Jump to content
Moopler
  • 0
Lux

Question Updating Auto CC Script

Question

I'm trying to update this auto CC script and then would have shared it on here but I'm struggling as I don't think all the AOBs are there, either that or I'm just doing something wrong, here's the original script;

 

[Enable] //need to update Pointer
alloc(autoCC,1024)
alloc(time,1024)
alloc(timecheck,1024)
alloc(storetime,1024)
alloc(storepeople,1024)
registersymbol(autoCC)
registersymbol(time)
registersymbol(storetime)
registersymbol(storepeople)

label(DoCC)
label(Breathing)
label(orig)
label(doswitch)

autoCC:
add [time],1
pushad
mov edx,[00AA3ACC] // People Counter Pointer
mov edx,[edx+18] // Offset
cmp edx,[storepeople]
jg Breathing
jmp timecheck

timecheck:
mov eax,[storetime]
cmp [time],eax
jg Breathing
mov ebp,[00A9F438] //Tubi Pointer <NEED UPDATE
mov [ebp+209C],0 //Tubi Offset
jmp orig

Breathing:
mov ecx,[00AA3AB8] // Character Pointer
cmp [ecx+54c],0  //No Breathe Offset
je DoCC
mov ebp,[00AA3AB8] // CHARACTER POINTER
mov [ebp+209C],1 //Tubi Offset
jmp orig

DoCC:
mov [time],0
mov ebp,[00AA3AB8]  // Character Pointer
mov [ebp+209C],0 //Tubi Offset
mov ebx,[00A9F438] //Channel Pointer
mov ebx,[ebx+2058]  //Channel Offset
cmp ebx,A
jne doswitch
push 1
call 00514A03 // CC func' B8 ? ? ? 00 E8 ? ? ? 00 83 EC ? 56 8B 35 ? ? ? 00 57 33 ff 57 68
jmp orig

doswitch:
inc ebx
push ebx
call 00514A03 //B8 ? ? ? 00 E8 ? ? ? 00 83 EC ? 56 8B 35 ? ? ? 00 57 33 ff 57 68
jmp orig

orig:
popad
mov eax,[eax+000009b4] //Original Opcode
jmp 007F4042 //Bottom Address 

007F403C: //8B 80 ? ? ? ? 83 F8 ? 74 ? 83 F8 ? 74 ? 39
jmp autoCC
nop

time:
dd 00

storetime:
dd 3E8

storepeople:
dd 00

[disable]
007F403C: //8B 80 ? ? ? ? 83 F8 ? 74 ? 83 F8 ? 74 ? 39
mov eax,[eax+000009B4]
dealloc(autoCC)
dealloc(time)
dealloc(timecheck)
dealloc(storetime)
dealloc(storepeople)
unregistersymbol(autoCC)
unregistersymbol(storetime)
unregistersymbol(time)
unregistersymbol(storepeople)

 

Share this post


Link to post

2 answers to this question

Recommended Posts

  • 1

Have you updated the pointer yet? Else the auto cc might work, but the trigger doesn't.

Edit: I figured you need some help on updating pointers so here we go.

Pointer updating

Let's say we want to create an AoB for CUserLocal.m_pInstance (CharpIDBase). The pointer address of v115.1 is: 0x0198438C. As a pointer address isn't part of a function, it's not realy a good idea to make an AoB for this address, instead we have to make an AoB for an address that's using this pointer:

Rjmz1tF.png

As we can see here this instruction moves the value of our pointer to the ecx register. What this effectively means isn't really necessary for now, instead let's focus on creating an AoB.

Our address 004C8528 can easily be AoB'd and will always give us the address of the pointer we want to update. The AoB for this will look something like this:

8B 0D ? ? ? ? 50 E8 ? ? ? ? 8B ? 85 ? 74 ? 8B ? ? 8B

The question marks indicate that the byte on that position in the array of bytes can be anything (that's the whole point of updating scripts and pointers).

I know this is a short writeup and I probably made some wrong assumptions, but this is how it's generally done.

Edited by Razz
  • Like 5

Share this post


Link to post
  • 0

have you been able to update it? i was trying to make it work for v62, but i cant find the tubi pointer ( most of other stuff are probably wrong too )

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×