Re: Devil Slayer – Raksasi
Posted: Sun Nov 17, 2019 2:37 pm
Same problem . waitting for the good news coming.
Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/
Code: Select all
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
define(xorval,4256EF89)
TypeName:
db 'Xor Custom',0
ByteSize:
dd 4
//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: stdcall int ConvertRoutine(unsigned char *input);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
mov eax,[rcx] //eax now contains the bytes 'input' pointed to
xor eax,xorval
ret
[/64-bit]
[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//example:
push ebx
mov ebx,[ebp+8] //place the address that contains the bytes into eax
mov eax,[ebx] //place the bytes into eax so it's handled as a normal 4 byte value
xor eax,xorval
pop ebx
pop ebp
ret 4
[/32-bit]
//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address of output
//example:
xor ecx,xorval
mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
ret
[/64-bit]
[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx
xor eax,xorval
mov [ebx],eax //write the value into the address
pop ebx
pop eax
pop ebp
ret 8
[/32-bit]
Cake-san wrote: ↑Tue Nov 19, 2019 5:49 pmGG
Xor Custom type (Auto Assembler)Code: Select all
alloc(TypeName,256) alloc(ByteSize,4) alloc(ConvertRoutine,1024) alloc(ConvertBackRoutine,1024) define(xorval,4256EF89) TypeName: db 'Xor Custom',0 ByteSize: dd 4 //The convert routine should hold a routine that converts the data to an integer (in eax) //function declared as: stdcall int ConvertRoutine(unsigned char *input); //Note: Keep in mind that this routine can be called by multiple threads at the same time. ConvertRoutine: //jmp dllname.functionname [64-bit] //or manual: //parameters: (64-bit) //rcx=address of input mov eax,[rcx] //eax now contains the bytes 'input' pointed to xor eax,xorval ret [/64-bit] [32-bit] //jmp dllname.functionname //or manual: //parameters: (32-bit) push ebp mov ebp,esp //[ebp+8]=input //example: push ebx mov ebx,[ebp+8] //place the address that contains the bytes into eax mov eax,[ebx] //place the bytes into eax so it's handled as a normal 4 byte value xor eax,xorval pop ebx pop ebp ret 4 [/32-bit] //The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value) //function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output); ConvertBackRoutine: //jmp dllname.functionname //or manual: [64-bit] //parameters: (64-bit) //ecx=input //rdx=address of output //example: xor ecx,xorval mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx ret [/64-bit] [32-bit] //parameters: (32-bit) push ebp mov ebp,esp //[ebp+8]=input //[ebp+c]=address of output //example: push eax push ebx mov eax,[ebp+8] //load the value into eax mov ebx,[ebp+c] //load the address into ebx xor eax,xorval mov [ebx],eax //write the value into the address pop ebx pop eax pop ebp ret 8 [/32-bit]