Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Windows 10 x64 issue with calling Lua from ASM?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
doublechocotaco
How do I cheat?
Reputation: 0

Joined: 02 May 2017
Posts: 2

PostPosted: Tue May 02, 2017 10:06 am    Post subject: Windows 10 x64 issue with calling Lua from ASM? Reply with quote

I followed the template with AOB Injection as well as the Call CE Lua function

I actually got this to run and work properly on my Windows 7 x64 pc.

When I tried on Windows 10 x64 pc, it freezes/loops somewhere in the luaclient-x86_64.dll. I have to end task the game.

The box will tick active successfully, and i can view the disassembly in memory viewer with the injection.

I have tried to make sure that all registers and stuff get put back to where they are, but my call to lua call never actually completes based on the Break and trace stack.

This is on windows 10 home 64 bit.
version 1703
build 15063.138

Just curious if there are any known issues with Win10 and the call CELUA_ExecuteFunction feature.

Tried running as admin on both the game and cheat engine. Disabled windows defender.

Anything else I can try? Thanks


Code:
loadlibrary(luaclient-x86_64.dll)
luacall(openLuaServer('CELUASERVER'))

CELUA_ServerName:
db 'CELUASERVER',0

[ENABLE]
{$lua}
if syntaxcheck then return end
function logShieldChange(params)
  local damageType = "SH";

  local myShieldAddress = 0x8D0469D0

  local shieldAfter = readFloat(params);
  local shieldBefore = readFloat(params + 0x4);

  local rbxAddress = readInteger(params + 0x20);
  local shieldAddress = rbxAddress + 0x730;

  if (shieldAfter > shieldBefore) then return end;
  if (shieldAddress == myShieldAddress) then return end;

  local shieldMax = readFloat(rbxAddress + 0x63C);

  local shieldAfter = readFloat(params);

  local shieldDiff = shieldAfter - shieldBefore;

  print(string.format("%4s, %12s, %12.3f, %10X, %12.3f, %12.3f, %12.3f, %12.3f", damageType, os.time(), os.clock(), shieldAddress, shieldMax, shieldBefore, shieldAfter, shieldDiff));
end
{$asm}

aobscanmodule(shieldDamageLog,MassEffectAndromeda.exe,F3 0F 11 83 30 07 00 00) // should be unique
alloc(newmem,$1000,"MassEffectAndromeda.exe"+726D19)
alloc(shieldDamageScript,$1000)
alloc(shieldParams,$1000) // create some memory space for params to pass
label(code)
label(return)

shieldDamageScript:
  db 'logShieldChange(parameter)',0

newmem:
  push r8 // save off all registers that might be affected by our code
  push r9
  push r10
  push r11
  push rcx
  push rdx
  push rax
  movss [shieldParams],xmm0 // shield value about to be assigned
  mov [shieldParams+20],rbx // pointer to data structure
  mov r8,[rbx+00000730] // copy before shield value to register
  mov [shieldParams+4],r8 // copy shield value to our function parameter
  movss [shieldParams+8],xmm6 // copy shield value to our function parameter
  movss [rbx+00000730],xmm0 // call original code
  mov rcx,shieldDamageScript //(The lua function will have access to the variable passed by name "parameter")
  mov rdx,shieldParams
  sub rsp,20
  call CELUA_ExecuteFunction // or CELUA_ExecuteFunctionAsync if you don't need GUI access or want to handle it yourself
  add rsp,20
  pop rax // restore all values
  pop rdx
  pop rcx
  pop r11
  pop r10
  pop r9
  pop r8

code:
  jmp return

shieldDamageLog:
  jmp newmem
  nop
  nop
  nop
return:
registersymbol(shieldDamageLog)

[DISABLE]

shieldDamageLog:
  db F3 0F 11 83 30 07 00 00

unregistersymbol(shieldDamageLog)
dealloc(newmem)
dealloc(shieldDamageScript)
dealloc(shieldParams)

{
// ORIGINAL CODE - INJECTION POINT: "MassEffectAndromeda.exe"+726D19

"MassEffectAndromeda.exe"+726CF5: E8 16 CF FF FF           -  call MassEffectAndromeda.exe+723C10
"MassEffectAndromeda.exe"+726CFA: 0F 57 C9                 -  xorps xmm1,xmm1
"MassEffectAndromeda.exe"+726CFD: 0F 2F F1                 -  comiss xmm6,xmm1
"MassEffectAndromeda.exe"+726D00: 72 03                    -  jb MassEffectAndromeda.exe+726D05
"MassEffectAndromeda.exe"+726D02: 0F 28 CE                 -  movaps xmm1,xmm6
"MassEffectAndromeda.exe"+726D05: F3 0F 10 83 3C 06 00 00  -  movss xmm0,[rbx+0000063C]
"MassEffectAndromeda.exe"+726D0D: 0F 2F C1                 -  comiss xmm0,xmm1
"MassEffectAndromeda.exe"+726D10: 72 03                    -  jb MassEffectAndromeda.exe+726D15
"MassEffectAndromeda.exe"+726D12: 0F 28 C1                 -  movaps xmm0,xmm1
"MassEffectAndromeda.exe"+726D15: F3 0F 5C F7              -  subss xmm6,xmm7
// ---------- INJECTING HERE ----------
"MassEffectAndromeda.exe"+726D19: F3 0F 11 83 30 07 00 00  -  movss [rbx+00000730],xmm0
// ---------- DONE INJECTING  ----------
"MassEffectAndromeda.exe"+726D21: 0F 54 35 E8 DD 91 02     -  andps xmm6,[MassEffectAndromeda.exe+3044B10]
"MassEffectAndromeda.exe"+726D28: 0F 2F 35 71 95 91 02     -  comiss xmm6,[MassEffectAndromeda.exe+30402A0]
"MassEffectAndromeda.exe"+726D2F: 72 42                    -  jb MassEffectAndromeda.exe+726D73
"MassEffectAndromeda.exe"+726D31: 48 8B 07                 -  mov rax,[rdi]
"MassEffectAndromeda.exe"+726D34: 48 8B CF                 -  mov rcx,rdi
"MassEffectAndromeda.exe"+726D37: FF 50 38                 -  call qword ptr [rax+38]
"MassEffectAndromeda.exe"+726D3A: 48 8B 07                 -  mov rax,[rdi]
"MassEffectAndromeda.exe"+726D3D: 48 8B CF                 -  mov rcx,rdi
"MassEffectAndromeda.exe"+726D40: 0F 28 F0                 -  movaps xmm6,xmm0
"MassEffectAndromeda.exe"+726D43: FF 50 30                 -  call qword ptr [rax+30]
}
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 341

Joined: 09 May 2003
Posts: 19984
Location: The netherlands

PostPosted: Tue May 02, 2017 10:24 am    Post subject: Reply with quote

could be a stack alignment issue
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Back to top
View user's profile Send private message MSN Messenger
doublechocotaco
How do I cheat?
Reputation: 0

Joined: 02 May 2017
Posts: 2

PostPosted: Tue May 02, 2017 12:18 pm    Post subject: Reply with quote

Dark Byte wrote:
could be a stack alignment issue


That worked! Thank you very much.

i changed the sub/add for rsp from 20 to 28 and everything seems to work as expected.

sub rsp,20
call CELUA_ExecuteFunction
add rsp,20

to

sub rsp,28
call CELUA_ExecuteFunction
add rsp,28
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites