View previous topic :: View next topic |
Author |
Message |
mettaursp How do I cheat? Reputation: 0
Joined: 02 Aug 2013 Posts: 6
|
Posted: Fri Aug 02, 2013 3:30 pm Post subject: Stealth Edit Failure With autoAssemble(string) |
|
|
I just made my first full Lua script for Cheat Engine to use on the game Roblox, specifically the RobloxPlayer.exe file, and I was able to make most of the script work, but when I use steathedit with the autoAssemble(string) function, I get an error popup window stating "Module not found" followed up by "STEALTHEDIT INIT FAILURE". I use Cheat Engine 6.3 x64 and the x64 version of the Stealth Edit plugin. I would prefer not to post the full script in case I do end up getting it working, but I can post bits of it. Here is the ASM script that gets assembled by autoAssemble:
Code: |
stealthedit(newmem,%s,2048)
label(returnhere)
newmem:
mov [esp+18], %s
mov [esp+1C], %s
sub esp,14
push esi
push edi
jmp returnhere
returnhere:
|
And sending the string representing it through string.format, the arguments are (in this order): string address representing the result from "string.format("%x", allocateSharedMemory("newscript", 2559))", 2559 (number), and 0088F670 (string). How can I fix the problem resulting in the error displayed by the popup windows?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Fri Aug 02, 2013 3:42 pm Post subject: |
|
|
stealthedit can only be used on a module address
self allocated memory should not even be stealthedited to begin with as there's certainly no integrity check on your own code
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mettaursp How do I cheat? Reputation: 0
Joined: 02 Aug 2013 Posts: 6
|
Posted: Fri Aug 02, 2013 3:49 pm Post subject: |
|
|
Okay, looking back at the script, I see that I messed up on the ordering of the arguments in the script, if I were to re-order them, would it possibly work? Like instead of arg1, arg2, and arg3 being the order, would arg3, arg2, arg1 work? In my confusion over the usage of ASM for my purpose, the arguments weren't put in the proper order that I originally wanted them to be in.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Fri Aug 02, 2013 3:51 pm Post subject: |
|
|
if 0088F670 is a module address then it might work yes (so reverse order)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mettaursp How do I cheat? Reputation: 0
Joined: 02 Aug 2013 Posts: 6
|
Posted: Fri Aug 02, 2013 3:53 pm Post subject: |
|
|
It worked without resulting in any errors on CE's side, but my Roblox client crashed. Back to the drawing board I guess.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Fri Aug 02, 2013 3:54 pm Post subject: |
|
|
first get the aa script to work, only then try to get lua scripts to work.
tip:
Do a showMessage(string.format(....)) to see what you are going to auto assemble and compare with what you expect
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mettaursp How do I cheat? Reputation: 0
Joined: 02 Aug 2013 Posts: 6
|
Posted: Fri Aug 02, 2013 4:12 pm Post subject: |
|
|
The aa script works when run after the level has completely loaded, but the client disconnects because of a built in hash checker. The hash checker cross-references hashes that can be retrieved by script:GetHash() in the game's built in Lua engine with the script hashes being stored as strings and visit.exe (for use with Roblox Studio containing a command line and output), RobloxPlayer.exe, and RobloxPlayerBeta.exe have the hash checker stored at different addresses with different byte sequences that can represent it. I was hoping that the Stealth Edit plugin could help by forcing the run-time execution along a separate path leaving the initial hash intact, but the hash checker got around it. I can successfully nop the checker with Memory View and have various exploits that serve the same purpose and have them work on visit.exe, but on RobloxPlayer.exe and RobloxPlayerBeta.exe, the client just disconnects as soon as I nop it manually, while other users are running rampant with exploits that disable it and work.
|
|
Back to top |
|
|
|