert2)
  22. label(convert3)
  23. label(convert4)
  24. label(convert5)
  25. label(convert6)
  26. label(convert7)
  27. label(convert8)
  28. label(convert9)
  29. label(converta)
  30. label(convertb)
  31. label(convertc)
  32. label(convertd)
  33. label(converte)
  34. label(convertf)
  35. label(addfacefalse)
  36. label(testcommandfalse)
  37. label(setreadyfalse)
  38. label(returnhere)
  39. label(cleanup)
  40. label(returnunion)
  41. label(dounionop)
  42.  
  43. shouldinject:
  44. db 00 00 00 00
  45.  
  46. numberoffaces:
  47. db 00 00 00 00
  48.  
  49. numberofvertexes:
  50. db 00 00 00 00
  51.  
  52. facestorage:
  53. db 00 00 00 00
  54.  
  55. vertexstorage:
  56. db 00 00 00 00
  57.  
  58. convertbyte: //Holy crap this function is awful. Dont blame me, was written at 3am.
  59. cmp eax, 30
  60. je convert0
  61. cmp eax, 31
  62. je convert1
  63. cmp eax, 32
  64. je convert2
  65. cmp eax, 33
  66. je convert3
  67. cmp eax, 34
  68. je convert4
  69. cmp eax, 35
  70. je convert5
  71. cmp eax, 36
  72. je convert6
  73. cmp eax, 37
  74. je convert7
  75. cmp eax, 38
  76. je convert8
  77. cmp eax, 39
  78. je convert9
  79. cmp eax, 41
  80. je converta
  81. cmp eax, 42
  82. je convertb
  83. cmp eax, 43
  84. je convertc
  85. cmp eax, 44
  86. je convertd
  87. cmp eax, 45
  88. je converte
  89. cmp eax, 46
  90. je convertf
  91.  
  92. convert0:
  93. mov eax, 0
  94. ret
  95. convert1:
  96. mov eax, 1
  97. ret
  98. convert2:
  99. mov eax, 2
  100. ret
  101. convert3:
  102. mov eax, 3
  103. ret
  104. convert4:
  105. mov eax, 4
  106. ret
  107. convert5:
  108. mov eax, 5
  109. ret
  110. convert6:
  111. mov eax, 6
  112. ret
  113. convert7:
  114. mov eax, 7
  115. ret
  116. convert8:
  117. mov eax, 8
  118. ret
  119. convert9:
  120. mov eax, 9
  121. ret
  122. converta:
  123. mov eax, a
  124. ret
  125. convertb:
  126. mov eax, b
  127. ret
  128. convertc:
  129. mov eax, c
  130. ret
  131. convertd:
  132. mov eax, d
  133. ret
  134. converte:
  135. mov eax, e
  136. ret
  137. convertf:
  138. mov eax, f
  139. ret
  140.  
  141. convertasciistorage:
  142.  
  143. convertascii:
  144. mov [convertasciistorage], eax
  145. mov [convertasciistorage+4], ebx
  146. mov [convertasciistorage+8], ecx
  147. mov ecx, 00000000
  148. mov ebx, eax
  149. mov eax, [ebx-3]
  150. shr eax, 18
  151. call convertbyte
  152. shl eax, 1c
  153. mov ecx, eax
  154.  
  155. mov eax, [ebx-2]
  156. shr eax, 18
  157. call convertbyte
  158. shl eax, 18
  159. add ecx, eax
  160.  
  161. mov eax, [ebx-1]
  162. shr eax, 18
  163. call convertbyte
  164. shl eax, 14
  165. add ecx, eax
  166.  
  167. mov eax, [ebx]
  168. shr eax, 18
  169. call convertbyte
  170. shl eax, 10
  171. add ecx, eax
  172.  
  173. mov eax, [ebx+1]
  174. shr eax, 18
  175. call convertbyte
  176. shl eax, c
  177. add ecx, eax
  178.  
  179. mov eax, [ebx+2]
  180. shr eax, 18
  181. call convertbyte
  182. shl eax, 8
  183. add ecx, eax
  184.  
  185. mov eax, [ebx+3]
  186. shr eax, 18
  187. call convertbyte
  188. shl eax, 4
  189. add ecx, eax
  190.  
  191. mov eax, [ebx+4]
  192. shr eax, 18
  193. call convertbyte
  194. add ecx, eax
  195.  
  196. mov eax, ecx
  197.  
  198. mov ebx, [convertasciistorage+4]
  199. mov ecx, [convertasciistorage+8]
  200. ret
  201.  
  202. vertexcommandstorage:
  203.  
