Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

C++ w/ Inline Assembly

PhunPhun Member Posts: 9
I don't exactly know how to explain what I'm trying to do, but I'll do my best to show you, and explain what I can.

What I'm trying to do is call a function with parameters, but the position parameter is encrypted.

This is what it would look like if the position wasn't encrypted:

[code]DWORD *pGame = (DWORD *)0x00665B80;

//Returns a pointer to the local player - will return NULL if not in game
DWORD MyChar(void){
if(!pGame)

return NULL;

if(!*pGame)

return NULL;

return *(DWORD *)(*pGame + 0x4C);
}

//Returns a float pointer to character's position variable; a float[3], with x, y, and z coords
float *ZObject__GetPosition(void *vpChar){

return (float *)((DWORD)vpChar + 0x54);
}

typedef void(__cdecl *ZPostShotMeleeFunction)(int nShot, float *pos);
ZPostShotMeleeFunction ZPostShotMelee = (ZPostShotMeleeFunction)ZPostShotMeleeSignatureOffset;

if(GetAsyncKeyState(0x60) < 0){
DWORD dwMe = MyChar();

float pos[3];
memcpy(pos, ZObject__GetPosition((void *)dwMe), sizeof(float) * 3);

ZPostShotMelee(1, pos);
}[/code]

This is what it looks like with the position encrypted:

[code]if(GetAsyncKeyState(0x60) < 0){

_asm{
pushad
push 1 // or 7 -- It varies from 1 - 7; 1 being the weakest, 7 being the strongest
mov eax, ZGetGameSignatureOffset //004AA270
call eax
mov ecx, dword ptr ds:[eax+0x4C]
mov eax, EncryptionSignatureOffset //00402B40
call eax
push eax
mov eax, ZPostShotMeleeSignatureOffset
call eax
pop eax
pop eax
popad
}
}[/code]

This is the encryption function:

[code]00402B40 8B41 54 mov eax, dword ptr ds:[ecx+54]
00402B43 85C0 test eax, eax
00402B45 75 04 jnz short 00402B4B
00402B47 8D41 48 lea eax, dword ptr ds:[ecx+48]
00402B4A C3 retn
00402B4B 8B48 20 mov ecx, dword ptr ds:[eax+20]
00402B4E 8B50 0C mov edx, dword ptr ds:[eax+C]
00402B51 8B048A mov eax, dword ptr ds:[edx+ecx*4][/code]

The problem I'm having is making a function which will allow me to use the ZPostShotMelee(1, Function_Which_Returns_Position_And_Allows_Me_To_Use_It_As_Parameter()).

I've tried:

[code]float *TestFunc(void){
float *pos;

_asm{
mov eax, ZGetGameSignatureOffset
call eax
mov ecx, dword ptr ds:[eax+0x4C]
mov eax, EncryptionSignatureOffset
call eax
mov pos, eax
}

return pos;
}[/code]

But it just crashes. The only way I can call it with the parameters it takes are directly through Assembly; however, there are many other functions I wish to call with the position parameter, but they are far more complicated in Assembly, which is why I want to just call them in C++.

Can anyone help?
«1

Comments

  • IDKIDK Member Posts: 1,784
    :
    : [code]: float *TestFunc(void){
    : float *pos;
    :
    : _asm{
    : mov eax, ZGetGameSignatureOffset
    : call eax
    : mov ecx, dword ptr ds:[eax+0x4C]
    : mov eax, EncryptionSignatureOffset
    : call eax
    : mov pos, eax
    : }
    :
    : return pos;
    : }[/code]


    Hmm, I would say you're using to much to much assembly...

    The above code could be replaced by the following line of code
    [code]
    pos = EncryptionSignatureOffset(ZGetGameSignatureOffset());
    [/code]

    If you have optimisation reasons for using assembly, I would recomend first doing it in normaly, then profile and optimise.
  • PhunPhun Member Posts: 9
    I don't think you get what I meant... I'm sorry if I didn't explain it clear.

