API tools faq
paste
Advertisement
ChaosHacks

Untitled

ChaosHacks
Oct 3rd, 2020
1,757
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 2.65 KB | None | 0 0
raw download clone embed print report
  1. [ENABLE]
  2.  
  3. aobscanmodule(AiCantDetectYou,CrysisRemastered.exe,74 07 32 C0 E9 0E 01 00 00)
  4. alloc(newmem,$1000,AiCantDetectYou)//"CrysisRemastered.exe"+61A842)
  5. alloc(ActivateEnemiesCantSeeYou,1)
  6.  
  7. registersymbol(AiCantDetectYou ActivateEnemiesCantSeeYou)
  8.  
  9. label(code)
  10. label(return)
  11.  
  12. newmem:
  13. cmp [ActivateEnemiesCantSeeYou],1
  14. jne code
  15.  
  16. AiCantSeeYouOn:
  17. jne AiCantDetectYou+9
  18. //jna CrysisRemastered.exe+61A84B
  19.  
  20. jmp return
  21.  
  22. code:
  23.   je AiCantDetectYou+9
  24.  
  25. jmp return
  26.  
  27. AiCantDetectYou:
  28.   jmp newmem
  29.   nop 4
  30. return:
  31.  
  32. ActivateEnemiesCantSeeYou:
  33. dq 0
  34.  
  35. [DISABLE]
  36.  
  37. AiCantDetectYou:
  38.   db 74 07 32 C0 E9 0E 01 00 00
  39.  
  40. unregistersymbol(AiCantDetectYou ActivateEnemiesCantSeeYou)
  41. dealloc(newmem)
  42. dealloc(ActivateEnemiesCantSeeYou)
  43.  
  44. {
  45. // ORIGINAL CODE - INJECTION POINT: "CrysisRemastered.exe"+61A842
  46.  
  47. "CrysisRemastered.exe"+61A820: 4A 8B 0C 00           -  mov rcx,[rax+r8]
  48. "CrysisRemastered.exe"+61A824: EB 03                 -  jmp CrysisRemastered.exe+61A829
  49. "CrysisRemastered.exe"+61A826: 48 8B CD              -  mov rcx,rbp
  50. "CrysisRemastered.exe"+61A829: 48 85 C9              -  test rcx,rcx
  51. "CrysisRemastered.exe"+61A82C: 48 0F 45 F9           -  cmovne rdi,rcx
  52. "CrysisRemastered.exe"+61A830: 45 84 FF              -  test r15l,r15l
  53. "CrysisRemastered.exe"+61A833: 74 16                 -  je CrysisRemastered.exe+61A84B
  54. "CrysisRemastered.exe"+61A835: 66 83 7F 12 64        -  cmp word ptr [rdi+12],64
  55. "CrysisRemastered.exe"+61A83A: 75 0F                 -  jne CrysisRemastered.exe+61A84B
  56. "CrysisRemastered.exe"+61A83C: 39 2D AE A7 5C 01     -  cmp [CrysisRemastered.exe+1BE4FF0],ebp
  57. // ---------- INJECTING HERE ----------
  58. "CrysisRemastered.exe"+61A842: 74 07                 -  je CrysisRemastered.exe+61A84B
  59. "CrysisRemastered.exe"+61A844: 32 C0                 -  xor al,al
  60. "CrysisRemastered.exe"+61A846: E9 0E 01 00 00        -  jmp CrysisRemastered.exe+61A959
  61. // ---------- DONE INJECTING  ----------
  62. "CrysisRemastered.exe"+61A84B: 49 8B 06              -  mov rax,[r14]
  63. "CrysisRemastered.exe"+61A84E: 49 8B CE              -  mov rcx,r14
  64. "CrysisRemastered.exe"+61A851: FF 90 48 01 00 00     -  call qword ptr [rax+00000148]
  65. "CrysisRemastered.exe"+61A857: 48 8B 17              -  mov rdx,[rdi]
  66. "CrysisRemastered.exe"+61A85A: 48 8B CF              -  mov rcx,rdi
  67. "CrysisRemastered.exe"+61A85D: 0F B6 D8              -  movzx ebx,al
  68. "CrysisRemastered.exe"+61A860: FF 92 48 01 00 00     -  call qword ptr [rdx+00000148]
  69. "CrysisRemastered.exe"+61A866: 48 8B 0D AB AE 5C 01  -  mov rcx,[CrysisRemastered.exe+1BE5718]
  70. "CrysisRemastered.exe"+61A86D: 0F B6 D3              -  movzx edx,bl
  71. "CrysisRemastered.exe"+61A870: 44 0F B6 C0           -  movzx r8d,al
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!