|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Kingpin1959 Newbie cheater Reputation: 0
Joined: 11 Jul 2016 Posts: 13
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Fri May 26, 2017 6:18 pm Post subject: |
|
|
Please clarify what you are asking and provide more details regarding what each item in your script is actually for.
|
|
Back to top |
|
|
Kingpin1959 Newbie cheater Reputation: 0
Joined: 11 Jul 2016 Posts: 13
|
Posted: Sat May 27, 2017 4:16 am Post subject: |
|
|
Hi ++ METHOS
First let me thank you for your quick answer.
Down you see the whole God Mode skript i made
{ Game : MassEffectAndromeda.exe
Version:
Date : 2017-04-21
Author : KingNando
This script does blah blah blah
}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscanmodule(INJECT,MassEffectAndromeda.exe,F3 0F 11 83 30 07 00 00) // should be unique
alloc(newmem,$1000,"MassEffectAndromeda.exe"+726D19)
label(code)
label(return)
newmem:
cmp [rbx+640],(float)277.5
jne code
mov [rbx+00000730],(float)277.5
jmp return
code:
movss [rbx+00000730],xmm0
mov [rbx+00000730],(float)00
jmp return
INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 83 30 07 00 00
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "MassEffectAndromeda.exe"+726D19
"MassEffectAndromeda.exe"+726CF5: E8 16 CF FF FF - call MassEffectAndromeda.exe+723C10
"MassEffectAndromeda.exe"+726CFA: 0F 57 C9 - xorps xmm1,xmm1
"MassEffectAndromeda.exe"+726CFD: 0F 2F F1 - comiss xmm6,xmm1
"MassEffectAndromeda.exe"+726D00: 72 03 - jb MassEffectAndromeda.exe+726D05
"MassEffectAndromeda.exe"+726D02: 0F 28 CE - movaps xmm1,xmm6
"MassEffectAndromeda.exe"+726D05: F3 0F 10 83 3C 06 00 00 - movss xmm0,[rbx+0000063C]
"MassEffectAndromeda.exe"+726D0D: 0F 2F C1 - comiss xmm0,xmm1
"MassEffectAndromeda.exe"+726D10: 72 03 - jb MassEffectAndromeda.exe+726D15
"MassEffectAndromeda.exe"+726D12: 0F 28 C1 - movaps xmm0,xmm1
"MassEffectAndromeda.exe"+726D15: F3 0F 5C F7 - subss xmm6,xmm7
// ---------- INJECTING HERE ----------
"MassEffectAndromeda.exe"+726D19: F3 0F 11 83 30 07 00 00 - movss [rbx+00000730],xmm0
// ---------- DONE INJECTING ----------
"MassEffectAndromeda.exe"+726D21: 0F 54 35 E8 DD 91 02 - andps xmm6,[MassEffectAndromeda.exe+3044B10]
"MassEffectAndromeda.exe"+726D28: 0F 2F 35 71 95 91 02 - comiss xmm6,[MassEffectAndromeda.exe+30402A0]
"MassEffectAndromeda.exe"+726D2F: 72 42 - jb MassEffectAndromeda.exe+726D73
"MassEffectAndromeda.exe"+726D31: 48 8B 07 - mov rax,[rdi]
"MassEffectAndromeda.exe"+726D34: 48 8B CF - mov rcx,rdi
"MassEffectAndromeda.exe"+726D37: FF 50 38 - call qword ptr [rax+38]
"MassEffectAndromeda.exe"+726D3A: 48 8B 07 - mov rax,[rdi]
"MassEffectAndromeda.exe"+726D3D: 48 8B CF - mov rcx,rdi
"MassEffectAndromeda.exe"+726D40: 0F 28 F0 - movaps xmm6,xmm0
"MassEffectAndromeda.exe"+726D43: FF 50 30 - call qword ptr [rax+30]
}
This skript i wrote is freezing the Shield Value. Now i have the problem, that everytime i get a better shield , the script wont work. I have to search in Cheat engine the right value und place this value in my god mode skript above. Then my skript works again.
i am lokking now for a method that autamticly changes the value in my script. For example the shield value at the beginning of the game is at float 250. in the level where i play at the moment , my shield value is float 277.5 as you can see in the script above.
i hope , i made clear , what my problem is.
wish you a grat weekend
Kingpin1959
_________________
Gamehacking is legal |
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Sat May 27, 2017 5:27 am Post subject: |
|
|
Hi. Unfortunately, you have reiterated what you stated in your previous post, and you have not given any indication regarding what each line of code represents inside of your script.
For example:
You check a value at offset +640 -- is that an ID value for code segregation, or is it the display value for shield or something else? Does the instruction access multiple addresses?
The fact that you are checking for 277.5 at offset +640, then setting a value of 277.5 at offset +730 is confusing. Please elaborate.
Kingpin1959 wrote: | newmem:
cmp [rbx+640],(float)277.5
jne code
mov [rbx+00000730],(float)277.5
jmp return |
|
|
Back to top |
|
|
Zanzer I post too much Reputation: 126
Joined: 09 Jun 2013 Posts: 3278
|
Posted: Sat May 27, 2017 7:12 am Post subject: |
|
|
My guess is +640 contains the unit's maximum shield while +730 is the current shield.
The instruction probably accesses all units in the game, so he is only checking if the maximum shield is equal to his character's.
When that is true, he is setting the current shields to equal the maximum, since other units probably have different shield values.
|
|
Back to top |
|
|
Kingpin1959 Newbie cheater Reputation: 0
Joined: 11 Jul 2016 Posts: 13
|
Posted: Sat May 27, 2017 7:44 am Post subject: |
|
|
Hi ++ METHOS , Hi Zanzer
thank you for your help so far.
the compare command in the first line is checking if my shield is full and has the right value , means if the value is my own shield parameter and not the parameter of an enemies shield value. Next i put my shield value to currend max.
After that it jumps to code if the compare is not equal. That means, if it is not the eqaul value to my own shield in gamecode
in the code segment i put the enemies shield value to zero
i hope its is a bit clearer. Still , i have no idea how i can correct my script so it sets my actual shield value in the compare command to the actual value that the game shows. I want that my script auto update the value in the cmp command. below , i show you my script again.
aobscanmodule(INJECT,MassEffectAndromeda.exe,F3 0F 11 83 30 07 00 00) // should be unique
alloc(newmem,$1000,"MassEffectAndromeda.exe"+726D19)
label(code)
label(return)
newmem:
cmp [rbx+640],(float)277.5 --> compares if it is my shield value
jne code --> if is not equal jump to code:
mov [rbx+00000730],(float)277.5 --> when cmp tells that is my shield ,
put my shield to max
jmp return
code:
movss [rbx+00000730],xmm0 --> [rbx+00000730] contains the value of
the enemies shield value
mov [rbx+00000730],(float)00
jmp return
INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 83 30 07 00 00
unregistersymbol(INJECT)
dealloc(newmem)
i hope you can help me. i am a beginner in Cheat engine auto assemle tool.
_________________
Gamehacking is legal |
|
Back to top |
|
|
STN I post too much Reputation: 42
Joined: 09 Nov 2005 Posts: 2672
|
Posted: Sat May 27, 2017 9:40 am Post subject: |
|
|
I posted my cheat table on https://fearlessrevolution.com also has Cielos's. You can use a better way to find if its you or enemy. Comparing shield isn't reliable as you noticed yourself (or your max health).
Then get your max shield value and put it in current.
_________________
Last edited by STN on Fri May 29, 2020 11:06 pm; edited 1 time in total |
|
Back to top |
|
|
Kingpin1959 Newbie cheater Reputation: 0
Joined: 11 Jul 2016 Posts: 13
|
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Sat May 27, 2017 9:21 pm Post subject: |
|
|
The code segregation method that you are using is not very reliable for most targets. Here are some tips:
++METHOS wrote: | - You can use a pointer address for your filter, inside of your script, for the value that you are trying to manipulate.
- You can use pointer trees inside of the data structure to find something viable.
- You can shift the data structure (+ or -) and/or expand its size to find something useful.
- You can use the structure spider to find workable strings and/or for comparative analysis.
- You can check the register values by attaching the debugger or setting a breakpoint to see if something can be used for your filter.
- You can check to see if there are any instructions that are exclusive to the address/value that you are trying to manipulate and store the address for your filter by creating a second injection point.
- You can check to see if there are any instructions that are exclusive to any other address/value inside of the data structure for the address/value that you are trying to manipulate and store the address for your filter by creating a second injection point.
- You can analyze assembly code to see if an identifier is being checked or assigned somewhere.
- Et al.
|
|
|
Back to top |
|
|
haskav How do I cheat? Reputation: 0
Joined: 18 Jun 2012 Posts: 4
|
Posted: Mon May 29, 2017 8:13 am Post subject: |
|
|
Zanzer wrote: | My guess is +640 contains the unit's maximum shield while +730 is the current shield.
The instruction probably accesses all units in the game, so he is only checking if the maximum shield is equal to his character's.
When that is true, he is setting the current shields to equal the maximum, since other units probably have different shield values. |
Hi Zanzer, I need your attention.
Sorry if am on the wrong room because I can't PM you.
I recognized your work for making PES 2017 Cheat Table.
I want to ask, how to find value for personality bar such as charisma, tactics, passion, and technique with your Cheat Table?
For example, I want to modify tactics personality for Coutinho.
Thanks.
(I don't know hy I cant post URL)
|
|
Back to top |
|
|
Kingpin1959 Newbie cheater Reputation: 0
Joined: 11 Jul 2016 Posts: 13
|
Posted: Mon May 29, 2017 11:32 am Post subject: |
|
|
Hi ++ METHOS ,
Thanks for yor answer. Your suggestions are too compicated at the moment. As i mentionent , i am a beginner in script writing.
Stupit me. After i looked at my script , i recognised that it is too mutch that workes not so goot. Finally i found a simple way. Now my script works 100%.
Every change of shield strenght is working as it should. Below my much smaller script.
newmem:
movss [rbx+640],xmm0
jmp return
code:
mov [rbx+00000730],(float)0
jmp return
i found out, that the shield value is in xmm0. First i tried
cmp [rbx+640],xmm0
But that does not work, because Cheatengine tells me, that tis expression cannot be compiled.
At last i thought , that i should be enough , when i simply move the shield value in the place in gamecode, where my shield is stored.
Thanks to your hints and those of Zanzer and STN, i found the solution on my own
thank you all very much
Kingpin1959
_________________
Gamehacking is legal |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|