Results 1 to 4 of 4
  1. #1
    .::SCHiM::.'s Avatar
    Join Date
    Sep 2010
    Gender
    male
    Posts
    733
    Reputation
    180
    Thanks
    833
    My Mood
    Twisted

    [Release] & [Request] Signature scanning

    Heya guys,

    I'm active on the EU counterpart of CA and I wondered if you guys could give me some signature bytes that you know are also compatible with the EU version of ca.

    In exchange I'll post an signature scanning module coded in assembler:
    The code is also ported to C++, I don't know if it works there because C++ is a bitch to debug when using mixed code...

    Assembler version:

    Tested and working
    Compile with: Masm v10.0, use makeit.bat


    Code:
    ; いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    include \masm32\include\masm32rt.inc
    ; いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
        ; -------------------------------------------
        ; Build this DLL with the provided MAKEIT.BAT
        ; -------------------------------------------
    
    
    ; CheckMark made by SCHiM
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;
    ;                       Thou shallt not l33ch, only learn 
    ;                       
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲  
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲        
    ;                              ▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲     
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲ CHiM
    ;
    ;
    ;Made by: SCHiM
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    Main PROTO
    CheckMark PROTO
    
          .data?
            hInstance dd ?
    
    
    .data
    
    GoodTxt db "Address found!",0
    Errortxt db "Address not found",0
    capt db "SCHiM",0
    
    Mark db 8Bh,0C0h,8Bh,0D8h,33h,0D9h
    StartOfSearch dd 0401000h
    EndOfSearch dd 040102Ch
    
          .code
    
    DllMain:
    DllEntry proc hInst:DWORD, reason:DWORD, reserved1:DWORD
       .if reason==DLL_PROCESS_ATTACH  ; When the dll is loaded
          push hInst
          pop hInstance
          invoke CreateThread, 0, 0, offset Main, 0, 0 ,0
        .endif
       mov eax,TRUE
       ret 
    DllEntry endp
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;Check mark PROC
    ;Expects:
    ;ptr to address to start = ebx
    ;ptr to address to stop  = edx
    ;ptr to buffer = eax
    ;size of buffer = ecx
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    CheckMark proc
    
    xor esi, esi
    push ebx
    sub edx, ebx
    pop ebx
    dec ecx
    
       
    @0:
    push eax    
    
    mov al, byte ptr[eax]
    cmp al, byte ptr[ebx+esi]
        je FirstContact
    
    pop eax
    
    inc esi
    
    cmp edx, esi
        jne @0
        mov eax, 0h
        ret
        
    FirstContact:
    
    pop eax
    push esi
    push ebx
    add ebx, esi
    mov esi, 1
    
    
    @1:
    push eax
    
    mov al, byte ptr[eax+esi]
    cmp al, byte ptr[ebx+esi]
        jne NoMatchYet
        
    pop eax
    
    cmp esi, ecx
        je Match
    
    inc esi
    jmp @1
    
    NoMatchYet:
        pop eax
        pop ebx
        pop esi
        inc esi
        jmp @0
    
    Match:
      pop ebx
      pop esi
      add ebx, esi
      mov eax, ebx
      ret
    
    
    
    
    CheckMark endp
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;Check mark PROC
    ;Expects:
    ;ptr to address to start = ebx
    ;ptr to address to stop  = edx
    ;ptr to buffer = eax
    ;size of buffer = ecx
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    Main proc
    
    lea eax, Mark
    mov ebx, StartOfSearch
    mov edx, EndOfSearch
    mov ecx, 6d
    call CheckMark
         cmp eax, 0h 
         je Error
    
    invoke MessageBox, 0, addr GoodTxt, addr capt, MB_OK
    
    ret
    Error:
    
    invoke MessageBox, 0, addr Errortxt, addr capt, MB_OK
    ret
    Main endp
    
    
    end DllMain
    MAKEIT.BAT:
    Tested and working
    Needed: Masm v10.0


    Code:
    @echo off
    if exist FileSearch.obj del FileSearch.obj
    if exist FileSearch.dll del FileSearch.dll
    \masm32\bin\ml /c /coff FileSearch.asm
    \masm32\bin\Link /SUBSYSTEM:WINDOWS /DLL /DEF:FileSearch.def FileSearch.obj 
    del FileSearch.obj
    del FileSearch.exp
    dir FileSearch.*
    pause
    C++ version:
    Not tested, does compile
    Compiles on: VC++ 6.0 ~ Win server 2008 r2
    Needed: VC++ 6.0

