API tools faq
paste
Advertisement
ChaosHacks

Untitled

ChaosHacks
Oct 3rd, 2020
1,827
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 2.66 KB | None | 0 0
raw download clone embed print report
  1. [ENABLE]
  2.  
  3. aobscanmodule(AiCantDetectYou,CrysisRemastered.exe,74 07 32 C0 E9 0E 01 00 00)
  4. alloc(newmem,$1000,AiCantDetectYou)//"CrysisRemastered.exe"+61A842)
  5. alloc(ActivateEnemiesCantSeeYou,4)
  6.  
  7. registersymbol(AiCantDetectYou ActivateEnemiesCantSeeYou)
  8.  
  9. label(code)
  10. label(return)
  11.  
  12. newmem:
  13. cmp byte ptr [ActivateEnemiesCantSeeYou],1
  14. jne code
  15.  
  16. AiCantSeeYouOn:
  17. jne AiCantDetectYou+9
  18.  
  19. //jna CrysisRemastered.exe+61A84B
  20.  
  21. jmp return
  22.  
  23. code:
  24.   je AiCantDetectYou+9
  25.  
  26.  
  27. jmp return
  28.  
  29. AiCantDetectYou:
  30.   jmp newmem
  31.   nop 4
  32. return:
  33.  
  34. ActivateEnemiesCantSeeYou:
  35. dq 0
  36.  
  37. [DISABLE]
  38.  
  39. AiCantDetectYou:
  40.   db 74 07 32 C0 E9 0E 01 00 00
  41.  
  42. unregistersymbol(AiCantDetectYou ActivateEnemiesCantSeeYou)
  43. dealloc(newmem)
  44. dealloc(ActivateEnemiesCantSeeYou)
  45.  
  46. {
  47. // ORIGINAL CODE - INJECTION POINT: "CrysisRemastered.exe"+61A842
  48.  
  49. "CrysisRemastered.exe"+61A820: 4A 8B 0C 00           -  mov rcx,[rax+r8]
  50. "CrysisRemastered.exe"+61A824: EB 03                 -  jmp CrysisRemastered.exe+61A829
  51. "CrysisRemastered.exe"+61A826: 48 8B CD              -  mov rcx,rbp
  52. "CrysisRemastered.exe"+61A829: 48 85 C9              -  test rcx,rcx
  53. "CrysisRemastered.exe"+61A82C: 48 0F 45 F9           -  cmovne rdi,rcx
  54. "CrysisRemastered.exe"+61A830: 45 84 FF              -  test r15l,r15l
  55. "CrysisRemastered.exe"+61A833: 74 16                 -  je CrysisRemastered.exe+61A84B
  56. "CrysisRemastered.exe"+61A835: 66 83 7F 12 64        -  cmp word ptr [rdi+12],64
  57. "CrysisRemastered.exe"+61A83A: 75 0F                 -  jne CrysisRemastered.exe+61A84B
  58. "CrysisRemastered.exe"+61A83C: 39 2D AE A7 5C 01     -  cmp [CrysisRemastered.exe+1BE4FF0],ebp
  59. // ---------- INJECTING HERE ----------
  60. "CrysisRemastered.exe"+61A842: 74 07                 -  je CrysisRemastered.exe+61A84B
  61. "CrysisRemastered.exe"+61A844: 32 C0                 -  xor al,al
  62. "CrysisRemastered.exe"+61A846: E9 0E 01 00 00        -  jmp CrysisRemastered.exe+61A959
  63. // ---------- DONE INJECTING  ----------
  64. "CrysisRemastered.exe"+61A84B: 49 8B 06              -  mov rax,[r14]
  65. "CrysisRemastered.exe"+61A84E: 49 8B CE              -  mov rcx,r14
  66. "CrysisRemastered.exe"+61A851: FF 90 48 01 00 00     -  call qword ptr [rax+00000148]
  67. "CrysisRemastered.exe"+61A857: 48 8B 17              -  mov rdx,[rdi]
  68. "CrysisRemastered.exe"+61A85A: 48 8B CF              -  mov rcx,rdi
  69. "CrysisRemastered.exe"+61A85D: 0F B6 D8              -  movzx ebx,al
  70. "CrysisRemastered.exe"+61A860: FF 92 48 01 00 00     -  call qword ptr [rdx+00000148]
  71. "CrysisRemastered.exe"+61A866: 48 8B 0D AB AE 5C 01  -  mov rcx,[CrysisRemastered.exe+1BE5718]
  72. "CrysisRemastered.exe"+61A86D: 0F B6 D3              -  movzx edx,bl
  73. "CrysisRemastered.exe"+61A870: 44 0F B6 C0           -  movzx r8d,al
  74. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!