    [code]_asm{
    mov eax, ZGetGameSignatureOffset
    call eax
    mov ecx, dword ptr ds:[eax+0x4C]
    mov eax, EncryptionSignatureOffset
    call eax
    }
    }[/code]

    This would be the same as:

    [code]DWORD MyChar(void){
    if(!pGame)

    return NULL;

    if(!*pGame)

    return NULL;

    return *(DWORD *)(*pGame + 0x4C);
    }

    float *ZObject__GetPosition(void *vpChar){

    return (float *)((DWORD)vpChar + 0x54);
    }[/code]

    The only problem is the 0x54 is now encrypted, and I can't use it that way.

    Basically, I am able to push the parameter onto the stack, but I cannot return it an use it as a parameter in a function.

    What I want to be able to do is use ZPostShotMelee(7, pos) or ZPostShotMelee(7, ReturnPosition()) instead of using Assembly to push the parameters and call the function. I do, however, need to use Assembly to return the position, but it just crashes when I try.

    As for using to much Assembly, that's not the case.

    For example:

    [code]if(GetAsyncKeyState(0x60) < 0){

    _asm{
    pushad
    push 1 // or 7 -- It varies from 1 - 7; 1 being the weakest, 7 being the strongest
    mov eax, ZGetGameSignatureOffset //004AA270
    call eax
    mov ecx, dword ptr ds:[eax+0x4c]
    mov eax, EncryptionSignatureOffset //00402B40
    call eax
    push eax
    mov eax, ZPostShotMeleeSignatureOffset
    call eax
    pop eax
    pop eax
    popad
    }
    }[/code]

    This is ZPostShotMelee(1, pos), but if you look at that Assembly, it has

    [code]mov eax, ZGetGameSignatureOffset //004AA270
    call eax
    mov ecx, dword ptr ds:[eax+0x4c]
    mov eax, EncryptionSignatureOffset //00402B40
    call eax
    push eax[/code]

    Which is what I want to do, but instead of pushing it onto the stack I want to return it, hence the mov pos, eax and then return pos.
  • IDKIDK Member Posts: 1,784
    OK, your problem is that you want to return variables, and don't know how/can't get it working. Right?

    My problem ;-), is that you're using to much assembly...

    : The only problem is the 0x54 is now encrypted, and I can't use it that way.

    Why? Is this the reason you have to use assembly?
  • PhunPhun Member Posts: 9
    Yes, that's why I have to use Assembly. If I could decrypt it I could just use it as 0x54, but I need to return the position using Assembly (it will still be encrypted), which is what I was trying to do.
  • IDKIDK Member Posts: 1,784
    : Yes, that's why I have to use Assembly. If I could decrypt it I
    : could just use it as 0x54, but I need to return the position using
    : Assembly (it will still be encrypted), which is what I was trying to
    : do.

    Eh, I still don't get it...

    Why does this position returning function have to be in asm?
  • PhunPhun Member Posts: 9
    I think that instead of trying to do this the hard way, I'll simply stick to using pure Assembly.
  • IDKIDK Member Posts: 1,784
    : Do you have a suggestion as to how to write it in C++?
    :

    Do you mean this code? or the other?
    [code]
    mov eax, ZGetGameSignatureOffset //004AA270
    call eax
    mov ecx, dword ptr ds:[eax+0x4c]
    mov eax, EncryptionSignatureOffset //00402B40
    call eax
    push eax

    C:
    return EncryptionSignatureOffset(ZGetGameSignatureOffset()+0x4c);
    [/code]

    The return depends on the contex...

    [code]
    _asm{
    pushad
    push 1 // or 7 -- It varies from 1 - 7; 1 being the weakest, 7 being the strongest
    mov eax, ZGetGameSignatureOffset //004AA270
    call eax
    mov ecx, dword ptr ds:[eax+0x4c]
    mov eax, EncryptionSignatureOffset //00402B40
    call eax
    push eax
    mov eax, ZPostShotMeleeSignatureOffset
    call eax
    pop eax
    pop eax
    popad
    }

    ZPostShotMeleeSignatureOffset(
    EncryptionSignatureOffset(ZGetGameSignatureOffset()+0x4c));
    [/code]

    I don't know how the Offset funcs work, but they could also be written in C.
  • PhunPhun Member Posts: 9
    I edited my post. I'm going to stick to pure Assembly as far as calling functions with the position parameter.

