Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


64 bit programs invalid AllocationBase ?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source -> Plugin development
View previous topic :: View next topic  
Author Message
FreeER
Grandmaster Cheater Supreme
Reputation: 53

Joined: 09 Aug 2013
Posts: 1091

PostPosted: Fri Jul 08, 2016 8:36 pm    Post subject: 64 bit programs invalid AllocationBase ? Reply with quote

I'm trying to modify SEGnosis's SigMaker plugin (link in notehub post below) to use the capstone disassembly library since it supports x64 (and the ADE32 code SEGnosis used doesn't) but I've found that VirtualQueryEx is frequently returning 0 for the allocation base or a value such that it + the size until the next region (found by SEGnosis by looking until a different allocation base is returned) does not include the address/bytes I'm searching for...

I noticed yesterday when I got it working with x86 and started with the x64 tutorial program that it was returning 0 for the AllocationBase, though today it's returning a non-zero result but I can't find a pattern of bytes that I know exist (48 8D 05 ED 4B 2E 00). Can anyone provide ideas as to why? However, for some x64 processes it does work, for others it returns 0, and others act like the x64 tutorial (it finds a non-zero AllocationBase but not the right bytes). All the x86 processes seem to simply work as expected lol

Also, since it's semi-related, what is the difference between the DISASSEMBLERCONTEXT callbackroutine's selectedAddress and the callbackroutineOnPopup's selectedAddress (as SEGnosis notes, the one in OnPopup is not the actual selected address, but the non-Popup is only called on right click, not when the shortcut is used)? I've found good documentation on what everything is difficult to find...

dropbox link to modified code (Visual Studio 2015 community solution): notehub dot org / sz4s0 (can't post links yet)

Disclaimer: I'm a novice... but I have completed Harvard's CS50 (intro with C) course so I understand the absolute basics... But I still don't understand everything and I certainly couldn't have written the original code myself lol I simply haven't had experience with it.

Oh, I guess I should mention the point of the plugin is to generate an AOB that doesn't use hard coded values... not 100% sure how useful that is during game updates since the registers could change too and this doesn't wildcard that info... but, regardless, that's the idea behind the plugin.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source -> Plugin development All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites