SHARE
TWEET

ff8 remastered raw file interceptor v1.0 working stable

MaKiPL Sep 30th, 2019 139 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. alloc(newmem,2048)
  2. label(returnhere)
  3. label(originalcode)
  4. label(exit)
  5.  
  6. newmem:
  7. MOV [memBuffer], ECX //this would store the strlen
  8.  
  9. ourstrcpy:
  10. PUSH EAX
  11. PUSH EBX //and EBX- buffer out
  12. PUSH ECX //we need to store this value in stack to restore
  13. PUSH EDX //this too -> our buffer
  14. MOV EBX, memBuffer+4 //we now point to buffer
  15. XOR EAX, EAX
  16.  
  17. ourstrcpy_loop:
  18. TEST ECX, ECX
  19. JZ ourstrcpy_end
  20. //get char to AL
  21. MOV AL, [EDX]
  22. MOV byte ptr [EBX],AL //store AL to EBX
  23. INC EDX //increment their buffer by 1
  24. INC EBX //increment our buffer by 1
  25. DEC ECX //now decrement the strlen size
  26. JMP ourstrcpy_loop
  27.  
  28. ourstrcpy_end:
  29. MOV byte ptr [EBX], 0 //null terminator
  30. //output test //edx=buffer
  31. PUSH memBuffer+4
  32. CALL outputdebugstringa
  33.  
  34. POP EDX
  35. POP ECX
  36. POP EBX
  37. POP EAX
  38.  
  39.  
  40. originalcode:
  41. push ecx
  42. push edx
  43. lea ecx,[ebp-2C]
  44.  
  45. exit:
  46. jmp returnhere
  47.  
  48. memBuffer_a:
  49. memBuffer:
  50. dd 0
  51. dd 0
  52.  
  53. "FFVIII_EFIGS.dll"+15D41EB:
  54. jmp newmem
  55. returnhere:
  56.  
  57.  
  58. /////////////////////////////////Intercept FOPEN
  59. alloc(newmem2,2048)
  60. label(returnhere2)
  61. label(originalcode2)
  62. label(exit2)
  63.  
  64. "FFVIII_EFIGS.dll"+15D4797:
  65. jmp newmem2
  66. NOP
  67. returnhere2:
  68.  
  69.  
  70.  
  71. newmem2:
  72. originalcode2:
  73. push FFVIII_EFIGS.dll+16B57F8
  74. PUSH EDI //this is our location- but we need to tweak it
  75. POP EDI //pop that mf
  76.  
  77. PUSH EAX //character reg
  78. PUSH EBX //dest reg
  79. PUSH ECX //source reg
  80. MOV EBX, memBuffer3_fuckeryOut
  81. MOV ECX, memBuffer+4
  82. strcpy_loop:
  83. MOV AL, [ECX]
  84. TEST AL, AL
  85. JZ strcpy_loop_end
  86. MOV byte ptr [EBX], AL
  87. INC EBX
  88. INC ECX
  89. JMP strcpy_loop
  90.  
  91. strcpy_loop_end:
  92. MOV byte ptr [EBX], 0
  93. POP ECX
  94. POP EBX
  95. POP EAX
  96.  
  97. MOV EDI, memBuffer3
  98. PUSH EDI
  99. JMP exit2
  100.  
  101. exit2:
  102. jmp returnhere2
  103.  
  104. memBuffer3:
  105. db 'FUCKERY\\'
  106. memBuffer3_fuckeryOut:
  107. db 0
  108.  
  109. //always 0 seek size hack
  110. "FFVIII_EFIGS.dll"+15D47D8:
  111. PUSH 0
  112. NOP
  113.  
  114. "FFVIII_EFIGS.dll"+15D4947:
  115. XOR EAX, EAX
  116. NOP
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top