|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Oct 17, 2016 1:54 pm Post subject: AOBSCANONCE and AOBSCANMODULEONCE AutoAssemble commands |
|
|
Second, third, forth, ...., activation of AA script with aobscans will be much faster.
Usage is the same, just like a normal aobscan and aobscanmodule AA commands.
Code: | AobScanOnce(name, bytepattern)
AobScanModuleOnce(name, module, bytepattern)
AobScanRegionOnce(name, startAddress, endAddress, bytepattern) |
Also you can use {$scanonce} directive.
All next aobscans will become "once".
Example1:
Code: | aobscanmoduleonce(aob_godmode, modulename, bytepattern) |
Example2:
Code: | {$scanonce}
aobscanmodule(aob_godmode, modulename, bytepattern1) -- will become "once"
aobscanmodule(aob_infStamina, modulename, bytepattern2) -- will become "once"
aobscanmodule(aob_infMoney, modulename, bytepattern3) -- will become "once" |
Example3:
Code: | aobscanmodule(aob_godmode, modulename, bytepattern1) -- normal scan
{$scanonce}
aobscanmodule(aob_infStamina, modulename, bytepattern2) -- will become "once"
aobscanmodule(aob_infMoney, modulename, bytepattern3) -- will become "once" |
Advantages:
- works like regular aobscan, so there are high chances that game update won't break the cheat
- activation as fast as 'code injection without aob scan' (except the first activation)
Disadvantages:
- not a good idea to use it on games with JIT code. Extension is using 8 bytes assertion, so, it may work.
Download:
Extension download
Trivia: (You can skip this part. Forum doesn't have spoiler tag)
I made this Lua extension, wait, I made those new AutoAssemble commands, wait, those are not 100% AA commands, because the main part is inside my AutoAssemble Prologue...
Anyway. I wanted to improve simple AA scripts with aobscans generated via AA Template.
Sometimes we just want to use AA script, but, we will get a lag while enabling. Depending on the game, lag will be few hundreds milliseconds up to few seconds.
Some facts. Enabling the script is made in steps:
- [ENABLE] and [DISABLE] tags are used to strip the script to the according one
- then lua code is executed (you know the {$Lua} block )
- comment stripping and trimming
- then aobscans are executed
- aobscan commands are transformed into define commands, i.e. aobscan(test,pattern) will become define(test,foundaddressashex)
- then 1-pass parsing occurs (other AA commands, e.g.: define, label, luacall, registered AA commands, etc)
- then 2-pass
Keeping in mind above facts, I came with the solution, which transfer this:
Code: | [ENABLE]
aobscanmodule(aob_SomeCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04) |
into this:
Code: | [ENABLE]
{$Lua}
if LuaVar_aob_SomeCheat==nil or LuaVar_aob_SomeCheat==' 00000000'
then return 'aobscanmodule(aob_SomeCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04)\n'..
'luacall(LuaVar_aob_SomeCheat="aob_SomeCheat")'
else return 'define(aob_SomeCheat,'..LuaVar_aob_SomeCheat..')'
end
{$Asm} |
As you see, when you enable the script, Lua block is executed first, it checks LuaVar_aob_SomeCheat variable. If it is nil (or wrong), this Lua block will be replaced with two lines: regular aobscanmodule and additional luacall.
luacall is executed when aobscans are already done. And that means it will set Lua variable we can use later.
Notice I used " there, so this variable type will be a string.
After disabling the script, Lua variable is not altered. And that means, next time Lua block will be replaced with one line: define
This is why I created this Lua extension.
Edit:
2016.11.14 - removed few typos in above text.
edit:
2019.09.27 - version 5 - compatibility with CE7.0
Description: |
version 3
version 4 - added assertion
version 5 - compatibility with CE7.0 |
|
Download |
Filename: |
aobscanOnce.lua |
Filesize: |
1.92 KB |
Downloaded: |
2657 Time(s) |
_________________
Last edited by mgr.inz.Player on Fri Sep 27, 2019 2:36 pm; edited 11 times in total |
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
Posted: Mon Oct 17, 2016 2:58 pm Post subject: |
|
|
Thanks, yet another nice extension!
