Different tools generate different signatures, IDA plugins, Cheat engine plugins, x64dbg, ollydbg etc... Whenever you're signature scanning you use a pattern and a mask but who doesn't enjoy the convenience of using them combined in one string? Trouble is that the tools generate different types of sigs. So I wrote this function. Give it a combo pattern and it will give you the pattern and mask. It accepts combos matching all wildcards I've seen, ?, ??, * & ** Such as: Code (Text): "* C2 85 C0 7E * 8B D0 E8" "? C2 85 C0 7E ? 8B D0 E8" "?? C2 85 C0 7E ?? 8B D0 E8" "** C2 85 C0 7E ** 8B D0 E8" Code (C): void Parse(char* combo, char* pattern, char* mask) { char lastChar = ' '; unsigned int j = 0; for (unsigned int i = 0; i < strlen(combo); i++) { if ((combo[i] == '?' || combo[i] == '*') && (lastChar != '?' && lastChar != '*')) { pattern[j] = mask[j] = '?'; j++; } else if (isspace(lastChar)) { pattern[j] = lastChar = (char)strtol(&combo[i], 0, 16); mask[j] = 'x'; j++; } lastChar = combo[i]; } pattern[j] = mask[j] = '\0'; } And I call it like so in one of my pattern scan wrappers: Code (C): char* Mod(char* combopattern, Module* module) { char pattern[100]; char mask[100]; Parse(combopattern, pattern, mask); ScanModule(pattern, mask, module); } How to use C syntax highlighting on this board? I only see General/HTML/PHP as options...
try code=c between the square brackets instead of just "code" I went ahead and changed it for you, but the colors are a little unusual ... change it back if you don't like the results...or I can. nice coding btw.
