Skip to content

Instantly share code, notes, and snippets.

@LuxXx
Created February 14, 2017 15:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save LuxXx/565d9c6dd91d7674594f4b5b9437a19e to your computer and use it in GitHub Desktop.
Save LuxXx/565d9c6dd91d7674594f4b5b9437a19e to your computer and use it in GitHub Desktop.
An x86 ASM Injector for SA:MP in AutoHotKey, 0.3.7 Version
Gui, Show, x50 y50 h250 w500, SA:MP ASM Injector by David_Luchs
Gui, Add, Text,, Press F11 ingame to inject or restore a ASMCodeObject
#include SAMP.ahk
#SingleInstance, Force
global windowNameOfSAMP := "GTA:SA:MP"
global nameOfSAMPDLL := "samp.dll"
global ASMCodeObject := {} ; easily add new cheats here
global sampDLL := GetAdressOfDLLByWindowName(windowNameOfSAMP, nameOfSAMPDLL)
ASMCodeObject[1] := Object("name", "name", "address", sampDLL + 0x70F1A , "newInstruction", "9090909090", "origInstruction", "E8B1AD0300", "description", "You can see names through walls") ;0.3.7 tested
ASMCodeObject[2] := Object("name", "hp", "address", sampDLL + 0x6FE0A , "newInstruction", "9090909090", "origInstruction", "E8C1BE0300", "description", "You can see hp through walls") ;0.3.7 tested
ASMCodeObject[3] := Object("name", "namer", "address", sampDLL + 0x70E24 , "newInstruction", "909090909090", "origInstruction", "0F8A71010000", "description", "You can see names to streaming range") ;0.3.7 tested
ASMCodeObject[4] := Object("name", "hpr", "address", sampDLL + 0x6FD14 , "newInstruction", "909090909090", "origInstruction", "0F8A50010000", "description", "You can see hp to streaming range") ;0.3.7 tested
ASMCodeObject[5] := Object("name", "norecoil", "address", 0x740450 , "newInstruction", "90909090909090909090", "origInstruction", "D80D3C8B8500D84C241C", "description", "No Recoil")
ASMCodeObject[6] := Object("name", "unlimitedammo", "address", 0x7428E6 , "newInstruction", "909090", "origInstruction", "FF4E0C", "description", "Unlimited Ammo")
ASMCodeObject[7] := Object("name", "noreload", "address", 0x7428B0 , "newInstruction", "909090", "origInstruction", "894608", "description", "No Reload")
ASMCodeObject[8] := Object("name", "infinitestamina", "address", 0x60A5BA , "newInstruction", "909090", "origInstruction", "D95E18", "description", "Infite Stamina (buggy?)")
ASMCodeObject[9] := Object("name", "antibikefall", "address", 0x4BA3B9 , "newInstruction", "E9A703000090", "origInstruction", "0F84A6030000", "description", "You can't fall from a bike")
ASMCodeObject[10] := Object("name", "nodmgbyweapon", "address", 0x4B3314 , "newInstruction", "909090", "origInstruction", "D8650", "description", "Weapons can't hurt you (might not work)")
ASMCodeObject[11] := Object("name", "nocareject", "address", sampDLL + 0x146E0 , "newInstruction", "C390909090", "origInstruction", "E9D7722700", "description", "You can't be ejected from a car") ; 0.3.7 tested
ASMCodeObject[12] := Object("name", "antifreeze", "address", sampDLL + 0x168E0 , "newInstruction", "C390909090", "origInstruction", "E949F22C00", "description", "You can't be freezed") ; 0.3.7 untested
ASMCodeObject[13] := Object("name", "starteveryengine", "address", sampDLL + 0xB1CB4 , "newInstruction", "C7415001000000C20400", "origInstruction", "894150C20400CCCCCCCC", "description", "All engines are started") ;0.3.7 untested
ASMCodeObject[14] := Object("name", "blur", "address", 0x704E8A , "newInstruction", "E811E2FFFF", "origInstruction", "9090909090", "description", "Speedshift effect on highspeed")
ASMCodeObject[15] := Object("name", "disableanims", "address", sampDLL + 0x16FA0 , "newInstruction", "C3", "origInstruction", "55", "description", "You can't do any animation") ; 0.3.7 tested
ASMCodeObject[16] := Object("name", "enableObjectDraw", "address", sampDLL + 0x69529 , "newInstruction", "909090909090", "origInstruction", "0F84AE000000", "description", "You are in ObjectDraw Mode") ; 0.3.7 tested
F11::
; example code
injectASMCodeObject("name")
injectASMCodeObject("hp")
injectASMCodeObject("namer")
injectASMCodeObject("hpr")
injectASMCodeObject("nocareject")
injectASMCodeObject("starteveryengine")
return
return
GUIclose:
ExitApp
return
writeByteCode(handle, address, byteCodeAsString) {
StringReplace, byteCodeAsString, byteCodeAsString, %A_SPACE%, , All
StringReplace, byteCodeAsString, byteCodeAsString, x, , All
StringReplace, byteCodeAsString, byteCodeAsString, \, , All
byteCodeLen := StrLen(byteCodeAsString)/2
VarSetCapacity(injectInstruction, byteCodeLen, 0)
Loop %byteCodeLen% {
oneByte := SubStr(byteCodeAsString, ((A_INDEX-1)*2)+1, 2)
oneByte := "0x" oneByte
NumPut(oneByte, injectInstruction, A_INDEX-1, "UChar")
}
writeRaw(handle, address, &injectInstruction, byteCodeLen)
}
injectASMCodeObject(name) {
for i, o in ASMCodeObject {
if (o.HasKey("name")) {
if (o.name == name) {
gtaHandle := OpenHandleByName(windowNameOfSAMP)
firstByte := "0x" SubStr(o.newInstruction, 1, 2)
currentByte := IntToHex(Memory_ReadByte(gtaHandle, o.address))
if (currentByte == firstByte){
AddChatMessage("{FF0000}Restored original ASM code of '" name "': {FFA500}" o.description)
writeByteCode(gtaHandle, o.address, o.origInstruction)
} else {
AddChatMessage("{00FF00}Injected custom ASM code of '" name "': {FFA500}" o.description)
writeByteCode(gtaHandle, o.address, o.newInstruction)
}
CloseHandle(gtaHandle)
}
}
}
}
GetAdressByProcessID(pid, DllName) {
VarSetCapacity(me32, 548, 0)
NumPut(548, me32)
snapMod := DllCall("CreateToolhelp32Snapshot", "Uint", 0x00000008, "Uint", pid)
if (snapMod = -1) {
return 0
}
if (DllCall("Module32First", "Uint", snapMod, "Uint", &me32)) {
Loop {
if (!DllCall("lstrcmpi", "Str", DllName, "UInt", &me32 + 32)) {
DllCall("CloseHandle", "UInt", snapMod)
return NumGet(&me32 + 20)
}
}
Until !DllCall("Module32Next", "Uint", snapMod, "UInt", &me32)
}
DllCall("CloseHandle", "Uint", snapMod)
return 0
}
GetAdressOfDLLByWindowName(windowName, DllName) {
WinGet, pid, pid, %windowName%
Return GetAdressByProcessID(pid, DllName)
}
OpenHandleByName(windowName , dwDesiredAccess = 0x1F0FFF) {
WinGet, pid, pid, %windowName%
handle := DllCall("OpenProcess", "Uint", dwDesiredAccess, "int", 0, "int", pid)
return handle
}
CloseHandle(handle) {
DllCall("CloseHandle", "UInt", handle)
}
Memory_ReadByte(process_handle, address) {
VarSetCapacity(value, 1, 0)
DllCall("ReadProcessMemory", "UInt", process_handle, "UInt", address, "Str", value, "UInt", 1, "UInt *", 0)
return, NumGet(value, 0, "Byte")
}
IntToHex(int)
{
CurrentFormat := A_FormatInteger
SetFormat, integer, hex
int += 0
SetFormat, integer, %CurrentFormat%
return int
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment