help plz

ups2000ups · 08-02-2006, 07:00 PM

i have get 1 think to dupex but it dont work

here i send wat i got

1) Inject this code (Monsters behave themselves, stay at one spot) : <= through Memory view, Tools -> Auto Assemble

alloc(FindCharacterAddress, 1024)
alloc(ListOffset, 4)
alloc(ESIList, 1024)
alloc(DupeXVac, 1024)
alloc(EDIValue, 4)
label(EndSearch)
label(CompareOffset)
label(StoreESI)
label(DoNormal)
FindCharacterAddress:
mov [esi+114],edi
push eax
push ebx
push ecx
push edx
mov eax,0
mov ebx,ListOffset
mov ecx,ESIList
mov edx,EDIValue
CompareOffset:
cmp eax,[ebx]
je StoreESI
cmp esi,[ecx+eax*4]
je EndSearch
inc eax
jmp CompareOffset
StoreESI:
mov [ecx+eax*4],esi
inc eax
mov [ebx],eax
mov [edx],edi
EndSearch:
pop edx
pop ecx
pop ebx
pop eax
jmp 0063411b
DupeXVac:
push eax
push ebx
push ecx
mov ebx,[ListOffset]
dec ebx
mov ecx,ESIList
mov eax,[ecx+ebx*4]
cmp esi,eax
je DoNormal
mov edi,[EDIValue]
DoNormal:
mov [esi+114],edi
pop eax
pop ebx
pop ecx
jmp 0063411b

2) Take down the addresses of FindCharacterAddress, ListOffset, DupeXVac.

---------------------------------For Reference only-----------------------------
Take Note that only the first 4 part (from left) of the address changes each time you inject the code.
So, FindCharacterAddress will be xxxx0000
ListOffset will be xxxx0400
DupeXVac will be xxxx0804
------------------------------------------------------------------------------------------------------

3) Add the address of ListOffset to the address list manually, 4 bytes. The value of it MUST BE zero. If it is not zero, change it to zero.

4) Memory view -> goto 634102, tick EIP and enter the address of FindCharater Address.(Eg FindCharacterAddress is 99990000, just pu in 99990000 in the EIP.)
Now you will notice the value of ListOffset incrementing. Wait awhile till it stops.
Get back to MS and jump. Tab out and the value should increase by 1.

5) Memory view -> goto 634102, same thing, EIP, but now change the address to the dupeXVac one.(Eg DupeXVac is 99990804, so change the 99990000 to 99990804.)

Done!

after step 3 i have valute ?? or i get 0 or something other

if i get it to valute 0 i goint to step 4 but my valuta still on 0

if i try 5 but step 4 dont work i get dc

help plz

08-02-2006, 07:00 PM	#1 (permalink)
ups2000ups Junior Member Join Date: Jun 2006 Posts: 2	help plz i have get 1 think to dupex but it dont work here i send wat i got 1) Inject this code (Monsters behave themselves, stay at one spot) : <= through Memory view, Tools -> Auto Assemble alloc(FindCharacterAddress, 1024) alloc(ListOffset, 4) alloc(ESIList, 1024) alloc(DupeXVac, 1024) alloc(EDIValue, 4) label(EndSearch) label(CompareOffset) label(StoreESI) label(DoNormal) FindCharacterAddress: mov [esi+114],edi push eax push ebx push ecx push edx mov eax,0 mov ebx,ListOffset mov ecx,ESIList mov edx,EDIValue CompareOffset: cmp eax,[ebx] je StoreESI cmp esi,[ecx+eax4] je EndSearch inc eax jmp CompareOffset StoreESI: mov [ecx+eax4],esi inc eax mov [ebx],eax mov [edx],edi EndSearch: pop edx pop ecx pop ebx pop eax jmp 0063411b DupeXVac: push eax push ebx push ecx mov ebx,[ListOffset] dec ebx mov ecx,ESIList mov eax,[ecx+ebx*4] cmp esi,eax je DoNormal mov edi,[EDIValue] DoNormal: mov [esi+114],edi pop eax pop ebx pop ecx jmp 0063411b 2) Take down the addresses of FindCharacterAddress, ListOffset, DupeXVac. ---------------------------------For Reference only----------------------------- Take Note that only the first 4 part (from left) of the address changes each time you inject the code. So, FindCharacterAddress will be xxxx0000 ListOffset will be xxxx0400 DupeXVac will be xxxx0804 ------------------------------------------------------------------------------------------------------ 3) Add the address of ListOffset to the address list manually, 4 bytes. The value of it MUST BE zero. If it is not zero, change it to zero. 4) Memory view -> goto 634102, tick EIP and enter the address of FindCharater Address.(Eg FindCharacterAddress is 99990000, just pu in 99990000 in the EIP.) Now you will notice the value of ListOffset incrementing. Wait awhile till it stops. Get back to MS and jump. Tab out and the value should increase by 1. 5) Memory view -> goto 634102, same thing, EIP, but now change the address to the dupeXVac one.(Eg DupeXVac is 99990804, so change the 99990000 to 99990804.) Done! after step 3 i have valute ?? or i get 0 or something other if i get it to valute 0 i goint to step 4 but my valuta still on 0 if i try 5 but step 4 dont work i get dc help plz

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode