Page 1 of 2 12 LastLast
Results 1 to 15 of 19
dqw   Bookmark and Share   
  1. #1
    Junior Member
    NRZCoder's Avatar
    Join Date
    Jan 2010
    Posts
    196
    Thanks
    1
    Thanked 82 Times in 25 Posts

    Default [Tutorial]How to convert ASM script to C++

    Yes, this is a tutorial including converting simple AA script, to codecave scripts.
    It will be short and sweet. I don't include any dll stuff inside just merge it with the dll you've made.
    Ok, let's start it.

    We take this simple Instant Drop script

    Code:
    //instant drop
    // updated to MSEA 93 by nerrazzuri
    [enable]
    00ad0dd0:
    add [eax],al
    add [eax],al
    add [eax],al
    add [eax],al
    
    [disable]
    00af0dd0:
    add [eax],al
    add [eax],al
    add [eax-71],al
    inc eax
    now to convert to a C++ script, you need to have it's bytes, which located in the memory view of Cheat Engine. (To learn on how to view Cheat Engine memory without getting HAD, [Only Registered Users Can See LinksClick Here To Register].)

    I'll just give you the bytes here.
    Code:
    add [eax], al //bytes 00 00
    add [eax-71], al//bytes 00 40 8f
    inc eax// bytes 40
    The byte should be, 00 00 00 00 00 40 8f 40. This is the [disable] part, while for the [enable] part, we see that,
    Code:
    add [eax], al // bytes 00 00
    So, the bytes should be 00 00 00 00 00 00 00 00.

    Create variables for the address that will be edited in the script.
    Code:
    DWORD dwInstantDropAddy = 0x00af0dd0;
    Declare a variable that will hold the bytes when the hack is enabled.
    Code:
    BYTE Enabledbytes[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
    Declare a variable that will hold the bytes when the hack is disabled.
    Code:
    BYTE Disabledbytes[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x8f, 0x40};
    And write a function for the hacks
    Code:
    void InstantDrop (__in BOOL bEnable)
    {
         if(bEnable)
         {
               memcpy((void*)dwInstantDropAddy, Enabledbytes, sizeof(Enabledbytes));
         }
         else
         {
               memcpy((void*)dwInstantDropAddy, Disabledbytes, sizeof(Disabledbytes));
         }
    }
    now you are successfully converted a simple AA script to C++.

    We are going to a more advance step, codecave, TBH, sometimes I have difficulties to convert some script also, but in these tutorial, I'll just teach you how to convert scripts that I know.

    We are using full monster book script. Here is it.
    Code:
    [ENABLE] 
    alloc(MonsterBook,24) 
    registersymbol(MonsterBook) 
    
    0095d048:
    jmp MonsterBook
    
    MonsterBook: 
    mov eax,5
    jmp 0095d04d
    
    [disable] 
    0095d048:
    call 007018c0
    
    dealloc(MonsterBook,24) 
    unregistersymbol(MonsterBook)
    Alright, for codecave script, you could use inline ASM to insert the script directly. But first, you have to define jump globally so that the function could jump into the inline ASM script.
    Code:
    #define jmp(frm, to) (int)(((int)to - (int)frm) - 5);
    And then, we declare the address.
    Code:
    DWORD g_dwBook = 0x0095d048, g_dwBooKRet = g_dwBook + 5;
    char  g_szBookMem[5];
    I know a lot of people doesn't really understand this, just follow the tutorial and you'll eventually understand it.

    Create a function for inline ASM and add the AA script into it.
    Code:
    __declspec(naked) void __stdcall MonsterBook()
    {
        __asm 
        {
             mov eax,5
             jmp dword ptr [g_dwBookRet]
        }
    }
    Ok, I'll explain this one by one, why
    Code:
    g_dwBooKRet = g_dwBook + 5;
    It's because the codecave need to jump to the address 0095d04d, which have 5 bytes at the original address 0095d048.

    Well for the
    Code:
    jmp dword ptr [g_dwBookRet]
    It's kinda like, jump a word instead of byte(correct me if i'm wrong).

