Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cheat Engine Forum Index
PostGo back to topic
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sun Feb 28, 2016 11:56 am    Post subject: Custom 'AOB Injection' Templates [ver. 1.3.6]

Installing / requirements :
1.
version 1.3.6 - only CE6.5.1 and above are supported
version 1.3.4 - only CE6.5.1 and above are supported
version 1.3.3 - only CE6.5.1 and above are supported
version 1.2 - CE6.4 and above are supported


2. place it in CE autorun folder.

Usage:
1. open "auto assemble" window
2. in template submenu you will see additional entries
3. click one of them,
4. type the name (it check if it collides with existing names)


Example:
1. you have found two injection points, one for receiveDamageGeneric and one for receiveDamageFromGrenade
2. highlight first address, open "auto assemble" window, choose custom template (e.g. "Alternative AOB")
3. give it a name: Godmode
4. still with the same "auto assemble" window, highlight second address
5. choose again custom template (e.g. "Alternative AOB")
6. give it a name: noGrenadeDamage





You can add your own templates, just update lua file with another entry:

Code:
{
displayName="name for alternative AOB template", -- visible name
submenu="submenu caption",                       -- submenu caption
group=1,                                         -- group, helps arranging menu items
defaultSymbolName="cheatnamehere",               -- default symbol name
templateSections=
[==[
<<INFO>>
<<INFO_END>>

<<ENABLE>>
<<ENABLE_END>>

<<DISABLE>>
<<DISABLE_END>>
]==]
},



Keywords are:
%cheatName%, %authorName%, %processName% - self explainable
%originalCodeLines%, %nopLines%, %originalBytes% - self explainable
%_originalCodeLines%, %_nopLines% - with indent
%db90s% - it will be "db 90 90 90" when %nopLines% contains three "nop"

%CoriginalCodeLines% - commented out version of %originalCodeLines%

%moduleName% - self explainable, if selected instruction is not inside a module, it will be empty

%isModuleScan% - if aob scan is the aobscanmodule, it will contain "module" word, otherwise it will be empty

%searchPattern% - array of byte search pattern

%CmoduleName%, %moduleNameC% - same as %moduleName%, plus it has a comma at the beginning or at the end

%aobAdjust% - sometimes found searchPattern doesn't exactly point to address we need, this will contain adjustment, e.g. "-7" or "+C"

%additionalInfo% - "original code" as a comment (chosen opcode with surrounding lines)

%bracketsRegsOffset% - if the first line of original code (selected instruction) is e.g. "movsxd rax,dword ptr [rax+3C]", it will contain "dword ptr [rax+3C]", otherwise it is empty

%regsOffset% - if the first line is e.g. "movsxd rax,dword ptr [rax+3C]", it will contain "rax+3C", otherwise it is empty

%replacedInstructionsSize% - byte count of all original instructions that are overwritten., e.g. if there are three nops, it will be "8"

%replacedInstructionsSizeHex% - hexadecimal version of above

predprey suggested
"Mono Inject" template and keywords:

%monoAddress% - If mono data collector is active, it returns the methodname+offset. Else it is empty.

%injectAddress% - Hooking point.

keywords added in newer versions:
https://forum.cheatengine.org/viewtopic.php?p=5753247#5753247











With this template:
Code:
<<INFO>>
// Game   : %processName%
// Version:
// Date   :
// Author : %authorName%
<<INFO_END>>

<<ENABLE>>
aobscan%isModuleScan%(aob_%cheatName%,%moduleNameC%%searchPattern%)
registersymbol(aob_%cheatName%)
alloc(newmem_%cheatName%,1024%CmoduleName%)
label(return_%cheatName%)

newmem_%cheatName%:
%originalCodeLines%
  jmp return_%cheatName%

aob_%cheatName%%aobAdjust%:
  jmp newmem_%cheatName%
%nopLines%
return_%cheatName%:
<<ENABLE_END>>

<<DISABLE>>
aob_%cheatName%%aobAdjust%:
  db %originalBytes%

unregistersymbol(aob_%cheatName%)
dealloc(newmem_%cheatName%)
<<DISABLE_END>>




It will generate something like this:
Code:
// Game   : game.exe
// Version:
// Date   :
// Author : mgr.inz.Player
[ENABLE]
aobscanmodule(aob_itemQuantity,game.exe,48 63 40 3C 48 8D 04 03)
registersymbol(aob_itemQuantity)
alloc(newmem_itemQuantity,1024,game.exe)
label(return_itemQuantity)

newmem_itemQuantity:
  movsxd  rax,dword ptr [rax+3C]
  lea rax,[rbx+rax]
  jmp return_itemQuantity

aob_itemQuantity:
  jmp newmem_itemQuantity
  nop
  nop
  nop
return_itemQuantity:
[DISABLE]
aob_itemQuantity:
  db 48 63 40 3C 48 8D 04 03

unregistersymbol(aob_itemQuantity)
dealloc(newmem_itemQuantity)

_________________
Dark Souls II Item Swap and Item List
My Borderlands2 tables

Recent CheatEngine builds


Last edited by mgr.inz.Player on Sun Dec 01, 2019 2:40 pm; edited 27 times in total
Back to top
View user's profile Send private message MSN Messenger
Post reviews:   Approve 2
Author Review
++METHOS
Review: Approve
Post reference:
ReviewPosted: Sun Feb 28, 2016 4:24 pm

I bow to your superior knowledge...
Back to top
View user's profile Send private message
STN
Review: Approve
Post reference:
ReviewPosted: Sun May 15, 2016 1:18 pm

You are a lifesaver!
Back to top
View user's profile Send private message
Display:  
Cheat Engine Forum Index


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites