Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


AOBSCANONCE and AOBSCANMODULEONCE AutoAssemble commands

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Extensions
View previous topic :: View next topic  
Author Message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Mon Oct 17, 2016 1:54 pm    Post subject: AOBSCANONCE and AOBSCANMODULEONCE AutoAssemble commands Reply with quote

Second, third, forth, ...., activation of AA script with aobscans will be much faster.

Usage is the same, just like a normal aobscan and aobscanmodule AA commands.
Code:
AobScanOnce(name, bytepattern)
AobScanModuleOnce(name, module, bytepattern)
AobScanRegionOnce(name, startAddress, endAddress, bytepattern)


Also you can use {$scanonce} directive.
All next aobscans will become "once".

Example1:
Code:
aobscanmoduleonce(aob_godmode, modulename, bytepattern)


Example2:
Code:
{$scanonce}
aobscanmodule(aob_godmode, modulename, bytepattern1) -- will become "once"
aobscanmodule(aob_infStamina, modulename, bytepattern2) -- will become "once"
aobscanmodule(aob_infMoney, modulename, bytepattern3) -- will become "once"


Example3:
Code:
aobscanmodule(aob_godmode, modulename, bytepattern1) -- normal scan
{$scanonce}
aobscanmodule(aob_infStamina, modulename, bytepattern2) -- will become "once"
aobscanmodule(aob_infMoney, modulename, bytepattern3) -- will become "once"


Advantages:
- works like regular aobscan, so there are high chances that game update won't break the cheat
- activation as fast as 'code injection without aob scan' (except the first activation)

Disadvantages:
- not a good idea to use it on games with JIT code. Extension is using 8 bytes assertion, so, it may work.

Download:
Extension download




Trivia: (You can skip this part. Forum doesn't have spoiler tag)

I made this Lua extension, wait, I made those new AutoAssemble commands, wait, those are not 100% AA commands, because the main part is inside my AutoAssemble Prologue...


Anyway. I wanted to improve simple AA scripts with aobscans generated via AA Template.
Sometimes we just want to use AA script, but, we will get a lag while enabling. Depending on the game, lag will be few hundreds milliseconds up to few seconds.


Some facts. Enabling the script is made in steps:
- [ENABLE] and [DISABLE] tags are used to strip the script to the according one
- then lua code is executed (you know the {$Lua} block )
- comment stripping and trimming
- then aobscans are executed
- aobscan commands are transformed into define commands, i.e. aobscan(test,pattern) will become define(test,foundaddressashex)
- then 1-pass parsing occurs (other AA commands, e.g.: define, label, luacall, registered AA commands, etc)
- then 2-pass


Keeping in mind above facts, I came with the solution, which transfer this:

Code:
[ENABLE]
aobscanmodule(aob_SomeCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04)



into this:
Code:
[ENABLE]
{$Lua}
if LuaVar_aob_SomeCheat==nil or LuaVar_aob_SomeCheat==' 00000000'
then return 'aobscanmodule(aob_SomeCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04)\n'..
            'luacall(LuaVar_aob_SomeCheat="aob_SomeCheat")'
else return 'define(aob_SomeCheat,'..LuaVar_aob_SomeCheat..')'
end
{$Asm}



As you see, when you enable the script, Lua block is executed first, it checks LuaVar_aob_SomeCheat variable. If it is nil (or wrong), this Lua block will be replaced with two lines: regular aobscanmodule and additional luacall.

luacall is executed when aobscans are already done. And that means it will set Lua variable we can use later.
Notice I used " there, so this variable type will be a string.

After disabling the script, Lua variable is not altered. And that means, next time Lua block will be replaced with one line: define


This is why I created this Lua extension.

Edit:
2016.11.14 - removed few typos in above text.

edit:
2019.09.27 - version 5 - compatibility with CE7.0



aobscanOnce.lua
 Description:
version 3
version 4 - added assertion
version 5 - compatibility with CE7.0

Download
 Filename:  aobscanOnce.lua
 Filesize:  1.92 KB
 Downloaded:  2471 Time(s)


_________________


Last edited by mgr.inz.Player on Fri Sep 27, 2019 2:36 pm; edited 11 times in total
Back to top
View user's profile Send private message MSN Messenger
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 938

PostPosted: Mon Oct 17, 2016 2:58 pm    Post subject: Reply with quote

Thanks, yet another nice extension!