    Code:
    #include <iostream>
    #include <windows.h>
    
    DWORD CheckMark(){
    	DWORD AddressOfMark = 0;
    	__asm{
    /**************************************************************************
    
    		CheckMark, made by SCHiM
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;Check mark PROC
    ;Expects:
    ;ptr to address to start = ebx
    ;ptr to address to stop  = edx
    ;ptr to buffer = eax
    ;size of buffer = ecx
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ; 
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????  
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????        
    ;                              ???????
    ;                      ???????????????
    ;                      ???????????????
    ;                      ???????????????     
    ;                      ??????????????? CHiM
    ;Made by: SCHiM
    **************************************************************************/
    xor esi, esi
    push ebx
    sub edx, ebx
    pop ebx
    dec ecx
    
       
    Label00:
    push eax    
    
    mov al, byte ptr[eax]
    cmp al, byte ptr[ebx+esi]
        je FirstContact
    
    pop eax
    
    inc esi
    
    cmp edx, esi
        jne Label00
        mov eax, 0h
        jmp OutLoop
        
    FirstContact:
    
    pop eax
    push esi
    push ebx
    add ebx, esi
    mov esi, 1
    
    
    Label01:
    push eax
    
    mov al, byte ptr[eax+esi]
    cmp al, byte ptr[ebx+esi]
        jne NoMatchYet
        
    pop eax
    
    cmp esi, ecx
        je Match
    
    inc esi
    jmp Label01
    
    NoMatchYet:
        pop eax
        pop ebx
        pop esi
        inc esi
        jmp Label00
    
    Match:
      pop ebx
      pop esi
      add ebx, esi
      mov eax, ebx
      jmp OutLoop
    
    OutLoop:
      lea ebx, AddressOfMark
      mov [ebx], eax 
    
    	}
    
    
      return AddressOfMark;
    }
    
    int anyfunction(){
    
    	/* 
    	example call: 
    	*/
    
    unsigned char Mark[4] = { 0x00, 0xEF, 0x11, 0x31 };
    
    __asm{
    mov ebx, 0x1010101	// Address to start = 0xaddres
    mov edx, 0x2222222	// Address to stop = 0xaddress
    lea eax, Mark				// Buffer to compare to = *buffer
    mov ecx, 4	// int size = sizeof(Mark) = 4
    }
    DWORD MyAddy = CheckMark();
    
    return 0;
    }
    Prototype:

    Code:
    Input:
    
    eax = Buffer with the bytes to search for
    ebx = ptr to address to start
    edx = ptr to address to stop
    ecx = size of buffer
    
    Return:
    
    eax = address or 0 on error
    -SCHiM

    Thanks for the signatures

    Edit:
    Working sample code:

    Code:
    ; いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    include \masm32\include\masm32rt.inc
    ; いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
        ; -------------------------------------------
        ; Build this DLL with the provided MAKEIT.BAT
        ; -------------------------------------------
    
    
    
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;
    ;                       Thou shallt not l33ch, only learn 
    ;                       
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲  
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲        
    ;                              ▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲     
    ;                      ▲▲▲▲▲▲▲▲▲▲▲▲▲▲▲ CHiM
    ;
    ;
    ;Made by: SCHiM
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    Main PROTO
    CheckMark PROTO
    
          .data?
            hInstance dd ?
    
    
    .data
    
    GoodTxt db "Address found!",0
    Errortxt db "Address not found",0
    capt db "SCHiM",0
    
    hModule db "Engine.exe",0
    Mark db 6Ah, 01h, 6Ah, 07h, 8Bh, 95h
    EndOfSearch dd 74E000h
    
    GlassWalls dd 0h
    GlassWallsBuff db 06Ah, 0h
    
          .code
    
    DllMain:
    DllEntry proc hInst:DWORD, reason:DWORD, reserved1:DWORD
       .if reason==DLL_PROCESS_ATTACH  ; When the dll is loaded
          push hInst
          pop hInstance
          invoke CreateThread, 0, 0, offset Main, 0, 0 ,0
        .endif
       mov eax,TRUE
       ret 
    DllEntry endp
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;Check mark PROC
    ;Expects:
    ;ptr to address to start = ebx
    ;ptr to address to stop  = edx
    ;ptr to buffer = eax
    ;size of buffer = ecx
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    CheckMark proc
    
    xor esi, esi
    push ebx
    sub edx, ebx
    pop ebx
    dec ecx
    
       
    @0:
    push eax    
    
    mov al, byte ptr[eax]
    cmp al, byte ptr[ebx+esi]
        je FirstContact
    
    pop eax
    
    inc esi
    
    cmp edx, esi
        jne @0
        mov eax, 0h
        ret
        
    FirstContact:
    
    pop eax
    push esi
    push ebx
    add ebx, esi
    mov esi, 1
    
    
    @1:
    push eax
    
    mov al, byte ptr[eax+esi]
    cmp al, byte ptr[ebx+esi]
        jne NoMatchYet
        
    pop eax
    
    cmp esi, ecx
        je Match
    
    inc esi
    jmp @1
    
    NoMatchYet:
        pop eax
        pop ebx
        pop esi
        inc esi
        jmp @0
    