I've some suggestions,
1/may be the transform can be triggered by an indicator, for example, if "//scanonce//"(case insensitive) appeared in 1st line, so that the existed scripts can be benefit from this extension by adding the indicator by the user his own if they think that script scan long and need to on/off sometime;
and developer don't need to change 'aobscan' to 'aobscanonce' etc. The developer need not to release the table with the extension too, he just need to add the indicator and it is up to the user to install the extension;
2/there may be the case that the user close the game then open again while the previous cached aob address hasn't been reset; it may need a way to detect this situation and do the reset. I'll suggest that a table struct like:
ScanOnce[GetOpenedProcessID()][symbol_comma_AobPat] = {AobPat,symbol,Address}
to be used to save necessary info, given GetOpenedProcessID() is not 0; This way the 'reset' can be automatic.
bye~
_________________
- Retarded. |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Oct 17, 2016 4:07 pm Post subject: |
|
|
Thanks for suggestions. Version 2.
I used this:
Code: | unique=getOpenedProcessID()..stringToMD5String(params) |
And added this directive:
Results:
original script:
Code: | {$scanonce}
aobscanmodule(aob_SlomoCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04) |
on first activation it transforms into this:
Code: | {$scanonce}
aobscanmodule(aob_SlomoCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04)
luacall(aobscanOnce.savedaobscans["9412fb8e272463bdc4512429e270bd9d27d7"]="aob_SlomoCheat") |
and next activations will have this:
Code: | {$scanonce}
define(aob_SlomoCheat, 7FF71892E1D3) |
Edit:
first post updated
_________________
Last edited by mgr.inz.Player on Thu Oct 20, 2016 7:47 am; edited 1 time in total |
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
Posted: Mon Oct 17, 2016 11:00 pm Post subject: |
|
|
It work good !
Thank you~
_________________
- Retarded.
Last edited by panraven on Tue Oct 18, 2016 9:20 am; edited 1 time in total |
|
Back to top |
|
|
usernotfound Expert Cheater Reputation: 0
Joined: 21 Feb 2016 Posts: 115
|
Posted: Mon Oct 17, 2016 11:49 pm Post subject: |
|
|
Very cool Will help make using aob scripts a lot more stable
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Thu Oct 20, 2016 8:19 am Post subject: |
|
|
Version 3. First post updated.
_________________
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Thu Oct 20, 2016 5:22 pm Post subject: |
|
|
Instead of checking a hash, you could just do a quick scan within the last known region.
If it still matches, great. If not, rescan.
Code: | local memscan = createMemScan()
local foundlist = createFoundList(memscan)
local previous = aob_SlomoCheat -- however you store the address
local bytes = "blah blah" -- you'll have to parse it out
local start = tonumber(previous, 16)
local stop = start + 100 -- or determine aob length
memscan.firstScan(
soExactValue, vtByteArray, rtRounded,
bytes, nil, start, stop, "+X-C-W",
fsmNotAligned, "1", true, false, false, false)
memscan.waitTillDone()
foundlist.initialize()
local address = foundlist.Address
if foundlist.Count > 0 and foundlist.Address[0] == previous then
-- use previous
else
-- do new
end
foundlist.Destroy()
memscan.Destroy() |
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Fri Oct 21, 2016 8:38 am Post subject: |
|
|
About the hash. Did you meant md5?
md5 sum in not performed on game's memory. It is used for two things.
To distinguish between two different aobscans with the same name, e.g. "INJECT".
For example, there are two scripts with aobscans (with the same name, INJECT) and registered symbols (to save pointer base)
someone could have this in first script (memory record with script):
Code: |
[ENABLE]
// infinite health, and other players stats cheat
aobscan(INJECT, bytepattern1)
...
label(playerStatsPtrBase)
registersymbol(playerStatsPtrBase) |
and this in second script:
Code: |
[ENABLE]
// inventory editor cheat
aobscan(INJECT, bytepattern2)
...
label(inventoryPtrBase)
registersymbol(inventoryPtrBase) |
md5 sum of string "INJECT, bytepattern1" will be different than md5 sum of string "INJECT, bytepattern2".
