Creating an update.lua for addresses (How??)

You can find tutorials and ask questions about memory editing here. You may also post any game-specific information you find (ie. cheat tables or addresses).
Post Reply
Message
Author
User avatar
MiesterMan
Posts: 543
Joined: Tue Jul 06, 2010 9:15 pm
Location: Between the Second and Third Circles of Hell

Creating an update.lua for addresses (How??)

#1 Post by MiesterMan » Mon May 16, 2011 4:41 pm

Ok, been finding addresses alright but once they put out a patch everything goes to crap. What I've seen is the offsets stay the same but the base addresses change. What do you look for when finding patterns around or in the addresses that contain the pointers you're looking for?

Any tips you have would be great. Right now I'm surviving with pointer scans using known offsets.

User avatar
Administrator
Site Admin
Posts: 5325
Joined: Sat Jan 05, 2008 4:21 pm

Re: Creating an update.lua for addresses (How??)

#2 Post by Administrator » Mon May 16, 2011 7:13 pm

Download OllyDbg. Open up the process, make sure that the executable is selected (as, under 64-bit OSes, it runs through a compatibility layer) and search for a constant (right click in the CPU menu). Search for the static address you've found. Hopefully you will find something. Now, you construct a pattern out of the code in that area.

User avatar
MiesterMan
Posts: 543
Joined: Tue Jul 06, 2010 9:15 pm
Location: Between the Second and Third Circles of Hell

Re: Creating an update.lua for addresses (How??)

#3 Post by MiesterMan » Mon May 16, 2011 11:14 pm

Cool, just to clarify that is from http://www.ollydbg.de/?

User avatar
Administrator
Site Admin
Posts: 5325
Joined: Sat Jan 05, 2008 4:21 pm

Re: Creating an update.lua for addresses (How??)

#4 Post by Administrator » Tue May 17, 2011 5:46 am

That should do it, yeah.

User avatar
lisa
Posts: 8332
Joined: Tue Nov 09, 2010 11:46 pm
Location: Australia

Re: Creating an update.lua for addresses (How??)

#5 Post by lisa » Fri Jun 10, 2011 6:35 am

Administrator wrote:Download OllyDbg. Open up the process, make sure that the executable is selected (as, under 64-bit OSes, it runs through a compatibility layer) and search for a constant (right click in the CPU menu). Search for the static address you've found. Hopefully you will find something. Now, you construct a pattern out of the code in that area.
Ok well I have the first bits no worries but just trying to construct a pattern.
Can't find any options for doing that.
Remember no matter you do in life to always have a little fun while you are at it ;)

wiki here http://www.solarstrike.net/wiki/index.php?title=Manual

User avatar
Administrator
Site Admin
Posts: 5325
Joined: Sat Jan 05, 2008 4:21 pm

Re: Creating an update.lua for addresses (How??)

#6 Post by Administrator » Fri Jun 10, 2011 8:12 pm

There is no option. You do it yourself. First, you should (but don't necessarily need to) have Olly analyze the code (CTRL+A). Find the section you want to construct a pattern for. For example, you'll get something like this:

Code: Select all

0074D530  /$ 51             PUSH ECX
0074D531  |. 8379 0C 00     CMP DWORD PTR DS:[ECX+C],0
0074D535  |. 890C24         MOV DWORD PTR SS:[ESP],ECX
0074D538  |. 0F84 86000000  JE Client.0074D5C4
0074D53E  |. 53             PUSH EBX
0074D53F  |. 55             PUSH EBP
0074D540  |. 8B2D B8F58C00  MOV EBP,DWORD PTR DS:[<&MSVCR80._invalid>;  MSVCR80._invalid_parameter_noinfo
0074D546  |. 56             PUSH ESI
0074D547  |. 8BB1 00010000  MOV ESI,DWORD PTR DS:[ECX+100]
Write out the bytes to form a pattern:
0x51, 0x83, 0x79, 0x0C, 0x00, 0x89, 0x0C, 0x24, 0x0F, 0x84, 0x86, 0x00, 0x00, 0x00, 053...you get the point.