    Now, we need to create a function to call the inline ASM.
    Code:
    void tglMonsterBook(__in BOOL bEnable)
    {
         memcpy(g_szBookMem, (void*)g_dwBook, 5)//copy clean memory
         if(bEnable)
         {
              *(BYTE*)  g_dwBook = 0xe9; // 0xe9 = jmp
              *(DWORD*)(g_dwBook + 1) = jmp(g_dwBook, MonsterBook); // jmp to cave
         }
         else
         {
               memcpy( (void*)g_dwBook, g_szBookMem, 5);//copy the original bytes back to the address
         }
    }
    This is basically how a codecave script could be written in C++. I'll explain what is in the function.
    Code:
    *(BYTE*)  g_dwBook = 0xe9;
    as I stated, it is a jump into the inline assembly script. We declare a jump that will jump to the codecave.

    Code:
    *(DWORD*)(g_dwBook + 1) = jmp(g_dwBook, MonsterBook);
    This is where will jump into the codecave script.

    Well that's all from my tutorial, correct me if I had written anything wrong, we can learn together. =)

  2. #2
    Chill
    Guest Chill's Avatar

    Default

    Monster book is a bit confusing. Which is code cave right?

  3. #3
    Junior Member
    NRZCoder's Avatar
    Join Date
    Jan 2010
    Posts
    196
    Thanks
    1
    Thanked 82 Times in 25 Posts

    Default

    Yes, code cave is different from the simple script that using write bytes.

  4. #4
    Chill
    Guest Chill's Avatar

    Default

    Can you show me later?

  5. #5
    Newbie 1981992's Avatar
    Join Date
    Aug 2010
    Posts
    42
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    very good for starters GJ

  6. #6
    Junior Member Green Tea's Avatar
    Join Date
    Aug 2010
    Posts
    83
    Thanks
    3
    Thanked 12 Times in 3 Posts

    Default

    Can you teach me step by step on converting this:
    [enable]
    alloc(7Miss,60)
    label(7MissRet)

    00A8C28A:
    jmp 7Miss
    7MissRet:

    7Miss:
    mov [ebp+10],00//No KB
    inc [7Miss+32]
    cmp dword ptr [7Miss+32],07//Miss Amount
    jg 7Miss+22
    mov [ebp+08],00//Dmg
    jmp 7MissRet
    7Miss+22:
    mov [7Miss+32],00
    jmp 7MissRet

    [disable]
    00A8C28A://39 5D 0C 75 ? 39 5D 10 74 ? 8B 45
    db 39 5D 0C 75 05
    dealloc(7Miss)

  7. #7
    Junior Member lexie's Avatar
    Join Date
    Sep 2010
    Posts
    120
    Thanks
    11
    Thanked 7 Times in 6 Posts

    Default

    Quote Originally Posted by Green Tea [Only Registered Users Can See LinksClick Here To Register]
    Can you teach me step by step on converting this:
    [enable]
    alloc(7Miss,60)
    label(7MissRet)

    00A8C28A:
    jmp 7Miss
    7MissRet:

    7Miss:
    mov [ebp+10],00//No KB
    inc [7Miss+32]
    cmp dword ptr [7Miss+32],07//Miss Amount
    jg 7Miss+22
    mov [ebp+08],00//Dmg
    jmp 7MissRet
    7Miss+22:
    mov [7Miss+32],00
    jmp 7MissRet

    [disable]
    00A8C28A://39 5D 0C 75 ? 39 5D 10 74 ? 8B 45
    db 39 5D 0C 75 05
    dealloc(7Miss)
    I would like to learn how to convert this aswell

  8. #8
    GH Admin & VIP Coder Automatic's Avatar
    Join Date
    Aug 2010
    Posts
    232
    Thanks
    2
    Thanked 51 Times in 18 Posts

    Default

    Code:
    DWORD MissAddy = 0x00A8C28A;
    DWORD 7MissRet = MissAddy + 5;
    BYTE 7Miss+32 = 0;
    void __declspec(naked) __stdcall MissAsm()
    {
         __asm
         {
              mov dword ptr [ebp+10],00//No KB
              inc byte ptr [7Miss+32]
              cmp dword ptr [7Miss+32],07//Miss Amount
              jg 7Miss+22
              mov dword ptr [ebp+08],00//Dmg
              jmp dword ptr [7MissRet]
              7Miss+22:
              mov dword ptr [7Miss+32],00
              jmp dword ptr [7MissRet]
         }
    }
    Not sure if this work, i type it myself here.
    Last edited by Automatic; 09-17-2010 at 11:50 PM.

