API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 24th, 2016
231
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.38 KB | None | 0 0
raw download clone embed print report
  1. [ENABLE]
  2. //code from here to '[DISABLE]' will be used to enable the cheat
  3. aobscanmodule(StringReadCall,DDDA.exe,8B 44 24 04 39 81 80 00 00 00)
  4. registersymbol(StringReadCall)
  5. aobscanmodule(highlightedItemIDReadAOB,DDDA.exe,8B F0 0F BF 47 10 85 C0 78)
  6. registersymbol(highlightedItemIDReadAOB)
  7. aobscanmodule(highlightedItemStringReadAOB,DDDA.exe,85 C9 74 07 52 57 E8 ** ** ** ** 8B C3)
  8. registersymbol(highlightedItemStringReadAOB)
  9. aobscanmodule(highlightedEquipmentStringReadAOB,DDDA.exe,8B ** ** ** ** ** ** 85 C9 74 07 56 52 E8)
  10. registersymbol(highlightedEquipmentStringReadAOB)
  11. aobscanmodule(highlightedItemWeightAOB,DDDA.exe,F3 0F 10 40 44 83 FE 06)
  12. registersymbol(highlightedItemWeightAOB)
  13. aobscanmodule(highlightedItemStringReadInSotrageAOB,DDDA.exe,85 C9 74 07 52 57 E8 ** ** ** ** 8B ** ** ** ** ** ** ** ** 08 ** ** 78 01 00 00)
  14. registersymbol(highlightedItemStringReadInSotrageAOB)
  15.  
  16. ///
  17.  
  18. label(pHighlightedItem)
  19. registersymbol(pHighlightedItem)
  20. label(pSomeBase2)
  21. registersymbol(pSomeBase2)
  22. label(pSomeBase3)
  23. registersymbol(pSomeBase3)
  24.  
  25. label(pHighlightedItemName)
  26. registersymbol(pHighlightedItemName)
  27.  
  28. label(pHighlightedItemWeight)
  29. registersymbol(pHighlightedItemWeight)
  30.  
  31. ///
  32.  
  33. alloc(newmem,2048)
  34. label(returnhere)
  35. label(originalcode)
  36. label(exit)
  37.  
  38. newmem: //this is allocated memory, you have read,write,execute access
  39. //place your code here
  40. mov [pHighlightedItem],edi
  41. mov eax,[esp+1c]
  42. mov [pSomeBase2],eax
  43. /*test ebp,ebp
  44. jz @f
  45. cmp ebp,01000000
  46. jbe @f
  47. mov [pSomeBase3],ebp*/
  48.  
  49. @@:
  50. mov eax,[esp+14]
  51. pushad
  52. /*test eax,eax
  53. jz originalcode
  54. mov ecx,[eax+9ac]
  55. test ecx,ecx
  56. jz originalcode
  57. movzx eax,word ptr [edi+10]
  58. push eax
  59. call StringReadCall
  60. mov [pHighlightedItemName],eax*/
  61.  
  62. originalcode:
  63. popad
  64. movsx eax,word ptr [edi+10]
  65. test eax,eax
  66.  
  67. exit:
  68. jmp returnhere
  69.  
  70. ///
  71. pHighlightedItem:
  72. dd 0
  73. pSomeBase2:
  74. dd 0
  75. pSomeBase3:
  76. dd 0
  77. ///
  78.  
  79. alloc(newmem2,2048)
  80. label(returnhere2)
  81. label(originalcode2)
  82. label(exit2)
  83.  
  84. newmem2: //this is allocated memory, you have read,write,execute access
  85. //place your code here
  86. test ecx,ecx
  87. je highlightedItemStringReadAOB+b //DDDA.exe+26908C
  88. pushad
  89. push eax
  90. call StringReadCall
  91. mov [pHighlightedItemName],eax
  92.  
  93. originalcode2:
  94. popad
  95. //test ecx,ecx
  96. //je highlightedItemStringReadAOB+b //DDDA.exe+26908C
  97. push edx
  98.  
  99. exit2:
  100. jmp returnhere2
  101.  
  102. ///
  103. pHighlightedItemName:
  104. dd 0
  105. dd 0
  106. dd 0
  107. dd 0
  108. dd 0
  109. ///
  110.  
  111. alloc(newmem3,2048)
  112. label(returnhere3)
  113. label(originalcode3)
  114. label(exit3)
  115.  
  116. newmem3: //this is allocated memory, you have read,write,execute access
  117. //place your code here
  118. test ecx,ecx
  119. je highlightedEquipmentStringReadAOB+12 //DDDA.exe+248464
  120. pushad
  121. push eax
  122. call StringReadCall
  123. mov [pHighlightedItemName],eax
  124.  