    Now I just need to learn some more Assembly.

    Now this is my problem:

    [code]ZPostRequestSpawnWorldItem(const MUID *uidChar, int nItemID, float *pos)[/code]

    MUID struct:
    [code]struct MUID{
    unsigned long High;
    unsigned long Low;
    };

    //MUID *uidChannel = new MUID();
    MUID *uidChar = new MUID(); //We'll only be dealing with this one
    //MUID *uidKiller = new MUID();
    //MUID *uidNPC = new MUID();
    //MUID *uidPlayer = new MUID();
    //MUID *uidStage = new MUID();[/code]

    [code]//0x1A4 uidChar
    //0x1AC uidChannel
    //0x1B4 uidStage

    //ZGetGameClient
    DWORD ZGetGameClientClassPointer(const int OffsetBit){
    DWORD result;

    _asm{
    mov eax, ZGetGameClientSignatureOffset
    call eax
    add eax, OffsetBit
    mov eax, dword ptr ds:[eax]
    mov result, eax
    }

    return result;
    }[/code]

    Example of use without Assembly:
    [code]if(GetAsyncKeyState(0x60) < 0){
    uidChar->High = 0; //Could be ZGetGameClientClassPointer(0x1A0), but it's always 0
    uidChar->Low = ZGetGameClientClassPointer(0x1A4);
    int nItemID = 201;
    float pos[3];
    GetPosition(pos);
    ZPostRequestSpawnWorldItem(uidChar, nItemID, pos);
    }[/code]

    This is what I have so far with Assembly:
    [code]_asm{
    pushad
    mov eax, ZGetGameClientSignatureOffset
    call eax
    mov eax, dword ptr ds:[eax+0x1A0]
    push eax
    mov eax, dword ptr ds:[eax+0x1A4]
    push eax
    push 201
    mov eax, ZGetGameSignatureOffset
    call eax
    mov ecx, dword ptr ds:[eax+0x4C]
    mov eax, EncryptionSignatureOffset
    call eax
    push eax
    mov eax, ZPostRequestSpawnWorldItemSignatureOffset
    call eax
    pop eax
    pop eax
    popad
    }[/code]

    I'm just not sure when I am supposed to pop, or if I'm even doing this right. Any idea how I could get this to work?
  • IDKIDK Member Posts: 1,784
    :
    : Example of use without Assembly:
    : [code]: if(GetAsyncKeyState(0x60) < 0){
    : uidChar->High = 0; //Could be ZGetGameClientClassPointer(0x1A0), but it's always 0
    : uidChar->Low = ZGetGameClientClassPointer(0x1A4);
    : int nItemID = 201;
    : float pos[3];
    : GetPosition(pos);
    : ZPostRequestSpawnWorldItem(uidChar, nItemID, pos);
    : }[/code]:
    :
    : This is what I have so far with Assembly:
    : [code]: _asm{
    : pushad
    : mov eax, ZGetGameClientSignatureOffset
    : call eax
    : mov eax, dword ptr ds:[eax+0x1A0]
    : push eax
    : mov eax, dword ptr ds:[eax+0x1A4]
    : push eax
    : push 201
    : mov eax, ZGetGameSignatureOffset
    : call eax
    : mov ecx, dword ptr ds:[eax+0x4C]
    : mov eax, EncryptionSignatureOffset
    : call eax
    : push eax
    : mov eax, ZPostRequestSpawnWorldItemSignatureOffset
    : call eax
    : pop eax
    : pop eax
    : popad
    : }[/code]:
    :
    : I'm just not sure when I am supposed to pop, or if I'm even doing
    : this right. Any idea how I could get this to work?
    :

    That depends on the funcs...

    And are the two above snippets sopposed to be ekvivalent? Becouse they're not.
  • PhunPhun Member Posts: 9
    Are they what? If you meant equivalent then yes, and they are, excluding the conditional statement. I just need to know when and what I am supposed to pop.
«1
Sign In or Register to comment.