API tools faq
paste
Advertisement
ChaosHacks

Untitled

ChaosHacks
Oct 3rd, 2020
1,588
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 2.62 KB | None | 0 0
raw download clone embed print report
  1. [ENABLE]
  2.  
  3. aobscanmodule(AiCantDetectYou,CrysisRemastered.exe,74 07 32 C0 E9 0E 01 00 00)
  4. alloc(newmem,$1000,AiCantDetectYou)//"CrysisRemastered.exe"+61A842)
  5. alloc(ActivateEnemiesCantSeeYou,1)
  6.  
  7. registersymbol(AiCantDetectYou ActivateEnemiesCantSeeYou)
  8.  
  9. label(code)
  10. label(return)
  11.  
  12. newmem:
  13. cmp [ActivateEnemiesCantSeeYou],1
  14. jne code
  15.  
  16. AiCantSeeYouOn:
  17. jna AiCantDetectYou+23
  18. //jna CrysisRemastered.exe+61A84B
  19. jmp return
  20.  
  21.  
  22. code:
  23.   je AiCantDetectYou+23
  24.  
  25.   jmp return
  26.  
  27. AiCantDetectYou:
  28.   jmp newmem
  29.   nop 4
  30. return:
  31.  
  32.  
  33. [DISABLE]
  34.  
  35. AiCantDetectYou:
  36.   db 74 07 32 C0 E9 0E 01 00 00
  37.  
  38. unregistersymbol(AiCantDetectYou ActivateEnemiesCantSeeYou)
  39. dealloc(newmem)
  40. dealloc(ActivateEnemiesCantSeeYou)
  41.  
  42. {
  43. // ORIGINAL CODE - INJECTION POINT: "CrysisRemastered.exe"+61A842
  44.  
  45. "CrysisRemastered.exe"+61A820: 4A 8B 0C 00           -  mov rcx,[rax+r8]
  46. "CrysisRemastered.exe"+61A824: EB 03                 -  jmp CrysisRemastered.exe+61A829
  47. "CrysisRemastered.exe"+61A826: 48 8B CD              -  mov rcx,rbp
  48. "CrysisRemastered.exe"+61A829: 48 85 C9              -  test rcx,rcx
  49. "CrysisRemastered.exe"+61A82C: 48 0F 45 F9           -  cmovne rdi,rcx
  50. "CrysisRemastered.exe"+61A830: 45 84 FF              -  test r15l,r15l
  51. "CrysisRemastered.exe"+61A833: 74 16                 -  je CrysisRemastered.exe+61A84B
  52. "CrysisRemastered.exe"+61A835: 66 83 7F 12 64        -  cmp word ptr [rdi+12],64
  53. "CrysisRemastered.exe"+61A83A: 75 0F                 -  jne CrysisRemastered.exe+61A84B
  54. "CrysisRemastered.exe"+61A83C: 39 2D AE A7 5C 01     -  cmp [CrysisRemastered.exe+1BE4FF0],ebp
  55. // ---------- INJECTING HERE ----------
  56. "CrysisRemastered.exe"+61A842: 74 07                 -  je CrysisRemastered.exe+61A84B
  57. "CrysisRemastered.exe"+61A844: 32 C0                 -  xor al,al
  58. "CrysisRemastered.exe"+61A846: E9 0E 01 00 00        -  jmp CrysisRemastered.exe+61A959
  59. // ---------- DONE INJECTING  ----------
  60. "CrysisRemastered.exe"+61A84B: 49 8B 06              -  mov rax,[r14]
  61. "CrysisRemastered.exe"+61A84E: 49 8B CE              -  mov rcx,r14
  62. "CrysisRemastered.exe"+61A851: FF 90 48 01 00 00     -  call qword ptr [rax+00000148]
  63. "CrysisRemastered.exe"+61A857: 48 8B 17              -  mov rdx,[rdi]
  64. "CrysisRemastered.exe"+61A85A: 48 8B CF              -  mov rcx,rdi
  65. "CrysisRemastered.exe"+61A85D: 0F B6 D8              -  movzx ebx,al
  66. "CrysisRemastered.exe"+61A860: FF 92 48 01 00 00     -  call qword ptr [rdx+00000148]
  67. "CrysisRemastered.exe"+61A866: 48 8B 0D AB AE 5C 01  -  mov rcx,[CrysisRemastered.exe+1BE5718]
  68. "CrysisRemastered.exe"+61A86D: 0F B6 D3              -  movzx edx,bl
  69. "CrysisRemastered.exe"+61A870: 44 0F B6 C0           -  movzx r8d,al
  70. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!