Help converting AOB to pointer on CoSMOS Gamehacking Tool Message Board - Page 1

opticalip · 2/27/2022

I am pretty new to script making and so far can nop pretty well but am lost at how to convert my AOB

TIER 7

opticalip posted on Feb 27, 2022 6:47:50 AM - Report post

I am pretty new to script making and so far can nop pretty well but am lost at how to convert my AOBScans to pointers or smart addresses or do anything other then nop's

Started playing Monark yesterday and found the address for attack ranges but would like some help making a script so they can be automatically found, if you can point me in the right direction to learn I would very much appreciate it.

----

Hopefully this can help someone as well, I found the entry that changes the range of attacks for controlled char but I dont know how to automatically convert it to a script/smart address correctly.

[code]
MONARK.exe.text+1C5F0A - 0F11 43 40 - movups [rbx+40],xmm0
[/code]

If you see what writes to it, +12 bytes from there will be the range value
+14 is width for the cone shaped ones

[img]img.jremi.com/selif/ga4agsk9.png[/img]

Char 2 -

Also if anyone can point me in the right direction on learning how to do that, I would be very thankful

---

Also here is a script I made to stop the MAD from increasing when roaming in the mist

Here is a script to disable the MAD from increasing for all party members

[code]
{ Game : MONARK.exe
Version:
Date : 2022-02-25
Author : JRemi

This script does blah blah blah
}

[ENABLE]

aobscanmodule(INJECT,MONARK.exe,89 51 10 85 D2) // should be unique
alloc(newmem,$1000,INJECT)

label(code)
label(return)

newmem:

code:
nop 3
jmp return

INJECT:
jmp newmem
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
db 89 51 10 85 D2

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: MONARK.exe.text+13C110

MONARK.exe.text+13C0EF: CC - int 3
MONARK.exe.text+13C0F0: 89 51 30 - mov [rcx+30],edx
MONARK.exe.text+13C0F3: 83 FA 01 - cmp edx,01
MONARK.exe.text+13C0F6: 7D 08 - jnl MONARK.exe.text+13C100
MONARK.exe.text+13C0F8: C7 41 30 01 00 00 00 - mov [rcx+30],00000001
MONARK.exe.text+13C0FF: C3 - ret
MONARK.exe.text+13C100: 81 FA 0F 27 00 00 - cmp edx,0000270F
MONARK.exe.text+13C106: 7E 07 - jle MONARK.exe.text+13C10F
MONARK.exe.text+13C108: C7 41 30 0F 27 00 00 - mov [rcx+30],0000270F
MONARK.exe.text+13C10F: C3 - ret
// ---------- INJECTING HERE ----------
MONARK.exe.text+13C110: 89 51 10 - mov [rcx+10],edx
// ---------- DONE INJECTING ----------
MONARK.exe.text+13C113: 85 D2 - test edx,edx
MONARK.exe.text+13C115: 79 08 - jns MONARK.exe.text+13C11F
MONARK.exe.text+13C117: C7 41 10 00 00 00 00 - mov [rcx+10],00000000
MONARK.exe.text+13C11E: C3 - ret
MONARK.exe.text+13C11F: 83 FA 64 - cmp edx,64
MONARK.exe.text+13C122: 7E 07 - jle MONARK.exe.text+13C12B
MONARK.exe.text+13C124: C7 41 10 64 00 00 00 - mov [rcx+10],00000064
MONARK.exe.text+13C12B: C3 - ret
MONARK.exe.text+13C12C: CC - int 3
MONARK.exe.text+13C12D: CC - int 3
}
[/code]