  9. #9
    Junior Member lexie's Avatar
    Join Date
    Sep 2010
    Posts
    120
    Thanks
    11
    Thanked 7 Times in 6 Posts

    Default

    I just put what you had in my code. i haven't had a chance to look at it yet. i will later this morning unless i fall asleep
    Code:
    1>Form1.cpp(351): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(351): warning C4091: '' : ignored on left of 'unsigned long' when no variable is declared
    1>Form1.cpp(351): error C2143: syntax error : missing ';' before 'constant'
    1>Form1.cpp(351): error C2059: syntax error : 'constant'
    1>Form1.cpp(352): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(352): warning C4091: '' : ignored on left of 'unsigned char' when no variable is declared
    1>Form1.cpp(352): error C2143: syntax error : missing ';' before 'constant'
    1>Form1.cpp(352): error C2059: syntax error : 'constant'
    1>Form1.cpp(358): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(358): error C2400: inline assembler syntax error in 'first operand'; found '+'
    1>Form1.cpp(359): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(359): error C2400: inline assembler syntax error in 'first operand'; found '+'
    1>Form1.cpp(360): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(360): error C2400: inline assembler syntax error in 'first operand'; found '+'
    1>Form1.cpp(361): error C2041: illegal digit '8' for base '8'
    1>Form1.cpp(362): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(362): error C2400: inline assembler syntax error in 'first operand'; found ']'
    1>Form1.cpp(363): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(363): error C2400: inline assembler syntax error in 'opcode'; found 'constant'
    1>Form1.cpp(364): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(364): error C2400: inline assembler syntax error in 'first operand'; found '+'
    1>Form1.cpp(365): error C2059: syntax error : 'bad suffix on number'
    1>Form1.cpp(365): error C2400: inline assembler syntax error in 'first operand'; found ']'

  10. #10
    GH Admin & VIP Coder Automatic's Avatar
    Join Date
    Aug 2010
    Posts
    232
    Thanks
    2
    Thanked 51 Times in 18 Posts

    Default

    Change 7Miss+32 to something like MissRound.
    then define
    Code:
    BYTE MissRound = 0;

  11. #11
    Junior Member lexie's Avatar
    Join Date
    Sep 2010
    Posts
    120
    Thanks
    11
    Thanked 7 Times in 6 Posts

    Default

    Code:
    DWORD MissAddy = 0x00A8C28A; 
    DWORD MissRet =  MissAddy + 5;
    char  MissMem[5];
    BYTE MissRound=0;
    void __declspec(naked) __stdcall MissGodmodeCave()
    {
        __asm
        {
                PUSH eax
                MOV eax,0x00000000
                MOV DWORD PTR[ebp+0x10], eax //No KnockBack
                POP eax
                INC DWORD PTR [MissRound]
                CMP DWORD PTR [MissRound],0x07 //Miss number.  If these values are equal, we want to skip the no damage
                JG SevenMissSkip
                PUSH eax
                MOV eax,0x00000000
                MOV DWORD PTR[ebp+0x08], eax //Damage Received
                POP eax
                JMP DWORD PTR [MissRet]
    
            SevenMissSkip:
                MOV DWORD PTR [MissRound],0x00000000 //Reset the rounds to 0
                JMP DWORD PTR [MissRet]
        }
    }
    
    void Form1::checkBox1_CheckedChanged(System::Object^  sender, System::EventArgs^  e)
    {
        memcpy(MissMem, (void*)MissAddy, 5);//copy clean memory
    
        if(checkBox1->Checked == true)
          {
              *(BYTE*)  MissAddy = 0xe9; // 0xe9 = jmp
              *(DWORD*)(MissAddy + 1) = jmp(MissAddy, sevenMissGodmodeCave); // jmp to cave
                
