search

m417z / Multiline-Ultimate-Assembler

A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compiled executable functionality.
https://ramensoftware.com/multimate-assembler
GNU General Public License v3.0
113 stars 22 forks source link

Please add Cheat Engine like code cave management. #1

Open Spamm00r opened 1 year ago

Spamm00r commented 1 year ago

Please see the discussion here:

https://github.com/x64dbg/x64dbg/issues/729

Adding Cheat Engine like code cave management would make this plugin perfect. I'm imagining a option to specify the address range of the codecave and let the plugin write the new code in this codecave automatically. This will solve the problem of tracking the addresses and code inside the code cave which makes working with code caves at some point complex and which is a key advantage of Cheat Engine over x64dbg.

m417z commented 1 year ago

I'm not familiar with Cheat Engine's code cave management, and I'm not sure I understand the feature request. You can allocate code at address X and write code like:

<X>
  ; ...
  cmp eax, ecx
  jne @label1
  ; ...
@label1:
  ; ...

Then, if you need to restart the process, you can allocate code at a new address, Y, then change X to Y in the code, and assemble the code again. It might be nice to have the allocation and the replacement automated, but as far as I understand that's not what you're suggesting.

cexer commented 1 year ago

I'm not familiar with Cheat Engine's code cave management, and I'm not sure I understand the feature request. You can allocate code at address X and write code like:

<X>
  ; ...
  cmp eax, ecx
  jne @label1
  ; ...
@label1:
  ; ...

Then, if you need to restart the process, you can allocate code at a new address, Y, then change X to Y in the code, and assemble the code again. It might be nice to have the allocation and the replacement automated, but as far as I understand that's not what you're suggesting.

It would be greate to have the allocation and the replacement automated, please add this feature. I can't find a easy way to find/allocate unused memory space to write code at, It seems these's no tool for this, so have to manual search in code section.

kkqy commented 11 months ago

How to align? align 8 is not working

m417z commented 11 months ago

@kkqy like this. Refer to the help file for more info. Also, please don't post random questions on unrelated issues next time, thanks.

image

Spamm00r commented 11 months ago

I'm not familiar with Cheat Engine's code cave management, and I'm not sure I understand the feature request. You can allocate code at address X and write code like:

<X>
  ; ...
  cmp eax, ecx
  jne @label1
  ; ...
@label1:
  ; ...

Then, if you need to restart the process, you can allocate code at a new address, Y, then change X to Y in the code, and assemble the code again. It might be nice to have the allocation and the replacement automated, but as far as I understand that's not what you're suggesting.

Here is an example of how to use Cheat Engine's code injection: https://youtu.be/Qfts3aGaBk4?t=235

Having the allocation and the replacement automated is exactly what I'm looking for.

I know that it is difficult in a Binary file to find a large enough code cave as it is in memory as CE does, where you can allocate sufficient memory at will.

That's why I suggest to define the code cave section yourself, by for example adding sufficient bytes at the end of the file. All I want from the suggested plugin is to take care where exactly the new code is written at in the newly created code cave. Because after some time It gets difficult to keep track of the different code sections that you added. Especially when you later add or modify the code and you need more bytes for that code than you initially thought would be necessary and you reach the next section of code and would like to move the entire section further down below to make space for the additional code. If you that manually, you have to go back and fix all the jump references to point to that new code address, otherwise they will be pointing to the old addresses where you have now put new code. I need this plugin to take care fo this itself. CE's code cave management solves this problem.

kkqy commented 11 months ago

@kkqy like this. Refer to the help file for more info. Also, please don't post random questions on unrelated issues next time, thanks.

image

I am sorry, I didn't find any document on the website of the plugin before, so I asked this question in this issue because I use cheatengine too. When you mentioned the help "file", I re-downloaded and checked the downloaded zip archive and found that the document was inside it. It was my negligence.Thank you for your help.