And also to distinguish between "old saved scans" (previous process(es)) and "new saved scans" (current process)
The whole idea of this extension is to not to use scans when they are not needed.
createMemScan is just another scan.
_________________
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Fri Oct 21, 2016 9:08 am Post subject: |
|
|
It is a new scan, but you're limiting it to only reading 100 bytes (or the length of the AOB).
So it's more of a direct readBytes(old_address,byte_length) and not a full rescan.
This is just to verify that the old address is still valid, such as cases when the game is reloaded.
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Fri Oct 21, 2016 9:58 am Post subject: |
|
|
Yeah, but, imagine you have such script:
(this is a part of real script made by SunBeam, BatmanAC.CT)
Code: | ...
aobscan( dwEPhysicsHook_AOB, 0FB691????????83FA??0F87????????FF2495????????8B11 ) // OK
...
aobscan( dwStopeEPhysicsChange_AOB, 884C24??8886????????3C0174 ) // OK
...
aobscan( KillComboReset_AOB, CC8B442408C70000000000C20800CC ) // OK
...
aobscan( GetIndex_AOB, 83EC148B4124565733FF8944241085C0 ) // OK
...
aobscan( SetIndex_AOB, 53558BE98B452C565785C0 ) // OK
...
aobscan( TheWorld_AOB, 8B15????????5568????????5652E8????????83C4108BC8A3???????? ) // OK
... |
Doing six memoryscans, one by one, won't be good.
Even for small 100bytes regions, because CE will create new temporary scan folder for each createMemScan.
Of course we can reuse just one MemScan object, but, it will still create temporary files for each bytepattern ( bytes = "blah blah") we scan. We get HDD I/O delay.
So, aob scanning would be better to stay inside AA script, because CE can stack few aobscans into one scan.
(aobscan stacking - few scans from module1 as one scan in thread1, other few scans from module2 as one scan in thread2, and so on. If you have 8 processors, there will be up to 8 threads running)
But your post gave me another idea for next version. I think I can add some kind of assertion. When it fails, my extension will re-enable aob scan. If 8 bytes at "bytepatternaddress" are the same, it will use saved scan, otherwise do scan normally. Should be a good method to verify that saved address is still valid. readQword doesn't cause HDD I/O activity.
Version 4 soon.
Edit:
Done.
_________________
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Fri Sep 27, 2019 2:37 pm Post subject: |
|
|
2019.09.27 - version 5 - compatibility with CE7.0
_________________
|
|
Back to top |
|
|
Csimbi I post too much Reputation: 94
Joined: 14 Jul 2007 Posts: 3110
|
Posted: Sat Sep 28, 2019 10:06 am Post subject: |
|
|
What's the story around multiple scans in multiple scripts in the same table?
As far as I know, CE does all AOB scans at once (so the memory is read only once).
Seem to me this would break the scans into individual ones.
No biggie as you still save most scans in the future - just curious.
I do like the idea of: "let's see if it's 'what it was' and use that else do a fresh scan and update 'what it was'".
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Mon Sep 30, 2019 2:51 pm Post subject: |
|
|
Quote: | Seem to me this would break the scans into individual ones. |
It wouldn't. Uncomment this line and play with AA scripts you have:
Code: | -- if not syntaxcheck then print(script.Text) end |
Maybe you'll find something I could improve.
_________________
|
|
Back to top |
|
|
maskelihileci Cheater Reputation: 0
Joined: 08 Oct 2016 Posts: 43
|
Posted: Tue Feb 11, 2020 2:58 am Post subject: |
|
|
Hi
AobScanOnce(name, 8b ff 55 8b ec 8b 45 ? a3 ? ? ? ? 5d c3 8b ff 55 8b ec 81 ec)
Error:Access violation
I get this error I can't use it
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun Feb 16, 2020 3:58 am Post subject: |
|
|
@maskelihileci
More details please.
Which CE version?
When you try to use it on CheatEngine Tutorial, does it work?
Temporary remove all Lua extensions from autorun folder except aobscanOnce.lua, does it work?
_________________
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|