        }
          else
          {
               memcpy( (void*)MissAddy, MissMem, 5);
          }
    }

  12. #12
    NewFag (Wait am I?) Fallen's Avatar
    Join Date
    Jul 2010
    Location
    NSW Australia
    Posts
    657
    Thanks
    26
    Thanked 129 Times in 41 Posts

    Default

    @ Lexie its not working for me ._.
    Keeps saying 1>------ Build started: Project: FirstTry, Configuration: Debug Win32 ------
    1> Form1.cpp
    1>Form1.cpp(87): error C3861: 'jmp': identifier not found
    ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
    Signature? nahh got nothing to put but i wanna fill in the blank X.X / THANK ME IF I HELPED
    Self pity gets you no where, hatred and anger move you forward.
    [Only Registered Users Can See LinksClick Here To Register] Complete Guide to Hacking
    [Only Registered Users Can See LinksClick Here To Register] Ulimate Guide to MMC
    [Only Registered Users Can See LinksClick Here To Register] MS Hacking Technical Support Thread
    [Only Registered Users Can See LinksClick Here To Register] Free 7000 Accounts and Passwords

  13. #13
    Newbie Ghoul's Avatar
    Join Date
    Sep 2010
    Posts
    8
    Thanks
    0
    Thanked 4 Times in 3 Posts

    Default

    Code:
    #define JMP(start, target) (int)(((int)target - (int)start) - 5)
    //...
    
    
    /* Creates a jump to a codecave */
    BOOL Jump(unsigned long ulAddress, void* Function, unsigned long ulNops)
    {
            __try
            {
                    *(unsigned char*)ulAddress = 0xE9;
                    *(unsigned long*)(ulAddress + 1) = JMP(ulAddress, Function);
                    memset((void*)(ulAddress + 5), 0x90, ulNops);
                    return true;
            }
            __except (EXCEPTION_EXECUTE_HANDLER) { return false; }
    }
    Code:
    unsigned long ulMissAddress = 0x00A6031A;
    unsigned long ulMissReturn = ulMissAddress + 5;
    unsigned long ucMissRound = 0x00;
    BYTE bMissMem[5];
    
    void __declspec(naked) MissAsm()
    {
            __asm
            {
                    inc [ucMissRound]
                    cmp [ucMissRound],0x07
                    jg StopMiss
                    mov [ebp+0x08],0x00
                    jmp [ulMissReturn]
    
                    StopMiss:
                    mov [ucMissRound],0x00
                    jmp [ulMissReturn]
            }
    }
    Code:
    if ( Checked ( IDC_CB_GODMODE_7MISS ) )
    {
            memcpy ( bMissMem, (void*)ulMissAddress, 5 );
            Jump ( ulMissAddress, MissAsm, 0);
    } else {
            memcpy ( (void*)ulMissAddress, bMissMem, 5 );
    }
    break;

  14. #14
    GH Admin & VIP Coder Automatic's Avatar
    Join Date
    Aug 2010
    Posts
    232
    Thanks
    2
    Thanked 51 Times in 18 Posts

    Default

    Quote Originally Posted by Fallen [Only Registered Users Can See LinksClick Here To Register]
    @ Lexie its not working for me ._.
    Keeps saying 1>------ Build started: Project: FirstTry, Configuration: Debug Win32 ------
    1> Form1.cpp
    1>Form1.cpp(87): error C3861: 'jmp': identifier not found
    ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
    add something on top like what Ghoul did.

    Code:
    #define JMP(start, target) (int)(((int)target - (int)start) - 5)
    Add me in [Only Registered Users Can See LinksClick Here To Register]. I'll give you my assistant on MapleStory hacks.