  204. vertexcommand:
  205. mov [vertexcommandstorage], ebx
  206. mov [vertexcommandstorage+4], ecx
  207.  
  208. cmp [eax], 45455246 //FREE
  209. jne addvertexfalse
  210. cmp [eax+4], 4120442d //-D A
  211. jne addvertexfalse
  212. cmp [eax+8], 56204444 //DD V
  213. jne addvertexfalse
  214. cmp [eax+c], 20545245 //ERT
  215. jne addvertexfalse
  216.  
  217. cmp [numberofvertexes], FA0
  218. je addvertexfalse
  219.  
  220. add eax, 10
  221.  
  222. mov [vertexcommandstorage+8], eax
  223.  
  224. call convertascii
  225.  
  226. mov ebx, [vertexstorage]
  227. shl ebx, 2
  228. add ebx, 4
  229. mov [vertexstorage+ebx], eax
  230. shr ebx, 2
  231. mov [vertexstorage], ebx
  232.  
  233. mov eax, [vertexcommandstorage+8]
  234. add eax, 8
  235. mov [vertexcommandstorage+8], eax
  236.  
  237. call convertascii
  238.  
  239. mov ebx, [vertexstorage]
  240. shl ebx, 2
  241. add ebx, 4
  242. mov [vertexstorage+ebx], eax
  243. shr ebx, 2
  244. mov [vertexstorage], ebx
  245.  
  246. mov eax, [vertexcommandstorage+8]
  247. add eax, 8
  248. mov [vertexcommandstorage+8], eax
  249.  
  250. call convertascii
  251.  
  252. mov ebx, [vertexstorage]
  253. shl ebx, 2
  254. add ebx, 4
  255. mov [vertexstorage+ebx], eax
  256. shr ebx, 2
  257. mov [vertexstorage], ebx
  258.  
  259. mov eax, [vertexcommandstorage+8]
  260. add eax, 8
  261. mov [vertexcommandstorage+8], eax
  262.  
  263. call convertascii
  264.  
  265. mov ebx, [vertexstorage]
  266. shl ebx, 2
  267. add ebx, 4
  268. mov [vertexstorage+ebx], eax
  269. shr ebx, 2
  270. mov [vertexstorage], ebx
  271.  
  272. mov eax, [vertexcommandstorage+8]
  273. add eax, 8
  274. mov [vertexcommandstorage+8], eax
  275.  
  276. call convertascii
  277.  
  278. mov ebx, [vertexstorage]
  279. shl ebx, 2
  280. add ebx, 4
  281. mov [vertexstorage+ebx], eax
  282. shr ebx, 2
  283. mov [vertexstorage], ebx
  284.  
  285. mov eax, [vertexcommandstorage+8]
  286. add eax, 8
  287. mov [vertexcommandstorage+8], eax
  288.  
  289. call convertascii
  290.  
  291. mov ebx, [vertexstorage]
  292. shl ebx, 2
  293. add ebx, 4
  294. mov [vertexstorage+ebx], eax
  295. shr ebx, 2
  296. mov [vertexstorage], ebx
  297.  
  298. mov eax, [numberofvertexes]
  299. add eax, 1
  300. mov [numberofvertexes], eax
  301.  
  302. mov eax, 1
  303. ret
  304.  
  305.  
  306. mov eax, 1
  307. ret
  308.  
  309. addvertexfalse:
  310. mov eax,0
  311. ret
  312.  
  313. facecommandstorage:
  314.  
  315. facecommand:
  316. mov [facecommandstorage], ebx
  317. mov [facecommandstorage+4], ecx
  318. cmp [eax], 45455246 //FREE
  319. jne addfacefalse
  320. cmp [eax+4], 4120442d //-D A
  321. jne addfacefalse
  322. cmp [eax+8], 46204444 //DD F
  323. jne addfacefalse
  324. cmp [eax+c], 20454341 //ACE
  325. jne addfacefalse
  326.  
  327. cmp [numberoffaces], 9C4
  328. je addfacefalse
  329.  
  330. add eax, 10
  331.  
  332. mov [facecommandstorage+8], eax
  333.  
  334. call convertascii
  335.  
  336. mov ebx, [facestorage]
  337. shl ebx, 2
  338. add ebx, 4
  339. mov [facestorage+ebx], eax
  340. shr ebx, 2
  341. mov [facestorage], ebx
  342.  
  343. mov eax, [facecommandstorage+8]
  344. add eax, 8
  345. mov [facecommandstorage+8], eax
  346.  
  347. call convertascii
  348.  
  349. mov ebx, [facestorage]
  350. shl ebx, 2
  351. add ebx, 4
  352. mov [facestorage+ebx], eax
  353. shr ebx, 2
  354. mov [facestorage], ebx
  355.  
