GH_Rake
New member
Different tools generate different signatures, IDA plugins, Cheat engine plugins, x64dbg, ollydbg etc...
Whenever you're signature scanning you use a pattern and a mask but who doesn't enjoy the convenience of using them combined in one string?
Trouble is that the tools generate different types of sigs. So I wrote this function.
Give it a combo pattern and it will give you the pattern and mask.
It accepts combos matching all wildcards I've seen, ?, ??, * & **
Such as:
And I call it like so in one of my pattern scan wrappers:
How to use C syntax highlighting on this board? I only see General/HTML/PHP as options...
Whenever you're signature scanning you use a pattern and a mask but who doesn't enjoy the convenience of using them combined in one string?
Trouble is that the tools generate different types of sigs. So I wrote this function.
Give it a combo pattern and it will give you the pattern and mask.
It accepts combos matching all wildcards I've seen, ?, ??, * & **
Such as:
Code:
"* C2 85 C0 7E * 8B D0 E8"
"? C2 85 C0 7E ? 8B D0 E8"
"?? C2 85 C0 7E ?? 8B D0 E8"
"** C2 85 C0 7E ** 8B D0 E8"
C:
void Parse(char* combo, char* pattern, char* mask)
{
char lastChar = ' ';
unsigned int j = 0;
for (unsigned int i = 0; i < strlen(combo); i++)
{
if ((combo[i] == '?' || combo[i] == '*') && (lastChar != '?' && lastChar != '*'))
{
pattern[j] = mask[j] = '?';
j++;
}
else if (isspace(lastChar))
{
pattern[j] = lastChar = (char)strtol(&combo[i], 0, 16);
mask[j] = 'x';
j++;
}
lastChar = combo[i];
}
pattern[j] = mask[j] = '\0';
}And I call it like so in one of my pattern scan wrappers:
C:
char* Mod(char* combopattern, Module* module)
{
char pattern[100];
char mask[100];
Parse(combopattern, pattern, mask);
ScanModule(pattern, mask, module);
}How to use C syntax highlighting on this board? I only see General/HTML/PHP as options...
