Help Writing Script

sachamo512 · 12/03/2009, 01:07

!!!!!Problem solved, please close!!!!

I am trying to learn how to write CE scripts, and I'm almost done with my first one, but I'm having a bit of an issue.

I found the pointer and then the offset for what I'm looking for, and now I just need to figure out one small detail.

The code at my offset is mov ecx,[edx+64]

What I think this does is it takes edx (which is the data?) adds 64 to it and puts that value at ecx (which is a counter/timer?). Assuming this is right, how do i make ecx (the timer) 0?

bottomy · 12/03/2009, 02:36

if you want ecx as 0 simply do mov ecx, 0

but what this command is actualy doing (you were close), it's moving the dword length stored at edx+64. so if edx holds 12345678 well then it's moving the value stored at 12345678 + 64 = 123456dc. so the dword value stored at 123456dc gets moved into ecx, which could be ffffffff for example.

sachamo512 · 12/03/2009, 05:02

well mov ecx,0 is definitely not right...it does completely opposite of what I'm trying to make it do...

I don't want to say too much, because I don't want anybody to read this and suddenly it gets leaked back out to public...

Anybody who is willing to help me along, please send me PM. I'm not asking for your script, or a step-by-step tutorial, just a push in the right direction.

Thanks

bottomy · 12/03/2009, 05:42

well you asked how to make ecx hold 0, so moving 0 into ecx is how that is done. but if it's not working then it's obviously not what you want to happen. maybe ecx isn't what you want to change to 0 it might be something else, and what needs to be changed to 0 might also be getting the value from edx+64, so you could try moving 0 into edx+64. but just look at the entire function and understand what's happening and what needs to be done.

sachamo512 · 12/03/2009, 06:15

Here's what I think is going on: It takes edx+64 and moves it into ecx (line 1). Then it takes that same value and moves it to esp+14 (line 2).

So I think I may need to focus on line 2, and make it's value end at 0 so that the end result is 0...

maybe nop'ing line 2 so that is never makes the move? I'll try that really quick

EDIT:
nop'ing line 2 does the same thing as mov eax,0...so that's not the right thing

bottomy · 12/03/2009, 06:19

well if ecx is only used for moving the value from edx+64 to esp+14 then you could just make it move 0 into esp+14.

sachamo512 · 12/03/2009, 06:21

WOOT! Got it! Now I just need to make sure I can write this into the script...I got it work with manually editing

bottomy · 12/03/2009, 06:25

good job!, for writing the script if the code fits in the function then you can just make it replace the code at that offset otherwise if it won't fit then you'll have to allocate so many bytes and add the code there.

sachamo512 · 12/03/2009, 06:35

well, it doesn't fit, and my script doesn't work. Here's what it says when I manually edit:

Quote:

The generated code is 8 bytes long, but the selected opcode is 4 bytes long.

So when I use the nop's, the next step disappears...I

I tried makeing the edit and copying it's code injection into my script, but that doesn't seem to work either, unless I did something wrong?

Thanks for helping! Thanks pressed

EDIT: Got it working!! I went and looked at your tut about writing scripts, and it kinda helped me. My script looks like **** though, and I don't know what happens if you try to disable it, but I don't plan on ever disabling it unless I reload. Anyway, I got it fully working! Thanks again for all your help, bottomy!

Mod, please close!