Scribd
Upload
5 views6 pages

Memory Manipulation Script for Game

The document contains assembly code that modifies memory offsets and pointers to redirect execution flow. It gets the offsets of labels, sets 4-byte relative offsets in memory to point to other addresses, and protects modified memory using virtual protection. The code checks for key presses and weapon state before modifying offsets and protection to potentially enable an aimbot or triggerbot behavior.

Uploaded by

juansitogamer78
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
5 views6 pages

Memory Manipulation Script for Game

The document contains assembly code that modifies memory offsets and pointers to redirect execution flow. It gets the offsets of labels, sets 4-byte relative offsets in memory to point to other addresses, and protects modified memory using virtual protection. The code checks for key presses and weapon state before modifying offsets and protection to potentially enable an aimbot or triggerbot behavior.

Uploaded by

juansitogamer78
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

{$CLEO .

cs}
0000: NOP
05E5: 0@ = game_version
if
0@ <> 0
then
jump @here
end

05DF: write_memory 0x4CB63D size 1 value 0xE9 virtual_protect 1


05F5: call_scm_func @getLabelOffset 1 label @middle store_to 5@
05F5: call_scm_func @setMemOffset 3 memory 0x4CB63E pointing_to 5@ virtual_protect
1
5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4D48E0 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @start store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6BA0 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @start2 store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6BA0 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @end store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4CB642 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @end2 store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4CB642 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @start store_to 5@


5@ += 0x1

9@ = 6
9@ *= 2
9@ += 0x6F0360

10@ = 17
10@ *= 2
10@ += 0x6F0360
while true
wait 0
//05E6: 13@ = actor $player_actor struct

//01E5: show_text_1number_highpriority GXT 'AMMO' number 13@ time 1 flag 1 //


~s~You need $~1~ to compete.

05E0: 0@ = read_memory 0x55C380 size 4 virtual_protect 1


05E0: 1@ = read_memory 0x006F1E60 size 1 virtual_protect 1
05E0: 2@ = read_memory 0x006F1E61 size 1 virtual_protect 1 //rmb
if and
1@ == 0
2@ <> 0 //00E1: player 0 pressed_key 6 //Aim key
80E0: not player $PLAYER_CHAR driving
then
if and
82D7: not player $PLAYER_CHAR currentweapon == 1
82D7: not player $PLAYER_CHAR currentweapon == 7
82D7: not player $PLAYER_CHAR currentweapon == 8
82D7: not player $PLAYER_CHAR currentweapon == 10
82D7: not player $PLAYER_CHAR currentweapon == 11
82D7: not player $PLAYER_CHAR currentweapon == 12
then
05DF: write_memory 0x004F1F43 size 1 value 0x84 virtual_protect 1
//05DF: write_memory 0x4CB63E size 4 value 0x0001AA6E virtual_protect 1
05DF: write_memory 10@ size 2 value 0xFF virtual_protect 1
05DF: write_memory 9@ size 2 value 0x00 virtual_protect 1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E60B0
virtual_protect 1
6@ = true
17@ = 0
end
else
if and
80E0: not player $PLAYER_CHAR driving
6@ == true
then
05DF: write_memory 0x004F1F43 size 1 value 0x85 virtual_protect 1
//05DF: write_memory 0x4CB63E size 4 value 0x0001B55E virtual_protect 1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6BA0
virtual_protect 1
6@ = false
//05DF: write_memory 0x0055C380 size 4 value 0x550008C2 virtual_protect 1
0054: store_player $PLAYER_CHAR position_to 7@ 8@ 16@
0211: actor $PLAYER_ACTOR walk_to 7@ 8@
if 17@ > 1000
then
//05DF: write_memory 0x0055C380 size 4 value 0x55575653 virtual_protect 1
end
end

if and
1@ <> 0
2@ <> 0
then
//05DF: write_memory 0x0055C380 size 4 value 0x55575653 virtual_protect 1
05DF: write_memory 9@ size 2 value 0x00 virtual_protect 1
end

if and
0@ <> 0x55575653
00E1: player 0 pressed_key 17 //fire
then
//05DF: write_memory 0x0055C380 size 4 value 0x55575653 virtual_protect 1
end

end
end
:middle
hex
E8 00000000 //- call 004D48E0 //CPED::ISPLAYER
84 C0 //- test al,al
74 0A //- je ***
end

:start
hex
E8 00000000 //- call 004E6BA0
end
:end2
hex
E9 00000000 //- jmp 004CB642
end

:start2
hex
E8 00000000 //- call 004E6BA0
end

:end
hex
E9 00000000 //- jmp 004CB642
end

:here
05DF: write_memory 0x4CB6DD size 1 value 0xE9 virtual_protect 1
05F5: call_scm_func @getLabelOffset 1 label @middle store_to 5@
05F5: call_scm_func @setMemOffset 3 memory 0x4CB6DE pointing_to 5@ virtual_protect
1
5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4D4980 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @start store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6C50 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @start2 store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6C50 virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @end store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4CB63C virtual_protect
1