  15. #15
    Junior Member lexie's Avatar
    Join Date
    Sep 2010
    Posts
    120
    Thanks
    11
    Thanked 7 Times in 6 Posts

    Default

    Fallen can't code for the next 12 days
    unless something changes T.T
    @automatic
    i've been trying to convert autocc
    the original script is
    Code:
    [enable]
    alloc(AutoCC,72)
    label(maxch)
    label(CCPlz)
    label(AutoCCRet)
    
    0057AE4D://Tubi Fix
    db 00
    
    0077E5AD:
    jmp AutoCC 
    AutoCCRet:
    
    AutoCC:
    mov eax,[00d824f4]
    cmp dword ptr [eax+18],00
    je AutoCCRet
    pushad
    cmp dword ptr [00D8B938],0c//Max Chs 13
    jnl maxch
    inc [00D8B938]//Current Ch
    push [00D8B938]
    dec [00D8B938]
    jmp CCPlz
    maxch:
    push 01
    CCPlz:
    mov ecx,[00d8532c] //ecx 8B 35 ? ? ? ? 85 F6 74 ? 8B 46 04 8D 4E 04 68 ? ? ? ? FF
    call 0057AD71//ChangeCh call B8 ? ? ? 00 E8 ? ? ? 00 83 EC 10 56 8B 35 ? ? ? 00 
    popad
    jmp AutoCCRet
    
    [disable]
    0057AE4D://01 00 00 00 E8 ? ? ? 00 83 4D ? FF 8D ? E8 89 86 
    db 01
    0077E5AD://A1 ? ? ? ? 53 56 8B F1 8B 48 ? 57 8D 45 ? 50 89 ? BC 
    db a1 f4 24 d8 00
    dealloc(AutoCC)
    What have i done wrong?
    Code:
    BYTE AutoCCMem[5];
    const unsigned long AutoCCAddy = 0x0077E5AD;//A1 ? ? ? ? 53 56 8B F1 8B 48 ? 57 8D 45 ? 50 89 ? BC 
    const unsigned long AutoCCRet = AutoCCAddy + 5;
    const unsigned long AutoCCAddy2 = 0x00D8B938;
    const unsigned long CCCall = 0x0057AD71; //ChangeCh call B8 ? ? ? 00 E8 ? ? ? 00 83 EC 10 56 8B 35 ? ? ? 00 
    
    void __declspec(naked) AutoCCAsm()
    {
            __asm
            {
                    mov eax,[0x00d824f4]
                    cmp dword ptr [eax+0x18],0x00
                   // je [AutoCCRet] //I commeted this out because i kept on getting "Improper Operand Type" i dont know how to fix
                    pushad
                    cmp dword ptr [AutoCCAddy2],0x0c//Max Chs 13
                    jnl maxch
                    inc [AutoCCAddy2]//Current Ch
                    push [AutoCCAddy2]
                    dec [AutoCCAddy2]
                    jmp CCPlz
     
                    maxch:
                    push 01
     
                    CCPlz:
                    mov ecx,[0x00d8532c] //ecx 8B 35 ? ? ? ? 85 F6 74 ? 8B 46 04 8D 4E 04 68 ? ? ? ? FF
                    call [CCCall]//ChangeCh call B8 ? ? ? 00 E8 ? ? ? 00 83 EC 10 56 8B 35 ? ? ? 00
                    popad
                    jmp [AutoCCRet]
            }
    }
    
    Thanks for your time :]

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. [Help]How should i use this script?
    By xposionn in forum Trash
    Replies: 0
    Last Post: 12-29-2011, 05:05 AM
  2. How to convert Auto Assemble scripts into C++
    By MrSMAK in forum GMS Hacking Discussion
    Replies: 0
    Last Post: 07-27-2010, 04:47 AM

Visitors found this page by searching for:

convert asm to c

error c3861: jmp: identifier not found

maplestory how to convert asm

assembly c convert

Converting ASM to C maplestory

jmp: identifier not found

vc MapleStory ASMc __asm tutorialmaple story converting script asm to C how to convert codecave scripts to c How to use maplestory codecave scripts in C code Cave asm convertion to chow to convert asm to c maplestoryTut ASM Scripts to C Maple Story converting asm to C asm to c tutorialconvert assembler 8b to windows assemblyC converting asm scripts mapleconvert assembly to cconvert asm to byteconverting ASM to Cfree asm to vb__declspec(naked) asm c builder return valuehow to transform cpp to asmmaplesea mmc aa script
SEO Blog

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •