Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Use AOB to create multiple base addresses from same instruct

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials
View previous topic :: View next topic  
Author Message
Mai Eternal
How do I cheat?
Reputation: 0

Joined: 28 Feb 2017
Posts: 6

PostPosted: Mon Sep 11, 2017 10:52 am    Post subject: Use AOB to create multiple base addresses from same instruct Reply with quote

Hi guys.

So here's the scenario:

In games where there are more than one playable character a single instruction can be used across all of them, for eg the instruction that changes gold etc. What I'd like to do is use that instruction to spit out the base address for all of them. Once I have a single base address I can simply nest offsets into that base to find values for HP, XP, Gold etc etc.

See this image:[i] stupid forum wont let me post an image url[/i]

This instruction accesses 3 addresses. In this case, the ebx registry contains the values of the 3 base addresses I wish to use.

Using an AOB Scan, how can I tell cheat engine to store multiple values accessed by the same instruction?
Back to top
View user's profile Send private message
OldCheatEngineUser
Whateven rank
Reputation: 3

Joined: 01 Feb 2016
Posts: 513

PostPosted: Mon Sep 11, 2017 11:03 am    Post subject: Reply with quote

well, you might wish to post instructions or things that you have so someone could do things you want for you.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
patched cheat engine tutorials
Back to top
View user's profile Send private message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 52

Joined: 06 Jul 2014
Posts: 1795
Location: Arcadian Suburbia

PostPosted: Mon Sep 11, 2017 11:34 am    Post subject: Reply with quote

An aobscan gives you the address of an instruction. It's up to you to do whatever you want with that instruction. Read this topic for information about recording addresses in a code injection.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Mai Eternal
How do I cheat?
Reputation: 0

Joined: 28 Feb 2017
Posts: 6

PostPosted: Mon Sep 11, 2017 11:51 am    Post subject: Reply with quote

OldCheatEngineUser wrote:
well, you might wish to post instructions or things that you have so someone could do things you want for you.


I don't want things done from me. I'm here to learn kthxbai

ParkourPenguin wrote:
An aobscan gives you the address of an instruction. It's up to you to do whatever you want with that instruction. Read ... for information about recording addresses in a code injection.


This is perfect. It's a little advanced but I should be able to create something with this information. Cheers

Yep, made it work pretty easily. This was one hell of a learning experience thank you.

I only have a few questions from things I didn't understand.

First why did you chose xor specifically? Is it just a fancy way of zero valuing the ecx registry?

If I only need to allocate for 3 dd addresses how much do I need to alloc?In short what should dd be in this eqn: alloc(base,dd*3)? Can I safely assume that it's 12?

Is this really the most efficient method? For instance I was trying to figure out how this code worked:

Code:
[ENABLE]
aobscanmodule(hero,EoCApp.exe,49 8B * * * * * 48 8B 1C F8 48 8B CB)
alloc(newmem,$1000,hero)

label(code)
label(return)
label(hero_ptr)

newmem:

code:
  mov rbx,[rax+rdi*8]
  mov rcx,hero_ptr
  mov [rcx+rdi*8],rbx
  mov rcx,rbx
  jmp return

hero_ptr:
  dq 0
  dq 0
  dq 0
  dq 0

hero:
  jmp code
  nop
  nop
return:
registersymbol(hero)
registersymbol(hero_ptr)

[DISABLE]
hero:
  db 48 8B 1C F8 48 8B CB
unregistersymbol(hero)
unregistersymbol(hero_ptr)
dealloc(newmem)


because from here the guy was able to assign hero_ptr+0/8/10/18

It seems simpler but I had to use your method instead. How I managed to follow your code with ease yet fail at this simple thing I can only guess
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites