Cheat Engine

[Rissorr]

Hey! I was trying to make a multihack (like Recifense usually do, with registersymbols, and then 0/1 in the table to toggle the script)

Tried to hack game Peggle.

so my problem is:
- when i enable/disable everything is normal.
- when the code is executed -> the game crashes.
- tried adding pushfd,popfd to the code -> but it didnt helped

The code till now:

[Geri]

Start debugging.

First you should figure out which injection point is causing the crash, because you have 2 of them.

Then try to make an empty code injection to see if code injection at that code is not causing any problem.

If you are already sure that the problem is caused by the script itself, set a breakpoint at your own code and watch how is it executed step by step or use break and trace and go through the log to see where is the error.


And if you are doing your own script, make sure that you don't screw up the injection point. The jump takes up 5 bytes. If the codes that you are replacing take more than 5 bytes, you need to add nops to the injection point. As it is done in the templates, made by CE.

[Rissorr]

Ok Thanks!! i understand.. but what could cause the problem?

[Dark Byte]

Read through your code and try to follow all possible paths


hint: What will happen when i_balls or i_score are 0 (watch that register)

[Rissorr]

Ok thanks to Geri and to Dark Byte !!!

I found the error:

I injected:

[Geri]

Also fix the bug that Dark Byte has pointed out, because it is a very serious bug.

[Rissorr]

also a small question:

if in my code there is an insruction like this:

[Dark Byte]

Yes, cmp changes the flags register

[STN]

All this talk about balls, this thread is very dirty

I don't get what this multihack thing is, just let CE injection template do the work...i find it wonderful because i am lazy and CE fills up the redundant data for me.

There is a lot of wrong in your code, i am just going to point them out because it looks like you are not a total noob

code_balls:

pushfd
cmp [i_balls],0
je done_balls -- oh hi i just jumped and the push below can go cry to mama

push ecx
mov ecx,#99

cmp [esi+eax*4+17C],ecx
ja done_balls

mov [esi+eax*4+17C],ecx
jmp done_balls

done_balls:
pop ecx -- mama popped the wrong balls
popfd
jmp exit_balls

Its the same mistake you have done with your score code.

And NO you don't need to write pushfd/popfd, thats a waste of two perfect CPU cycles. They are only needed if you are going to modify code in your game that you know will mess up the EFLAGS and the game needs the EFLAGS a certain way at that point and your injection can fuck em up. What this means is basically 99.9% of the time you don't need them, i have only ever needed to use them only once. To give you an example

Game code
address1 mov eax, deadbeef
address2 cmp eax, head
je 92ace

you jump at address2 to your injection and you want to do a compare in your injection that is when you can mess up game's eflags when it needs them (if compares if eax has head or not) so if your injection was like this

fancy injection:
cmp eax, head // original game code
mov edx,ecx
cmp edx, 34 // this be where you mess up game's eflags because now the value is going to be of the compare of cmp edx, 34 not the cmp eax, head
je exit

exit:
jmp backtogame

the solution (two)

lazy way aka the stn way
fancyinjection:
mov edx, ecx
cmp edx, 34
je ext

exit:
cmp eax, head
jmp backtogame

or you could just pushfd/popfd after the game's cmp and it will be still goo.

[Rissorr]

Heh! thats was my old "beta" code, here is the new v2.2

P.S in the table:
right click on the script -> hide children when deactivated (remove the V)