I've some suggestions,

1/may be the transform can be triggered by an indicator, for example, if "//scanonce//"(case insensitive) appeared in 1st line, so that the existed scripts can be benefit from this extension by adding the indicator by the user his own if they think that script scan long and need to on/off sometime;
and developer don't need to change 'aobscan' to 'aobscanonce' etc. The developer need not to release the table with the extension too, he just need to add the indicator and it is up to the user to install the extension;

2/there may be the case that the user close the game then open again while the previous cached aob address hasn't been reset; it may need a way to detect this situation and do the reset. I'll suggest that a table struct like:
ScanOnce[GetOpenedProcessID()][symbol_comma_AobPat] = {AobPat,symbol,Address}
to be used to save necessary info, given GetOpenedProcessID() is not 0; This way the 'reset' can be automatic.

bye~

_________________
- Retarded.
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Mon Oct 17, 2016 4:07 pm    Post subject: Reply with quote

Thanks for suggestions. Version 2.

I used this:
Code:
unique=getOpenedProcessID()..stringToMD5String(params)

And added this directive:
Code:
{$scanonce}


Results:
original script:
Code:
{$scanonce}
aobscanmodule(aob_SlomoCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04)

on first activation it transforms into this:
Code:
{$scanonce}
aobscanmodule(aob_SlomoCheat,mafia3.exe,F3 0F 10 01 0F 2E 41 04)
luacall(aobscanOnce.savedaobscans["9412fb8e272463bdc4512429e270bd9d27d7"]="aob_SlomoCheat")

and next activations will have this:
Code:
{$scanonce}
define(aob_SlomoCheat, 7FF71892E1D3)


Edit:
first post updated

_________________


Last edited by mgr.inz.Player on Thu Oct 20, 2016 7:47 am; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 938

PostPosted: Mon Oct 17, 2016 11:00 pm    Post subject: Reply with quote

It work good !
Thank you~

_________________
- Retarded.


Last edited by panraven on Tue Oct 18, 2016 9:20 am; edited 1 time in total
Back to top
View user's profile Send private message
usernotfound
Expert Cheater
Reputation: 0

Joined: 21 Feb 2016
Posts: 115

PostPosted: Mon Oct 17, 2016 11:49 pm    Post subject: Reply with quote

Very cool Smile Will help make using aob scripts a lot more stable
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Thu Oct 20, 2016 8:19 am    Post subject: Reply with quote

Version 3. First post updated.
_________________
Back to top
View user's profile Send private message MSN Messenger
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Thu Oct 20, 2016 5:22 pm    Post subject: Reply with quote

Instead of checking a hash, you could just do a quick scan within the last known region.
If it still matches, great. If not, rescan.
Code:
local memscan = createMemScan()
local foundlist = createFoundList(memscan)
local previous = aob_SlomoCheat -- however you store the address
local bytes = "blah blah" -- you'll have to parse it out
local start = tonumber(previous, 16)
local stop = start + 100 -- or determine aob length
memscan.firstScan(
  soExactValue, vtByteArray, rtRounded,
  bytes, nil, start, stop, "+X-C-W",
  fsmNotAligned, "1", true, false, false, false)
memscan.waitTillDone()
foundlist.initialize()
local address = foundlist.Address
if foundlist.Count > 0 and foundlist.Address[0] == previous then
  -- use previous
else
  -- do new
end
foundlist.Destroy()
memscan.Destroy()
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Oct 21, 2016 8:38 am    Post subject: Reply with quote

About the hash. Did you meant md5?

md5 sum in not performed on game's memory. It is used for two things.

To distinguish between two different aobscans with the same name, e.g. "INJECT".

For example, there are two scripts with aobscans (with the same name, INJECT) and registered symbols (to save pointer base)

someone could have this in first script (memory record with script):
Code:

[ENABLE]
// infinite health, and other players stats cheat
aobscan(INJECT, bytepattern1)
...
label(playerStatsPtrBase)
registersymbol(playerStatsPtrBase)


and this in second script:
Code:

[ENABLE]
// inventory editor cheat
aobscan(INJECT, bytepattern2)
...
label(inventoryPtrBase)
registersymbol(inventoryPtrBase)


md5 sum of string "INJECT, bytepattern1" will be different than md5 sum of string "INJECT, bytepattern2".

And also to distinguish between "old saved scans" (previous process(es)) and "new saved scans" (current process)



The whole idea of this extension is to not to use scans when they are not needed.
createMemScan is just another scan.


 

_________________
Back to top
View user's profile Send private message MSN Messenger
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Fri Oct 21, 2016 9:08 am    Post subject: Reply with quote

It is a new scan, but you're limiting it to only reading 100 bytes (or the length of the AOB).
So it's more of a direct readBytes(old_address,byte_length) and not a full rescan.
This is just to verify that the old address is still valid, such as cases when the game is reloaded.
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Oct 21, 2016 9:58 am    Post subject: Reply with quote

Yeah, but, imagine you have such script:
(this is a part of real script made by SunBeam, BatmanAC.CT)
Code:
...
aobscan( dwEPhysicsHook_AOB, 0FB691????????83FA??0F87????????FF2495????????8B11 ) // OK
...
aobscan( dwStopeEPhysicsChange_AOB, 884C24??8886????????3C0174 ) // OK
...
aobscan( KillComboReset_AOB, CC8B442408C70000000000C20800CC ) // OK
...
aobscan( GetIndex_AOB, 83EC148B4124565733FF8944241085C0 ) // OK
...
aobscan( SetIndex_AOB, 53558BE98B452C565785C0 ) // OK
...
aobscan( TheWorld_AOB, 8B15????????5568????????5652E8????????83C4108BC8A3???????? ) // OK
...


Doing six memoryscans, one by one, won't be good.
Even for small 100bytes regions, because CE will create new temporary scan folder for each createMemScan.
Of course we can reuse just one MemScan object, but, it will still create temporary files for each bytepattern ( bytes = "blah blah") we scan. We get HDD I/O delay.

So, aob scanning would be better to stay inside AA script, because CE can stack few aobscans into one scan.
(aobscan stacking - few scans from module1 as one scan in thread1, other few scans from module2 as one scan in thread2, and so on. If you have 8 processors, there will be up to 8 threads running)







But your post gave me another idea for next version. I think I can add some kind of assertion. When it fails, my extension will re-enable aob scan. If 8 bytes at "bytepatternaddress" are the same, it will use saved scan, otherwise do scan normally. Should be a good method to verify that saved address is still valid. readQword doesn't cause HDD I/O activity.

Version 4 soon.


Edit:
Done.

_________________
Back to top
View user's profile Send private message MSN Messenger
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Fri Sep 27, 2019 2:37 pm    Post subject: Reply with quote

2019.09.27 - version 5 - compatibility with CE7.0
_________________
Back to top
View user's profile Send private message MSN Messenger
Csimbi
I post too much
Reputation: 91

Joined: 14 Jul 2007
Posts: 3093

PostPosted: Sat Sep 28, 2019 10:06 am    Post subject: Reply with quote

What's the story around multiple scans in multiple scripts in the same table?
As far as I know, CE does all AOB scans at once (so the memory is read only once).
Seem to me this would break the scans into individual ones.
No biggie as you still save most scans in the future - just curious.

I do like the idea of: "let's see if it's 'what it was' and use that else do a fresh scan and update 'what it was'".
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Mon Sep 30, 2019 2:51 pm    Post subject: Reply with quote

Quote:
Seem to me this would break the scans into individual ones.

It wouldn't. Uncomment this line and play with AA scripts you have:
Code:
  -- if not syntaxcheck then print(script.Text) end


Maybe you'll find something I could improve.

_________________
Back to top
View user's profile Send private message MSN Messenger
maskelihileci
Cheater
Reputation: 0

Joined: 08 Oct 2016
Posts: 43

PostPosted: Tue Feb 11, 2020 2:58 am    Post subject: Reply with quote

Hi


AobScanOnce(name, 8b ff 55 8b ec 8b 45 ? a3 ? ? ? ? 5d c3 8b ff 55 8b ec 81 ec)


Error:Access violation


I get this error I can't use it
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 217

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sun Feb 16, 2020 3:58 am    Post subject: Reply with quote

@maskelihileci

More details please.
Which CE version?
When you try to use it on CheatEngine Tutorial, does it work?
Temporary remove all Lua extensions from autorun folder except aobscanOnce.lua, does it work?

_________________
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Extensions All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites