Jump to content
  • 0

gg.allocatePage code help


DARK_DEMON_SCRIPTER
 Share

Question

9 answers to this question

Recommended Posts

  • 0
5 hours ago, DARK_DEMON_SCRIPTER said:

Hi guys I want to know about this code gg.allocatePage() I didn't understand how to use this ūüôā pls help me

It allows you to allocate a new page in the target processes. You can write code to the page for a hook, or data or anything. What are you looking to do?

Link to comment
Share on other sites

  • 0
8 minutes ago, darklinux said:

It allows you to allocate a new page in the target processes. You can write code to the page for a hook, or data or anything. What are you looking to do?

I think he is just curious.

Link to comment
Share on other sites

  • 0
41 minutes ago, darklinux said:

It allows you to allocate a new page in the target processes. You can write code to the page for a hook, or data or anything. What are you looking to do?

Hmm, never used it but it looks useful. How you mean for a hook? Can you explain? Would be appreciated.

Link to comment
Share on other sites

  • 0
On 6/22/2022 at 2:05 PM, Platonic said:

Hmm, never used it but it looks useful. How you mean for a hook? Can you explain? Would be appreciated.

If you wanted to hook a function to change values, or call thread specific functions.

  • allocate new page
  • write shell code to page
  • write hook to target function

GG does something like this for speed hacks, but they load a shared library and not shell code.

I have used this method to send packets on a specific game play trigger. Lots of fun and powerful but you start to get into native hacks real quick. I wish GG supported hooks and more native stuff.

Edited by darklinux
Link to comment
Share on other sites

  • 0
19 minutes ago, darklinux said:

If you wanted to hook a function to change values, or call thread specific functions.

  • allocate new page
  • write shell code to page
  • write hook to target function

GG does something like this for speed hacks, but they load a shared library and not shell code.

I have used this method to send packets on a specific game play trigger. Lots of fun and powerful but you start to get into native hacks real quick. I wish GG supported hooks and more native stuff.

Hmm i see. All this is done in Lua?

Link to comment
Share on other sites

  • 0
24 minutes ago, Platonic said:

Hmm i see. All this is done in Lua?

Not the shell code part, that's why I wish GG supported hooks. GG would handle the allocation and hooking, and then passes the values to lua. GG is currently external, so it would be a drastic change. I have implemented my own hooking library for lua, so it can be done.

 

Hook example,

hookFun = function(x)
    return x * 2
end

-- address
-- lua hook function
-- arg sizes array
-- return arg size
-- return or complete function (ret, complete)
gg.hook(offset + base, hookFun, [TYPE_DWORD], TYPE_DWORD, HOOK_RET)

 

Native call example

-- address
-- name
-- arg sizes array
-- return arg size
gg.regsiterNative(offset + base, 'sendPacket', [TYPE_DWORD, TYPE_DWORD], TYPE_DWORD)

function StopFalling()
    packetStopFallingId = 154
    return sendPacket(packetStopFallingId, 1) == 1
end
Edited by darklinux
Link to comment
Share on other sites

  • 0
14 hours ago, DARK_DEMON_SCRIPTER said:

Guys can I get any tutorials for it pls

https://gameguardian.net/help/classgg.html#a15e72eaba99c1eadac1ccdeb8e2b5009
Has some good info
 

I would use a site like https://godbolt.org/

I'm using ARM64 gcc trunk

You can write some c++ code like,

int square(int num) {
    return num * num;
}

and get asm for it

sub     sp, sp, #16
str     w0, [sp, 12]
ldr     w0, [sp, 12]
mul     w0, w0, w0
add     sp, sp, 16
ret

 

then use something like http://shell-storm.org/online/Online-Assembler-and-Disassembler/

I'm using AArch64

This will take your asm and convert it to byte code

"\xff\x43\x00\xd1\xe0\x0f\x00\xb9\xe0\x0f\x40\xb9\x00\x7c\x00\x1b\xff\x43\x00\x91\xc0\x03\x5f\xd6"

 

You will need to write your own functions, but something like this,

local shell_code = "\xff\x43\x00\xd1\xe0\x0f\x00\xb9\xe0\x0f\x40\xb9\x00\x7c\x00\x1b\xff\x43\x00\x91\xc0\x03\x5f\xd6"
local shell_address = gg.allocatePage(gg.PROT_READ | gg.PROT_WRITE | gg.PROT_EXEC)
local result = hook(offset + base, shell_code, shell_address)

 

I would recommend reading over this project,

GGInjector (#9c9qcq9g)

 

Edited by darklinux
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.