Jump to content
Heads Up! This website is no longer maintained, if your a member from our era, consider joining the discord to say hello.
Sign in to follow this  
Followers 0

Ive Found Text Out Function, Help

By ZoneMikel, in Tutorials

Recommended Posts

ZoneMikel    0

ZoneMikel
Posted

Game: Shadobane

my language: VC++ (dll injection)

 

Ok i found the text out function using ollydbg (i belive). Its really hard to mess with because when you set a bp on it it pops almost automatically. It seems to be sending commands to the server and other stuff. I wrote some code that i *thought* would print to the screen and i can see the text go through the same registers but nothing prints on the screen.

 

If somone could please help, im sure you all know that the text out is just one part of the program. And ive got tons of other parts to build. If i cant find the text out ill have to use msgboxes .. yuk !

msgbox("farmbot disabled") it would be much better if i could figure out how to use this function.

 

here are my findings

 

;this is a few step out ups its the first thing i thought was the text out function

00544200 /> 55 PUSH EBP

00544201 |. 8BEC MOV EBP,ESP

00544203 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]

00544206 |. 56 PUSH ESI

00544207 |. 8BF1 MOV ESI,ECX

00544209 |. 50 PUSH EAX

0054420A |. FF15 6C10AB01 CALL DWORD PTR DS:[<&Core.??0String@core>; Core.??0String@core@@QAE@PBD@Z

;there is always neat stuff like this in the register when i bp on the above function but it breaks constantly

;with info

EAX 0414F038 ASCII "Read Message: Move"

EAX 016CCC10 ASCII "!TITLE!"

EAX 0012FB74 ASCII "55/55" <--- stam or mana

EAX 0173E98C ASCII "DataField:ExpNeeded"

EAX 0173F218 ASCII "HUDText:NothingSelected"

EAX 0012E5C8 ASCII "HUDMessage:Attempting to Log into Server..."

; it seamed like it was sending commands and text, but the text and everything goes through it

 

 

;so i got discouraged and found this function that makes a window pop up with the text in it

; this creates a window with Attempting to log into server while you log in.

00B8865B |. 8A86 81000000 MOV AL,BYTE PTR DS:[ESI+81]

00B88661 |. BF 01000000 MOV EDI,1

00B88666 |. 3AC3 CMP AL,BL

00B88668 |. 897D FC MOV DWORD PTR SS:[EBP-4],EDI

00B8866B |. 74 4E JE SHORT sb.00B886BB

00B8866D |. 68 D0637501 PUSH sb.017563D0 ; ASCII "Attempting To Log Into Server..."

00B88672 |. 8D4D D8 LEA ECX,DWORD PTR SS:[EBP-28]

00B88675 |. 889E 80000000 MOV BYTE PTR DS:[ESI+80],BL

00B8867B |. E8 A01789FF CALL sb.00419E20 <---- this is were we would call

;so i tried to duplicate the code, i can see my text string go through but nothing displays on the screen

 

// c++ code 
void HackFunctions::SBScreenPrint(char* text)
{
__asm{
MOV AL,BYTE PTR DS:[ESI+81]
MOV EDI,1
CMP AL,BL
MOV DWORD PTR SS:[EBP-4],EDI
;JE SHORT 0x00B886BB
PUSH text				   
LEA ECX,DWORD PTR SS:[EBP-28]
MOV BYTE PTR DS:[ESI+80],BL
CALL DWORD PTR [SBPrintText] <--- this is 00419E20 from the call
}
}

 

if you want to read a ton of notes look at the attached .txt there is a pattern to the text that is sent in the registers. I just cant grasp how to use it to my own ends since its not a simple "text out" sort of thing its like a command based port ?

texttoscreen.txt

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Tutorials
×