bang numpang beljar jg neh, :sweet:
btw fungsi FindPattern sndiri apa aja yah?
btw fungsi FindPattern sndiri apa aja yah?
-
Silahkan bergabung dengan chat kami di Telegram group kami di N3Forum - https://t.me/n3forum
-
Welcome to the Nyit-Nyit.Net - N3 forum! This is a forum where offline-online gamers, programmers and reverser community can share, learn, communicate and interact, offer services, sell and buy game mods, hacks, cracks and cheats related, including for iOS and Android.
If you're a pro-gamer or a programmer or a reverser, we would like to invite you to Sign Up and Log In on our website. Make sure to read the rules and abide by it, to ensure a fair and enjoyable user experience for everyone.N3 [C++] Membuat Address Logger
- Thread starter rcd
- Start date
Pada waktu tekan hotkey = langsung DC game nya...Code:#include <fstream> #include <Windows.h> #include <stdio.h> LPTSTR dwModule = "Audition.exe"; DWORD dwStartAddress, ResultAOB =0; void MEMwrite(void *adr, void *ptr, int size) { DWORD OldProtection; VirtualProtect(adr,size,PAGE_EXECUTE_READWRITE, &OldProtection); memcpy(adr,ptr,size); VirtualProtect(adr,size,OldProtection, &OldProtection); } bool Match(const BYTE* pData, const BYTE* bMask, const char* szMask){ for(;*szMask;++szMask,++pData,++bMask) if(*szMask=='x' && *pData!=*bMask ) return false; return (*szMask) == NULL; } DWORD Pattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask){ for(DWORD i=0; i < dwLen; i++) if( Match( (BYTE*)( dwAddress+i ),bMask,szMask) ) return (DWORD)(dwAddress+i); return 0; } int __stdcall PFON(void){ dwStartAddress = 0x400000; do { dwStartAddress = (DWORD)GetModuleHandle(dwModule); Sleep(50); }while(!dwStartAddress); DWORD dwSize = 0x500000; DWORD PFNORMAL = Pattern(dwStartAddress,dwSize,(PBYTE)"\x7D\x3F\x33\x33\x73\x3F\x9A\x99","xxxxxx"); DWORD GetADR = PFNORMAL - dwStartAddress; MEMwrite((void*)GetADR, (PBYTE)"\x00",1 ); return 0; } DWORD WINAPI Loopely(LPVOID param){ while(1){ if(GetAsyncKeyState(VK_F3)&1){ PFON(); MessageBeep(MB_ICONINFORMATION); } Sleep(50); } return 0; } BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved ) { if (dwReason == DLL_PROCESS_ATTACH) { DisableThreadLibraryCalls(hDll); if(dwReason == DLL_PROCESS_ATTACH){ MessageBeep(MB_ICONINFORMATION); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)Loopely, 0, 0, 0); } else if(dwReason == DLL_PROCESS_DETACH) { } } return TRUE; }
pencerahan gan.
cba ini om
Code:#include <fstream> #include <Windows.h> #include <stdio.h> LPTSTR dwModule = "Audition.exe"; DWORD dwStartAddress, ResultAOB =0; void MEMwrite(void *adr, void *ptr, int size) { DWORD OldProtection; VirtualProtect(adr,size,PAGE_EXECUTE_READWRITE, &OldProtection); memcpy(adr,ptr,size); VirtualProtect(adr,size,OldProtection, &OldProtection); } bool Match(const BYTE* pData, const BYTE* bMask, const char* szMask){ for(;*szMask;++szMask,++pData,++bMask) if(*szMask=='x' && *pData!=*bMask ) return false; return (*szMask) == NULL; } DWORD Pattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask){ for(DWORD i=0; i < dwLen; i++) if( Match( (BYTE*)( dwAddress+i ),bMask,szMask) ) return (DWORD)(dwAddress+i); return 0; } DWORD WINAPI Loopely(LPVOID param){ DWORD PFNORMAL = Pattern(0x400000,0x500000,(PBYTE)"\x7D\x3F\x33\x33\x73\x3F\x9A\x99","xxxxxx"); while(1){ if(GetAsyncKeyState(VK_F3)&1){ MEMwrite((void*)PFNORMAL, (PBYTE)"\x00",1 ); MessageBeep(MB_ICONINFORMATION); } Sleep(50); } return 0; } BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved ) { if (dwReason == DLL_PROCESS_ATTACH) { DisableThreadLibraryCalls(hDll); if(dwReason == DLL_PROCESS_ATTACH){ MessageBeep(MB_ICONINFORMATION); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)Loopely, 0, 0, 0); } else if(dwReason == DLL_PROCESS_DETACH) { } } return TRUE; }
Pasti ada yang salah.
1. dwSize melebihi besar size target coba aja ganti ke 0x80000
2. Hasil pattern yang salah sehingga menyebabkan logging mengembalikan nilai 0x0 dan ente menggunakan memwrite hasil logging (0x0) maka terjadilah crash
3. Invalid Address pada patching
kalo menurut wa yg salah ada pada jumlah mask nya,
harusnya 'x' nya 8 bukan 6, karena jumlah AOB nya jga ada 8,
coba ubah menjadi :
DWORD PFNORMAL = Pattern(dwStartAddress,dwSize,(PBYTE)"\x7D\x3F\x33\x33\x73\x3F\x9A\x99","xxxxxxxx");[/IMG]
kalo kaya gini yang static yang mana spasi semuakalau mau membuat Address Logger di game PB gimana yah ???
kok saya masih bingung dengna OllyDbg ???
mohon solusinya om
Cukup simple dan mudah di pelajari, sangat membantu sekali untuk menemukan Address yang ingin kita carigak ada update :'v ? sigmaker support gak ya buat 64 bit ? #level1nya masih prosses :'v
Open File apa di Olly nyagan mau tanya dong ini FindPattern gimana yah ??
0075E9C4 6A 00 PUSH 0
0075E9C6 8B0D 7C6DD800 MOV ECX,DWORD PTR DS:[D86D7C]
0075E9CC E8 9F1E0200 CALL 00780870
0075E9D1 6A 0C PUSH 0C
CALL 00780870
yang di panggil itu om 0x780870