  356. mov eax, [facecommandstorage+8]
  357. add eax, 8
  358. mov [facecommandstorage+8], eax
  359.  
  360. call convertascii
  361.  
  362. mov ebx, [facestorage]
  363. shl ebx, 2
  364. add ebx, 4
  365. mov [facestorage+ebx], eax
  366. shr ebx, 2
  367. mov [facestorage], ebx
  368.  
  369. mov ebx, [convertasciistorage+4]
  370. mov ecx, [convertasciistorage+8]
  371.  
  372. mov eax, [numberoffaces]
  373. add eax, 1
  374. mov [numberoffaces], eax
  375.  
  376. mov eax, 1
  377. ret
  378.  
  379. addfacefalse:
  380. mov eax,0
  381. ret
  382.  
  383. testcommand:
  384. cmp [eax], 45455246 //FREE
  385. jne testcommandfalse
  386. cmp [eax+4], 5420442d //-D T
  387. jne testcommandfalse
  388. cmp [eax+8], 20545345 //EST
  389. jne testcommandfalse
  390. cmp [eax+c], 4d4d4f43 //COMM
  391. jne testcommandfalse
  392. cmp [eax+10], 414e4420 //AND
  393.  
  394. mov [eax], 57205449 //IT W
  395. mov [eax+4], 454b524f //ORKE
  396. mov [eax+8], 41592044 //D YA
  397. mov [eax+c], 41414141 //AAAA
  398. mov [eax+10], 59414141 //AAAY
  399.  
  400. mov eax,1
  401. ret
  402.  
  403. testcommandfalse:
  404. mov eax, 0
  405. ret
  406.  
  407. setready:
  408. cmp [eax], 45455246 //FREE
  409. jne setreadyfalse
  410. cmp [eax+4], 5320442D //-D S
  411. jne setreadyfalse
  412. cmp [eax+8], 53205445 //ET S
  413. jne setreadyfalse
  414. cmp [eax+C], 54524154 //TART
  415. jne setreadyfalse
  416.  
  417. mov [shouldinject], 1
  418. mov eax, 1
  419. ret
  420. setreadyfalse:
  421. mov eax, 0
  422. ret
  423.  
  424.  
  425. mainmem: //EXECUTED WHEN MEMORY IS ALLOCATED TO A STRING OBJECT, CAN RUN COMMANDS FROM HERE
  426. pushfd
  427. pushad
  428.  
  429.  
  430. mov eax, esi
  431. call testcommand
  432. cmp eax, 1
  433. je cleanup
  434.  
  435. mov eax,esi
  436. call facecommand
  437. cmp eax, 1
  438. je cleanup
  439.  
  440. mov eax,esi
  441. call vertexcommand
  442. cmp eax,1
  443. je cleanup
  444.  
  445. mov eax, esi
  446. call setready
  447. cmp eax,1
  448. je cleanup
  449.  
  450.  
  451. jmp cleanup
  452.  
  453. cleanup:
  454. popad
  455. popfd
  456. cmp eax,[esi]
  457. jne RobloxStudioBeta.exe+A926
  458. add edx,04
  459. jmp returnhere
  460.  
  461. dounion:
  462. cmp [shouldinject], 00000000
  463. je dounionop
  464. mov [stackdata], eax
  465. mov [esp], vertexstorage+4
  466. mov eax, [numberofvertexes]
  467. mov [esp+4], eax
  468. mov [esp+8], facestorage+4
  469. mov eax, [numberoffaces]
  470. mov [esp+c], eax
  471. mov eax, [stackdata]
  472.  
  473. mov [vertexstorage], 00000000
  474. mov [facestorage], 00000000
  475. mov [numberoffaces], 00000000
  476. mov [numberofvertexes], 00000000
  477. mov [shouldinject], 00000000
  478. jmp dounionop
  479.  
  480. dounionop:
  481. call dword ptr [RobloxStudioBeta.exe+BEED24]
  482. jmp returnunion
  483.  
  484. "RobloxStudioBeta.exe"+1F9263:
  485. jmp dounion
  486. nop
  487. returnunion:
  488.  
  489. "RobloxStudioBeta.exe"+A912:
  490. jmp mainmem
  491. nop
  492. nop
  493. returnhere:
  494.  
  495. //injector 8B 55 08 56 8B 75 0C 83 E9 04 72 17 8D 9B 00 00 00 00 8B 02
  496.  
  497. //union 6A 00 51 D1 FA 8B CA C1 E9 1F 03 CA C7 04 24 DB
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!