scripting, running function from app on delta

Question

scripting, running function from app on delta

amlwwalker opened this issue 8 years ago · 1 comments

Hi,
I am learning about the scripting capabilities of Bit-Slicer, I wondered if you might be able to help with a few questions

Can you use the import bitslicer independently of Bit Slicer - i.e can you write standalone python apps that use the bitslicer library?
I am hacking away at Doom (the 90s shooter), I have found the function that fires the pistol usint Bit-Slicer, and the address where its at, and therefore the assembly code. In a script I now want the gun to continously fire:

    def execute(self, deltaTime):
        #fire gun continuously by calling the function in memory

I have extracted both the assembly code, and the HEX directly from the memory viewer. What would be cool is to take that hex code and drop it into a function in python, inside the execute function. Is there a way to do that, or is there a way in Python to call a function at a memory address?

P.S My hex code from the memory viewer of the fire_pistol function looks like:

CC 89 E5 56 53 83 EC 10 8B 75 08 E8 00

and the assembly code I extracted from the debugger looks like:

push ebp    55
mov ebp, esp    89 E5
push esi    56
push ebx    53
sub esp, 0x10   83 EC 10
...
pop ebx 5B
pop esi 5E
leave   C9
jmp 0x3d320 E9 EC FE FF FF

Just for kicks, I tried to inject the assembly code as a hook when the gun was actually fired, to see if it fired twice. The hook failed as the assembly code apparently had a syntax error. My knowledge of assembly is very small.....

Thanks!

Answer 1 · 2016-08-15T22:36:55.000Z

Can you use the import bitslicer independently of Bit Slicer - i.e can you write standalone python apps that use the bitslicer library?

Unfortunately not possible. The scripting is pretty heavily coupled with the application.

I have extracted both the assembly code, and the HEX directly from the memory viewer. What would be cool is to take that hex code and drop it into a function in python, inside the execute function. Is there a way to do that, or is there a way in Python to call a function at a memory address?

This is not possible from the outside, directly. You may have to inject code in the process that executes the function, and have the game execute the code you injected. You may want to inject the code in a spot that the game executes frequently.

Have you verified that this function actually fires the pistol? Maybe you can try breaking on the function using the debugger, change the instruction pointer (aka "Jump to Instruction") back to before it's invoked (after it's been invoked once), and verify if it fires twice?

(For what it's worth, the code to Doom might be open source).