Skip to content

Instantly share code, notes, and snippets.

@eur0pa

eur0pa/IsaacRandomCharCount.asm

Created April 14, 2015 10:55
Show Gist options
  • Save eur0pa/1c5afce2c8dbece80948 to your computer and use it in GitHub Desktop.
Save eur0pa/1c5afce2c8dbece80948 to your computer and use it in GitHub Desktop.
Download ZIP
Count random character rolls
Raw
IsaacRandomCharCount.asm
{ Game : isaac-ng.exe
Version:
Date : 2015-04-14
Author : europa
This script does blah blah blah
}
define(address,"isaac-ng.exe"+12B185)
define(bytes,F7 F6 DB 83 40 11 00 00)
[ENABLE]
alloc(counter, 4)
alloc(Isaac, 4)
alloc(Maggie, 4)
alloc(Cain, 4)
alloc(Judas, 4)
alloc(Bluebaby, 4)
alloc(Eve, 4)
alloc(Samson, 4)
alloc(Azazel, 4)
alloc(Lazarus, 4)
alloc(Eden, 4)
alloc(Lost, 4)
registersymbol(counter)
registersymbol(Isaac)
registersymbol(Maggie)
registersymbol(Cain)
registersymbol(Judas)
registersymbol(Bluebaby)
registersymbol(Eve)
registersymbol(Samson)
registersymbol(Azazel)
registersymbol(Lazarus)
registersymbol(Eden)
registersymbol(Lost)
label(cIsaac)
label(cMaggie)
label(cCain)
label(cJudas)
label(cBluebaby)
label(cEve)
label(cSamson)
label(cAzazel)
label(cLazarus)
label(cEden)
label(cLost)
assert(address,bytes)
alloc(newmem,$1000)
label(code)
label(exit)
label(return)
newmem:
code:
div esi
inc [counter]
cmp [counter], FFFFFF
je exit
cmp edx, 0
je cIsaac
cmp edx, 1
je cMaggie
cmp edx, 2
je cCain
cmp edx, 3
je cJudas
cmp edx, 4
je cBluebaby
cmp edx, 5
je cEve
cmp edx, 6
je cSamson
cmp edx, 7
je cAzazel
cmp edx, 8
je cLazarus
cmp edx, 9
je cEden
cmp edx, A
je cLost
cIsaac:
inc [Isaac]
jmp 00CFB17E
cMaggie:
inc [Maggie]
jmp 00CFB17E
cCain:
inc [Cain]
jmp 00CFB17E
cJudas:
inc [Judas]
jmp 00CFB17E
cBluebaby:
inc [Bluebaby]
jmp 00CFB17E
cEve:
inc [Eve]
jmp 00CFB17E
cSamson:
inc [Samson]
jmp 00CFB17E
cAzazel:
inc [Azazel]
jmp 00CFB17E
cLazarus:
inc [Lazarus]
jmp 00CFB17E
cEden:
inc [Eden]
jmp 00CFB17E
cLost:
inc [Lost]
jmp 00CFB17E
exit:
fild dword ptr [ebx+00001140]
jmp return
address:
jmp code
nop
nop
nop
return:
[DISABLE]
address:
db bytes
// div esi
// fild dword ptr [ebx+00001140]
dealloc(newmem)
dealloc(counter)
dealloc(Isaac)
dealloc(Maggie)
dealloc(Cain)
dealloc(Judas)
dealloc(Bluebaby)
dealloc(Eve)
dealloc(Samson)
dealloc(Azazel)
dealloc(Lazarus)
dealloc(Eden)
dealloc(Lost)
unregistersymbol(counter)
unregistersymbol(Isaac)
unregistersymbol(Maggie)
unregistersymbol(Cain)
unregistersymbol(Judas)
unregistersymbol(Bluebaby)
unregistersymbol(Eve)
unregistersymbol(Samson)
unregistersymbol(Azazel)
unregistersymbol(Lazarus)
unregistersymbol(Eden)
unregistersymbol(Lost)
{
// ORIGINAL CODE - INJECTION POINT: "isaac-ng.exe"+12B185
"isaac-ng.exe"+12B16B: 90 - nop
"isaac-ng.exe"+12B16C: 90 - nop
"isaac-ng.exe"+12B16D: 03 F0 - add esi,eax
"isaac-ng.exe"+12B16F: 03 F8 - add edi,eax
"isaac-ng.exe"+12B171: 83 FF 0B - cmp edi,0B
"isaac-ng.exe"+12B174: 0F 8C 46 FF FF FF - jl isaac-ng.exe+12B0C0
"isaac-ng.exe"+12B17A: 3B F2 - cmp edx,edx
"isaac-ng.exe"+12B17C: 74 09 - je isaac-ng.exe+12B187
"isaac-ng.exe"+12B17E: E8 BD F7 F7 FF - call isaac-ng.exe+AA940
"isaac-ng.exe"+12B183: 33 D2 - xor edx,edx
// ---------- INJECTING HERE ----------
"isaac-ng.exe"+12B185: F7 F6 - div esi
"isaac-ng.exe"+12B187: DB 83 40 11 00 00 - fild dword ptr [ebx+00001140]
// ---------- DONE INJECTING ----------
"isaac-ng.exe"+12B18D: 8B 54 95 CC - mov edx,[ebp+edx*4-34]
"isaac-ng.exe"+12B191: 8B 4D FC - mov ecx,[ebp-04]
"isaac-ng.exe"+12B194: 89 55 C8 - mov [ebp-38],edx
"isaac-ng.exe"+12B197: DC 3D 38 E7 DA 00 - fdivr qword ptr [isaac-ng.exe+1DE738]
"isaac-ng.exe"+12B19D: 5F - pop edi
"isaac-ng.exe"+12B19E: 33 CD - xor ecx,ebp
"isaac-ng.exe"+12B1A0: 89 53 18 - mov [ebx+18],edx
"isaac-ng.exe"+12B1A3: 5E - pop esi
"isaac-ng.exe"+12B1A4: DD 05 30 E7 DA 00 - fld qword ptr [isaac-ng.exe+1DE730]
"isaac-ng.exe"+12B1AA: D8 F9 - fdivr st(0),st(1)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment