Cheat Engine

[Kingpin1959]

Hi, i need help with a script. I wrote a scrpt for god mode in Mass Effect Andromeda

newmem:
cmp [rbx+640],(float)277.5
jne code
mov [rbx+00000730],(float)277.5
jmp return

The beginner Value is 250. When i play the game and increase my shield, the value changes to 277.5

How can i change my script, so that the script automaticly set in the right values, when my shields Value increases.

Thanks so far to anyone who can help me

best regards Kingpin1959

[++METHOS]

Please clarify what you are asking and provide more details regarding what each item in your script is actually for.

[Kingpin1959]

Hi ++ METHOS

First let me thank you for your quick answer.

Down you see the whole God Mode skript i made


{ Game : MassEffectAndromeda.exe
Version:
Date : 2017-04-21
Author : KingNando

This script does blah blah blah
}

[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat



aobscanmodule(INJECT,MassEffectAndromeda.exe,F3 0F 11 83 30 07 00 00) // should be unique
alloc(newmem,$1000,"MassEffectAndromeda.exe"+726D19)

label(code)
label(return)

newmem:
cmp [rbx+640],(float)277.5
jne code
mov [rbx+00000730],(float)277.5
jmp return
code:
movss [rbx+00000730],xmm0
mov [rbx+00000730],(float)00
jmp return

INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)

[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 83 30 07 00 00

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "MassEffectAndromeda.exe"+726D19

"MassEffectAndromeda.exe"+726CF5: E8 16 CF FF FF - call MassEffectAndromeda.exe+723C10
"MassEffectAndromeda.exe"+726CFA: 0F 57 C9 - xorps xmm1,xmm1
"MassEffectAndromeda.exe"+726CFD: 0F 2F F1 - comiss xmm6,xmm1
"MassEffectAndromeda.exe"+726D00: 72 03 - jb MassEffectAndromeda.exe+726D05
"MassEffectAndromeda.exe"+726D02: 0F 28 CE - movaps xmm1,xmm6
"MassEffectAndromeda.exe"+726D05: F3 0F 10 83 3C 06 00 00 - movss xmm0,[rbx+0000063C]
"MassEffectAndromeda.exe"+726D0D: 0F 2F C1 - comiss xmm0,xmm1
"MassEffectAndromeda.exe"+726D10: 72 03 - jb MassEffectAndromeda.exe+726D15
"MassEffectAndromeda.exe"+726D12: 0F 28 C1 - movaps xmm0,xmm1
"MassEffectAndromeda.exe"+726D15: F3 0F 5C F7 - subss xmm6,xmm7
// ---------- INJECTING HERE ----------
"MassEffectAndromeda.exe"+726D19: F3 0F 11 83 30 07 00 00 - movss [rbx+00000730],xmm0
// ---------- DONE INJECTING ----------
"MassEffectAndromeda.exe"+726D21: 0F 54 35 E8 DD 91 02 - andps xmm6,[MassEffectAndromeda.exe+3044B10]
"MassEffectAndromeda.exe"+726D28: 0F 2F 35 71 95 91 02 - comiss xmm6,[MassEffectAndromeda.exe+30402A0]
"MassEffectAndromeda.exe"+726D2F: 72 42 - jb MassEffectAndromeda.exe+726D73
"MassEffectAndromeda.exe"+726D31: 48 8B 07 - mov rax,[rdi]
"MassEffectAndromeda.exe"+726D34: 48 8B CF - mov rcx,rdi
"MassEffectAndromeda.exe"+726D37: FF 50 38 - call qword ptr [rax+38]
"MassEffectAndromeda.exe"+726D3A: 48 8B 07 - mov rax,[rdi]
"MassEffectAndromeda.exe"+726D3D: 48 8B CF - mov rcx,rdi
"MassEffectAndromeda.exe"+726D40: 0F 28 F0 - movaps xmm6,xmm0
"MassEffectAndromeda.exe"+726D43: FF 50 30 - call qword ptr [rax+30]
}

This skript i wrote is freezing the Shield Value. Now i have the problem, that everytime i get a better shield , the script wont work. I have to search in Cheat engine the right value und place this value in my god mode skript above. Then my skript works again.
i am lokking now for a method that autamticly changes the value in my script. For example the shield value at the beginning of the game is at float 250. in the level where i play at the moment , my shield value is float 277.5 as you can see in the script above.

i hope , i made clear , what my problem is.

wish you a grat weekend

Kingpin1959

[++METHOS]

Hi. Unfortunately, you have reiterated what you stated in your previous post, and you have not given any indication regarding what each line of code represents inside of your script.

For example:

You check a value at offset +640 -- is that an ID value for code segregation, or is it the display value for shield or something else? Does the instruction access multiple addresses?

The fact that you are checking for 277.5 at offset +640, then setting a value of 277.5 at offset +730 is confusing. Please elaborate.

[Zanzer]

My guess is +640 contains the unit's maximum shield while +730 is the current shield.
The instruction probably accesses all units in the game, so he is only checking if the maximum shield is equal to his character's.
When that is true, he is setting the current shields to equal the maximum, since other units probably have different shield values.

[Kingpin1959]

Hi ++ METHOS , Hi Zanzer

thank you for your help so far.

the compare command in the first line is checking if my shield is full and has the right value , means if the value is my own shield parameter and not the parameter of an enemies shield value. Next i put my shield value to currend max.

After that it jumps to code if the compare is not equal. That means, if it is not the eqaul value to my own shield in gamecode

in the code segment i put the enemies shield value to zero

i hope its is a bit clearer. Still , i have no idea how i can correct my script so it sets my actual shield value in the compare command to the actual value that the game shows. I want that my script auto update the value in the cmp command. below , i show you my script again.

aobscanmodule(INJECT,MassEffectAndromeda.exe,F3 0F 11 83 30 07 00 00) // should be unique
alloc(newmem,$1000,"MassEffectAndromeda.exe"+726D19)

label(code)
label(return)

newmem:
cmp [rbx+640],(float)277.5 --> compares if it is my shield value
jne code --> if is not equal jump to code:
mov [rbx+00000730],(float)277.5 --> when cmp tells that is my shield ,
put my shield to max
jmp return
code:
movss [rbx+00000730],xmm0 --> [rbx+00000730] contains the value of
the enemies shield value
mov [rbx+00000730],(float)00
jmp return

INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)

[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 83 30 07 00 00

unregistersymbol(INJECT)
dealloc(newmem)

i hope you can help me. i am a beginner in Cheat engine auto assemle tool.

[STN]

I posted my cheat table on https://fearlessrevolution.com also has Cielos's. You can use a better way to find if its you or enemy. Comparing shield isn't reliable as you noticed yourself (or your max health).

Then get your max shield value and put it in current.

[Kingpin1959]

Hello ++METHOS, Zanzer and STN ,

thank for your quick replay .

Thanks to ++METHOS thoughts i found a mistake in my script.

in newmem it shoud be mov [rbx+640] instead of mov [rbx+00000730] !

Now it works much better. But one thing i still dont understand. How can i change my script so the shield value will automitically put in the cmp command line.

I am still learning with scripts.

Seems that you, STN found a way. can you tell me how you solved the problem.

thanks so far to you all

best regards
Kingpin1959

[++METHOS]

The code segregation method that you are using is not very reliable for most targets. Here are some tips:

[haskav]

[Kingpin1959]

Hi ++ METHOS ,

Thanks for yor answer. Your suggestions are too compicated at the moment. As i mentionent , i am a beginner in script writing.

Stupit me. After i looked at my script , i recognised that it is too mutch that workes not so goot. Finally i found a simple way. Now my script works 100%.
Every change of shield strenght is working as it should. Below my much smaller script.

newmem:
movss [rbx+640],xmm0
jmp return
code:
mov [rbx+00000730],(float)0
jmp return

i found out, that the shield value is in xmm0. First i tried
cmp [rbx+640],xmm0
But that does not work, because Cheatengine tells me, that tis expression cannot be compiled.
At last i thought , that i should be enough , when i simply move the shield value in the place in gamecode, where my shield is stored.

Thanks to your hints and those of Zanzer and STN, i found the solution on my own

thank you all very much

Kingpin1959