Results 1 to 3 of 3
  1. 05-12-2018 #1
    CaET
    CaET is offline
    Novice
    MPGH Member
    CaET's Avatar
    Join Date
    Sep 2013
    Gender
    male
    Posts
    71
    Reputation
    10
    Thanks
    698
    Send a message via Birdie™ to CaET Brazil

    Unhappy Pattern Scan Fail :c

    Eu consigo usar uma array no C.E normalmente:

    https://i.imgur.com/8Naa5XB.png

    ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? DB 0F 49 40 35 FA 8E 3C ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? DB 0F C9

    \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x DB\x0F\x49\x40\x35\xFA\x8E\x3C\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\xDB\x0F\xC9

    ????????????xxxxxxxx????????????????????xxx

    https://i.imgur.com/dtZSGCq.png


    Code:
    const bool bDataCompare(const BYTE *pData, const BYTE *bMask, const char *szMask)
{
	for (; *szMask; ++szMask, ++pData, ++bMask)
		if (*szMask == 'x' && *pData != *bMask)
			return 0;
	return (*szMask) == NULL;
}

DWORD FindPattern(DWORD dwModule, DWORD dwLen, BYTE *bMask, char *szMask)
{
	for (DWORD i = 0; i < dwLen; i++)
		if (bDataCompare((BYTE *)(dwModule + i), bMask, szMask))
			return (DWORD)(dwModule + i);
	return 0;
}

    Code:
    #define WEAPONMGR_PATTERN "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xDB\x0F\x49\x40\x35\xFA\x8E\x3C\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xDB\x0F\xC9"

#define WEAPONMGR_MASK "????????????xxxxxxxx????????????????????xxx"

ADDR_WEAPONMGR =
		FindPattern((DWORD)GetModuleHandleA("CShell.dll"), 0xFFFFFF,
		(PBYTE)WEAPONMGR_PATTERN, (char *)WEAPONMGR_MASK);

	char szMyDword2[10];
	sprintf(szMyDword2, "0x%08x", ADDR_WEAPONMGR);



	MessageBox(0, szMyDword2, TEXT("weapon mgr"), MB_OK);

    Alguém sabe o que ta de errado? e são várias AoB's que funcionam no C.E mas na DLL não =/

    Obrigado desde já \õ

    Reply With Quote Reply With Quote
  2. 05-13-2018 #2
    vaisefud3
    vaisefud3 is offline
    Bobo's Trainer
    MPGH Member
    vaisefud3's Avatar
    Join Date
    Jun 2017
    Gender
    male
    Posts
    955
    Reputation
    10
    Thanks
    150
    My Mood
    Bored
    Send a message via Birdie™ to vaisefud3 Brazil
    Quote Originally Posted by CaET View Post
    Eu consigo usar uma array no C.E normalmente:

    https://i.imgur.com/8Naa5XB.png

    ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? DB 0F 49 40 35 FA 8E 3C ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? DB 0F C9

    \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x DB\x0F\x49\x40\x35\xFA\x8E\x3C\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\xDB\x0F\xC9

    ????????????xxxxxxxx????????????????????xxx

    https://i.imgur.com/dtZSGCq.png


    Code:
    const bool bDataCompare(const BYTE *pData, const BYTE *bMask, const char *szMask)
{
	for (; *szMask; ++szMask, ++pData, ++bMask)
		if (*szMask == 'x' && *pData != *bMask)
			return 0;
	return (*szMask) == NULL;
}

DWORD FindPattern(DWORD dwModule, DWORD dwLen, BYTE *bMask, char *szMask)
{
	for (DWORD i = 0; i < dwLen; i++)
		if (bDataCompare((BYTE *)(dwModule + i), bMask, szMask))
			return (DWORD)(dwModule + i);
	return 0;
}

    Code:
    #define WEAPONMGR_PATTERN "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xDB\x0F\x49\x40\x35\xFA\x8E\x3C\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xDB\x0F\xC9"

#define WEAPONMGR_MASK "????????????xxxxxxxx????????????????????xxx"

ADDR_WEAPONMGR =
		FindPattern((DWORD)GetModuleHandleA("CShell.dll"), 0xFFFFFF,
		(PBYTE)WEAPONMGR_PATTERN, (char *)WEAPONMGR_MASK);

	char szMyDword2[10];
	sprintf(szMyDword2, "0x%08x", ADDR_WEAPONMGR);



	MessageBox(0, szMyDword2, TEXT("weapon mgr"), MB_OK);

    Alguém sabe o que ta de errado? e são várias AoB's que funcionam no C.E mas na DLL não =/

    Obrigado desde já \õ

    Procurando no olly, seu pattern joga pro endereço do WeaponMgr diretamente. Eu prefiro pegar a localização de um pointer.
    Code:
    WeaponMgr = FindPattern(CShell, 0xFFFFFF, (PBYTE)"\x8B\x0D\x00\x00\x00\x00\x8B\x04\xB1\xD9\xE8", "xx????xxxxx");
if (WeaponMgr != NULL)
	WeaponMgr = *(DWORD*)(WeaponMgr + 0x2);
    Isso irá retornar o endereço do WeaponMgr sem ter um pattern gigante para lagar o programa.
    Press thanks if I helped

    Xigncode Security:

    Reply With Quote Reply With Quote
  3. 05-13-2018 #3
    yaago
    yaago is offline
    Novice
    MPGH Member
    yaago's Avatar
    Join Date
    Jun 2015
    Gender
    male
    Posts
    57
    Reputation
    10
    Thanks
    6
    Send a message via Birdie™ to yaago Brazil
    FindPattern(CShell, 0xFFFFFFF..
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. [Help] Pattern scan failed
    By zeper666 in forum Counter-Strike 2 Coding & Resources
    Replies: 5
    Last Post: 11-05-2016, 03:26 PM
  2. [Help] Pattern Scan fails but CE finds value
    By lolomat in forum C++/C Programming
    Replies: 0
    Last Post: 05-31-2015, 11:03 AM
  3. Pattern Scan
    By GoldWhite in forum Combat Arms Coding Help & Discussion
    Replies: 11
    Last Post: 11-27-2012, 11:15 AM
  4. [Help] Pattern scanning
    By pyton789 in forum Visual Basic Programming
    Replies: 27
    Last Post: 03-09-2011, 03:44 AM
  5. [Tutorial] How to fix olly if scanning fails
    By lauwy in forum CrossFire Hack Coding / Programming / Source Code
    Replies: 0
    Last Post: 12-05-2010, 07:54 AM