    Match:
      pop ebx
      pop esi
      add ebx, esi
      mov eax, ebx
      ret
    
    
    
    
    CheckMark endp
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;Check mark PROC
    ;Expects:
    ;ptr to address to start = ebx
    ;ptr to address to stop  = edx
    ;ptr to buffer = eax
    ;size of buffer = ecx
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;ExtData PROC
    ;Expects:
    ;eax = address to move to
    ;ebx = size to move
    ;edx = addres to the buffer to exchange
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    ExtData proc
    
    xor esi, esi
    
    @2:
    
    push eax
    push edx
    
    push ecx
    push ebp
    
    mov ecx, eax
    mov ebp, edx
    
    mov al, byte ptr[eax + esi]
    mov dl, byte ptr[edx + esi]
    
    XCHG al, dl
    
    mov byte ptr[ecx + esi], al
    mov byte ptr[ebp + esi], dl
    
    pop ebp
    pop ecx
    
    pop edx
    pop eax
    
    inc esi
    cmp esi, ebx
        jne @2
    ret
    ExtData endp
    
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    ;ExtData PUBLIC
    ;Expects:
    ;eax = address to move to
    ;ebx = size to move
    ;edx = addres to the buffer to exchange
    ;いいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいいい
    
    
    Main proc
    
    invoke GetModuleHandle, addr hModule            ;get our start address 
           mov ebx, eax
    
    lea eax, Mark
    mov edx, EndOfSearch
    mov ecx, 6d
    call CheckMark
         cmp eax, 0h 
         je Error
         mov GlassWalls, eax                        ; find the address to patch
    
    
         
    Mainloop:
    invoke Sleep, 100d
    
      invoke GetAsyncKeyState, VK_INSERT                ;wait for signal
             cmp eax, 0
             jne Hack
            
    
    jmp Mainloop
        Hack:
    
    mov eax, [GlassWalls]
    mov ebx, 2
    lea edx, GlassWallsBuff 
    call ExtData                                    ;patch and exhange
    
    jmp Mainloop
    
    ret
    Error:
    
    invoke MessageBox, 0, addr Errortxt, addr capt, MB_OK
    ret
    Main endp
    
    
    end DllMain
    Last edited by .::SCHiM::.; 01-10-2011 at 02:31 PM.

    I'm SCHiM

    Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.

    Polymorphic engine
    Interprocess callback class
    SIN
    Infinite-precision arithmetic
    Hooking dynamic linkage
    (sloppy)Kernel mode Disassembler!!!

    Semi debugger




  2. #2
    GodHack2's Avatar
    Join Date
    May 2010
    Gender
    male
    Posts
    645
    Reputation
    38
    Thanks
    762
    My Mood
    Amused
    http://www.mpgh.net/forum/207-combat...13-2010-a.html

    some of them needs to be updated like the no recoil but the rest will work





    beat this bitches ^^^^^^^

    Current Stats : Bored :/


    Respect list :
    Crash !
    Gordon'
    Markoj

  3. #3
    Velocity's Avatar
    Join Date
    Jan 2010
    Gender
    male
    Location
    MPGHCRAFT
    Posts
    4,380
    Reputation
    106
    Thanks
    749
    i know nothing about coding. but arent the codes different?

  4. #4
    .::SCHiM::.'s Avatar
    Join Date
    Sep 2010
    Gender
    male
    Posts
    733
    Reputation
    180
    Thanks
    833
    My Mood
    Twisted
    Quote Originally Posted by <Gunnez360> View Post
    i know nothing about coding. but arent the codes different?
    You mean the VC++ and the assembler? you betcha, those are different languages

    @GodHack2

    Thanks for you reply, I'm going to use those & the search button in the future for sure

    I'm SCHiM

    Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.

    Polymorphic engine
    Interprocess callback class
    SIN
    Infinite-precision arithmetic
    Hooking dynamic linkage
    (sloppy)Kernel mode Disassembler!!!

    Semi debugger