05F5: call_scm_func @getLabelOffset 1 label @end2 store_to 5@


5@ += 0x1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4CB63C virtual_protect
1
05F5: call_scm_func @getLabelOffset 1 label @start store_to 5@
5@ += 0x1

9@ = 6
9@ *= 2
9@ += 0x6F0360

10@ = 17
10@ *= 2
10@ += 0x6F0360
while true
wait 0
//05E6: 13@ = actor $player_actor struct

//01E5: show_text_1number_highpriority GXT 'AMMO' number 13@ time 1 flag 1 //


~s~You need $~1~ to compete.

//05E0: 0@ = read_memory 0x55C380 size 4 virtual_protect 1


05E0: 1@ = read_memory 0x006F1E60 size 1 virtual_protect 1
05E0: 2@ = read_memory 0x006F1E61 size 1 virtual_protect 1 //rmb
if and
1@ == 0
2@ <> 0 //00E1: player 0 pressed_key 6 //Aim key
80E0: not player $PLAYER_CHAR driving
then
if and
82D7: not player $PLAYER_CHAR currentweapon == 1
82D7: not player $PLAYER_CHAR currentweapon == 7
82D7: not player $PLAYER_CHAR currentweapon == 8
82D7: not player $PLAYER_CHAR currentweapon == 10
82D7: not player $PLAYER_CHAR currentweapon == 11
82D7: not player $PLAYER_CHAR currentweapon == 12
then
05DF: write_memory 0x004F1FF2 size 1 value 0x84 virtual_protect 1
//05DF: write_memory 0x4CB63E size 4 value 0x0001AA6E virtual_protect 1
05DF: write_memory 10@ size 2 value 0xFF virtual_protect 1
05DF: write_memory 9@ size 2 value 0x00 virtual_protect 1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6160
virtual_protect 1
6@ = true
17@ = 0
end
else
if and
80E0: not player $PLAYER_CHAR driving
6@ == true
then
05DF: write_memory 0x004F1FF2 size 1 value 0x85 virtual_protect 1
//05DF: write_memory 0x4CB63E size 4 value 0x0001B55E virtual_protect 1
05F5: call_scm_func @setMemOffset 3 memory 5@ pointing_to 0x4E6C50
virtual_protect 1
6@ = false
//05DF: write_memory 0x0055C380 size 4 value 0x550008C2 virtual_protect 1
0054: store_player $PLAYER_CHAR position_to 7@ 8@ 16@
0211: actor $PLAYER_ACTOR walk_to 7@ 8@
if 17@ > 1000
then
//05DF: write_memory 0x0055C380 size 4 value 0x55575653 virtual_protect 1
end
end

if and
1@ <> 0
2@ <> 0
then
//05DF: write_memory 0x0055C380 size 4 value 0x55575653 virtual_protect 1
05DF: write_memory 9@ size 2 value 0x00 virtual_protect 1
end

/*if and
0@ <> 0x55575653
00E1: player 0 pressed_key 17 //fire
then
//05DF: write_memory 0x0055C380 size 4 value 0x55575653 virtual_protect 1
end */

end
end

{
FUNCTIONS INCLUDED:

- getMemOffset
Type: GET
Description: Get the relative offset of a memory pointing to a specific
address.

- setMemOffset
Type: GET
Description: Set a 4-byte relative offset of a memory pointing to a
specific address with virtual protection.
}

:getMemOffset
{
Parameters:
Passed:
0@ - memory pointer
1@ - memory to point
Result:
1@ - memory offset

Example:
05F5: call_scm_func @getMemOffset 2 memory 0x0 pointing_to 0x0 store_to 1@
}
0@ += 0x4
000E: 1@ -= 0@
05F6: ret 1 1@

:setMemOffset
{
Parameters:
Passed:
0@ - memory pointer
1@ - memory to point
2@ - virtual protection
Result:
none

Example:
05F5: call_scm_func @setMemOffset 3 memory 0x0 pointing_to 0x0 virtual_protect
0
}
05F5: call_scm_func @getMemOffset 2 memory 0@ pointing_to 1@ store_to 3@
05DF: write_memory 0@ size 4 value 3@ virtual_protect 2@
05F6: ret 0

:getLabelOffset
{ Example:
05F5: call_scm_func @getLabelOffset 1 label @lbl store_to 0@
}
if
0@ <> 0
then
05EC: 1@ = current_thread_pointer
1@ += 0x98
05E0: 1@ = read_memory 1@ size 4 virtual_protect 0
000C: 1@ -= 0@
else
1@ = 0
end
05F6: ret 1 1@

You might also like