  125. originalcode3:
  126. popad
  127. //test ecx,ecx
  128. //je highlightedEquipmentStringReadAOB+12 //DDDA.exe+248464
  129. push esi
  130.  
  131. exit3:
  132. jmp returnhere3
  133.  
  134. ///
  135.  
  136. alloc(newmem4,2048)
  137. label(returnhere4)
  138. label(originalcode4)
  139. label(exit4)
  140.  
  141. newmem4: //this is allocated memory, you have read,write,execute access
  142. //place your code here
  143. mov [pHighlightedItemWeight],eax
  144.  
  145. originalcode4:
  146. movss xmm0,[eax+44]
  147.  
  148. exit4:
  149. jmp returnhere4
  150.  
  151. ///
  152. pHighlightedItemWeight:
  153. dd 0
  154. ///
  155.  
  156. alloc(newmem5,2048)
  157. label(returnhere5)
  158. label(originalcode5)
  159. label(exit5)
  160.  
  161. newmem5: //this is allocated memory, you have read,write,execute access
  162. //place your code here
  163. test ecx,ecx
  164. je highlightedItemStringReadInSotrageAOB+b //DDDA.exe+3208D8
  165. pushad
  166. push eax
  167. call StringReadCall
  168. mov [pHighlightedItemName],eax
  169.  
  170. originalcode5:
  171. popad
  172. //test ecx,ecx
  173. //je highlightedItemStringReadInSotrageAOB+b //DDDA.exe+3208D8
  174. push edx
  175.  
  176. exit5:
  177. jmp returnhere5
  178.  
  179. ///
  180.  
  181. highlightedItemIDReadAOB+2: //"DDDA.exe"+5937F:
  182. jmp newmem
  183. nop
  184. returnhere:
  185.  
  186. highlightedItemStringReadAOB: //"DDDA.exe"+269081:
  187. jmp newmem2
  188. returnhere2:
  189.  
  190. highlightedEquipmentStringReadAOB+7: //"DDDA.exe"+248459:
  191. jmp newmem3
  192. returnhere3:
  193.  
  194. highlightedItemWeightAOB: //"DDDA.exe"+593AA:
  195. jmp newmem4
  196. returnhere4:
  197.  
  198. highlightedItemStringReadInSotrageAOB: //"DDDA.exe"+3208CD:
  199. jmp newmem5
  200. returnhere5:
  201.  
  202.  
  203.  
  204.  
  205. [DISABLE]
  206. //code from here till the end of the code will be used to disable the cheat
  207. unregistersymbol(StringReadCall)
  208. dealloc(newmem)
  209. highlightedItemIDReadAOB+2: //"DDDA.exe"+5937F:
  210. db 0F BF 47 10 85 C0
  211. //Alt: movsx eax,word ptr [edi+10]
  212. //Alt: test eax,eax
  213. unregistersymbol(highlightedItemIDReadAOB)
  214. dealloc(newmem2)
  215. highlightedItemStringReadAOB: //"DDDA.exe"+269081:
  216. db 85 C9 74 07 52
  217. //Alt: test ecx,ecx
  218. //Alt: je highlightedItemStringReadAOB+b //DDDA.exe+26908C
  219. //Alt: push edx
  220. unregistersymbol(highlightedItemStringReadAOB)
  221. dealloc(newmem3)
  222. highlightedEquipmentStringReadAOB+7: //"DDDA.exe"+248459:
  223. db 85 C9 74 07 56
  224. //Alt: test ecx,ecx
  225. //Alt: je highlightedEquipmentStringReadAOB+12 //DDDA.exe+248464
  226. //Alt: push esi
  227. unregistersymbol(highlightedEquipmentStringReadAOB)
  228. dealloc(newmem4)
  229. highlightedItemWeightAOB: //"DDDA.exe"+593AA:
  230. db F3 0F 10 40 44
  231. //Alt: movss xmm0,[eax+44]
  232. unregistersymbol(highlightedItemWeightAOB)
  233. dealloc(newmem5)
  234. highlightedItemStringReadInSotrageAOB: //"DDDA.exe"+3208CD:
  235. db 85 C9 74 07 52
  236. //Alt: test ecx,ecx
  237. //Alt: je highlightedItemStringReadInSotrageAOB+b //DDDA.exe+3208D8
  238. //Alt: push edx
  239. unregistersymbol(highlightedItemStringReadInSotrageAOB)
  240.  
  241. ///
  242.  
  243. unregistersymbol(pHighlightedItem)
  244. unregistersymbol(pSomeBase2)
  245. unregistersymbol(pSomeBase3)
  246.  
  247. unregistersymbol(pHighlightedItemName)
  248.  
  249. unregistersymbol(pHighlightedItemWeight)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!