Now form a mask. Just put an 'x' on what you want to match, and '?' for what will change.
"xxx??xxxxx????x"

And that's it.

User avatar
lisa
Posts: 8332
Joined: Tue Nov 09, 2010 11:46 pm
Location: Australia

Re: Creating an update.lua for addresses (How??)

#7 Post by lisa » Fri Jun 10, 2011 11:36 pm

Ahh ok now I understand what you mean, ai also had a look in your update.lua for rombot, made it alot easier to understand =)

I think the trouble I am having is this.
in Olly top left window shows addresses to 008C8FFF
bottom left shows addresses from 00998000 to 00A6FFF0
The addresses I am searching for are after the 008C8FFF so when I do a search in that section I don't get the actual address I get what I guess are pointers that use the address. So the bytes I see arn't for the actual address.

an example would be

actionBarPtr = 0xA09390,
at address 006294FF i get this
8B0D 9093A000 | MOV ECX,DWORD PTR DS:[0A09390]

so would be bytes of
0x8B, 0x0D, 0x90, 0x93, 0xA0, 0x00
mask of
xxxxx?

And doing a search for this after an update wouldn't work as those bytes are made up from the address A0 93 90 just in reverse 90 93 A0 and since the address would have changed then searching for this wouldn't do any good lol

but like I said that's not the actual address, was just showing I knew what you meant with the bytes and mask =)

I think I must be loading file wrong? or have some settings wrong?
Remember no matter you do in life to always have a little fun while you are at it ;)

wiki here http://www.solarstrike.net/wiki/index.php?title=Manual

User avatar
Administrator
Site Admin
Posts: 5325
Joined: Sat Jan 05, 2008 4:21 pm

Re: Creating an update.lua for addresses (How??)

#8 Post by Administrator » Sat Jun 11, 2011 4:54 pm

an example would be

actionBarPtr = 0xA09390,
at address 006294FF i get this
8B0D 9093A000 | MOV ECX,DWORD PTR DS:[0A09390]

so would be bytes of
0x8B, 0x0D, 0x90, 0x93, 0xA0, 0x00
mask of
xxxxx?
Somewhat right. As you've seen, the address is there, but backwards. That's actually normal. I forgot to mention endianness.

Your mask is off. the address (the last 4 bytes) are dynamic; we expect them to change. Since they change, you don't want to match them, and should use the wildcard(?).
That would also be a bad pattern. There's going to be thousands of instances of 0x8B 0x0D in the client. You've got to include additional lines to make sure it will be unique.

User avatar
lisa
Posts: 8332
Joined: Tue Nov 09, 2010 11:46 pm
Location: Australia

Re: Creating an update.lua for addresses (How??)

#9 Post by lisa » Sat Jun 11, 2011 7:41 pm

yeah I figured I would need a longer list of bytes and mask to match, just did the 1 line as an example.

I thought I got the mask right hmm

0x8B, 0x0D, 0x90, 0x93, 0xA0, 0x00
x x x x x ?
5 x and last 1 is ?

I think I should have put quotes

"xxxxx?"
Remember no matter you do in life to always have a little fun while you are at it ;)

wiki here http://www.solarstrike.net/wiki/index.php?title=Manual

User avatar
Administrator
Site Admin
Posts: 5325
Joined: Sat Jan 05, 2008 4:21 pm

Re: Creating an update.lua for addresses (How??)

#10 Post by Administrator » Sun Jun 12, 2011 2:09 am

No. 4 bytes there are dynamic. The address, the information we want, is going to change. That's why we're looking for it. If it never changed, we wouldn't need a pattern. You want "xx????".

User avatar
lisa
Posts: 8332
Joined: Tue Nov 09, 2010 11:46 pm
Location: Australia

Re: Creating an update.lua for addresses (How??)

#11 Post by lisa » Sun Jun 12, 2011 2:52 am

ahh of course =)
Remember no matter you do in life to always have a little fun while you are at it ;)

wiki here http://www.solarstrike.net/wiki/index.php?title=Manual

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests