Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Simulate Keystroke in Assembly

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Auto Assembler tutorials
View previous topic :: View next topic  
Author Message
Yadastra
How do I cheat?
Reputation: 0

Joined: 25 Dec 2016
Posts: 3

PostPosted: Sun Dec 25, 2016 8:12 am    Post subject: Simulate Keystroke in Assembly Reply with quote

Hello,
I have a problem with my code. I want to simulate a keystroke but I only have the LUA-Command. How do I simulate this?

Is it possible to write a LUA Script that compares an Integer with ecx?

Code:
originalcode:
mov [rax],ecx

cmp ecx,(int)19
jge moreequal
jl less

moreequal:
//doKeyPress(50) // 2
// doKeyPress(32) // Space
jmp exit

less:
// doKeyPress(49) // 1


exit:
jmp returnhere
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 148

Joined: 07 Nov 2008
Posts: 4187
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sun Dec 25, 2016 4:13 pm    Post subject: Reply with quote

Lua script attached/embedded to AA script doesn't know anything about AA script. Doesn't know about used labels, symbols, allocs, overall size, and so on.

You have to treat embedded Lua scripts as standalone instructions normally executed in
- "Lua Script: Cheat Table" window


-or "Lua Engine" window


With one exception. If your script returns a string, that string (or multi-line string) will be used.
Remember, embedded Lua script is executed only once while activating/deactivating AA script.

People think that in this script value moved to [esi+00000368] will be random:
Code:
[ENABLE]

(...)

{$Lua}
return "mov cl,"..return string.format('%x', math.random(1,127) )
{$Asm}
mov byte ptr [esi+00000368],cl

(...)


As you see, there is RNG used, it should return integer value between 1 and 127, converted to hex.
But, embedded Lua script is executed once while activating. CE will take what this embedded script returns. And then AA script will be changed (original script is untouched), analyzed, parsed, and then executed. For example like this.
Code:
[ENABLE]

(...)

mov cl,4e
mov byte ptr [esi+00000368],cl

(...)


So, after activating, [esi+00000368] will get the same value over and over. After deactivating and activating again, another value...






To move data between AA script and Lua script, you have to use registered user symbol and timer:

Lua script:
Code:
function keystrokeTimerOnTimer()
  local ECX_value = readInteger('ECX_value_registeredsymbol')
  if ECX_value~=nil then
    if ECX_value>=19 then
      doKeyPress(50) -- 2
      doKeyPress(32) -- Space
    else
      doKeyPress(49) -- 1
    end
  end
end

if keystrokeTimer==nil then
  keystrokeTimer = createTimer(nil,true)
  keystrokeTimer.Interval = 50
end

keystrokeTimer.OnTimer = keystrokeTimerOnTimer
keystrokeTimer.Enabled = true


AA script
Code:
label(ECX_value_registeredsymbol)
registersymbol(ECX_value_registeredsymbol)

newmem:
(...)

originalcode:
mov [rax],ecx
mov [ECX_value_registeredsymbol],ecx
jmp returnhere

ECX_value_registeredsymbol:
dd 0


execute Lua script first, then AA script. It should work.











Now, as you see those two above can communicate.
And because you probably want everything in one AA script, here:
Code:
[ENABLE]
{$Lua}
function keystrokeTimerOnTimer()
  local ECX_value = readInteger('ECX_value_registeredsymbol')
  if ECX_value~=nil then
    if ECX_value>=19 then
      doKeyPress(50) -- 2
      doKeyPress(32) -- Space
    else
      doKeyPress(49) -- 1
    end
  end
end

if keystrokeTimer==nil then
  keystrokeTimer = createTimer(nil,true)
  keystrokeTimer.Interval = 50
end

keystrokeTimer.OnTimer = keystrokeTimerOnTimer
keystrokeTimer.Enabled = true
{$Asm}


(...) // stuff you didn't provide (aobscan, alloc, label, etc. I assume you named new allocated memory as newmem)

label(ECX_value_registeredsymbol)
registersymbol(ECX_value_registeredsymbol)

newmem:

originalcode:
mov [rax],ecx
mov [ECX_value_registeredsymbol],ecx
jmp returnhere

ECX_value_registeredsymbol:
dd 0

(...) // stuff you didn't provide (injection point address with jmp newmem and nops)

[DISABLE]
{$Lua}
keystrokeTimer.Enabled = false
{$Asm}

(...) // stuff you didn't provide (disable by restoring original bytes, then dealloc, etc)

unregistersymbol(ECX_value_registeredsymbol)

_________________
Back to top
View user's profile Send private message MSN Messenger
Yadastra
How do I cheat?
Reputation: 0

Joined: 25 Dec 2016
Posts: 3

PostPosted: Mon Dec 26, 2016 9:41 am    Post subject: Reply with quote

Thank you very much. Smile

But why does this not work?

Code:
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
registersymbol(blackjacknumber)
alloc(newmem,2048,"VCRUNTIME140.dll"+C45D)
label(returnhere)
label(originalcode)
label(exit)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here
mov [blackjacknumber],ecx

originalcode:
mov [rax],ecx
ret
mov ecx,[rdx]

cmp [blackjacknumber],(int)18
jge moreequal
jl less

moreequal:
{$Lua}
doKeyPress(32) -- Space
doKeyPress(50) -- 2
doKeyPress(32) -- Space
{$Asm}
jmp exit

weniger:
{$Lua}
doKeyPress(49) -- 1
{$Asm}

exit:
jmp returnhere

"VCRUNTIME140.dll"+C45D:
jmp newmem
returnhere:


 
 
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
unregistersymbol(blackjacknumber)
dealloc(newmem)
"VCRUNTIME140.dll"+C45D:
mov [rax],ecx
ret
mov ecx,[rdx]
//Alt: db 89 08 C3 8B 0A
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 148

Joined: 07 Nov 2008
Posts: 4187
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Mon Dec 26, 2016 10:50 am    Post subject: Reply with quote

read my post again.
_________________
Back to top
View user's profile Send private message MSN Messenger
Yadastra
How do I cheat?
Reputation: 0

Joined: 25 Dec 2016
Posts: 3

PostPosted: Mon Dec 26, 2016 10:54 am    Post subject: Reply with quote

Oh sorry. I played around with the script and forgot the main part... Rolling Eyes
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Auto Assembler tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites