Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Progressive AobScan(Ex)

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Extensions
View previous topic :: View next topic  
Author Message
panraven
Grandmaster Cheater
Reputation: 54

Joined: 01 Oct 2008
Posts: 938

PostPosted: Fri Nov 24, 2017 8:34 pm    Post subject: Progressive AobScan(Ex) Reply with quote

Execution of AA Script follow some separated step, related to this topic is the step of CE doing AobScan .
AobScan commands (aobscan, aobscanModule, aobscanRegion) generated Defined symbol, but Defined symbol only can be use after AobScan step, so Defined symbol generated by a aobscan cannot be used by another aobscan normally.

There is another step that parsing custom AA command (registerAutoAssemblerCommand), this happened after above Aobscan step, and can use Defined Symbol as input (note: this step cannot use local Label symbol, including the Alloc command symbol).

By moving the standard aobscan command to a custom AA command, it is possible to do progressive aobscan which its parameter using previous scan result. That behaviour is best for AobScanRegion command.

The attached script provide such command, AobScanEx.

format:
Code:

  AobScanEx(symbolName [:ScanType], original_AobScan_parameters)
  default ScanType is 'Region'
eg.
  AobScanEx(sym , addrStart, addrEndExclusive, aob pattern) ->
    AobScanRegion(sym, addrStart, addrEndExclusive, aob pattern )
  AobScanEx(sym: , aob pattern) ->
    AobScan(sym, aob pattern )
  AobScanEx(sym: Module , moduleName, aob pattern) ->
    AobScanModule(sym, moduleName, aob pattern)
  AobScanEx(sym:Region , addrStart, addrEndExclusive, aob pattern) ->
    AobScanRegion(sym, addrStart, addrEndExclusive, aob pattern )


to install, put the *.lua in autorun directory
to include in a *.ct, paste the script content in a suppose-run-once AA script, wrap by {$lua}...{$asm} tags.

bye~

Updated 2018-3-3:

add some support function,

AA custom command calc(symbol, <$>expression)
evaluate an expression, prefix '$' to evaluate Lua expression
return a 'define(symbol,value)' line,
if the result value from Lua expression is a integer it is convert to hexform.

s2aob(s)
lua function to convert a string to aob

n2aob(n, fms, bigend)
lua function to convert a number to aob, 1-8 bytes integer (fms=1-Cool, float (fms='f')_, double(fms='d'), bigEndian or not (bigend is not false or nil)

Example:
to scan a static string, then scan the code that reference this string, like this (32 bit process only, 64 bit reference use RIP, which hard to identify by aob)

sample process: Tutorial-i386.exe , reference string" "languages"

Code:

globalalloc(RESULT,64)
[ENABLE]
calc(sStr,$s2aob"languages") /// double quote to prevent symbol expansion
/// convert a string to aob for that string, that aob can be use in aobscan command

/// address of ^str
aobscanEx(addrStr:Module, $process, sStr 00) // aobscanmodule
/// AA aobscan only scan 1st result, in actual running with multiple results, this scan may not hit the one used by code reference.

/// convert address of ^str as aob
calc(aobStr, $n2aob('addrStr',4)) /// type size 4 is defualt,
// single quote to allow symbol expansion, used to transfer defined symbol to lua function

/// 1st reference of addrStr in code
aobscanEx(ref_1:Module, $process, b8 aobStr) // aobscanmodule
/// 2nd reference of addrStr in code and etc
aobscanEx(ref_2, ref_1+1, ref_1+1000000, b8 aobStr) // aobscanRegion
aobscanEx(ref_3, ref_2+1, ref_2+1000000, b8 aobStr) // aobscanRegion
aobscanEx(ref_4, ref_3+1, ref_3+1000000, b8 aobStr) // aobscanRegion

Result:
dq addrStr
dq ref_1, ref_2, ref_3, ref_4
db sStr
db aobStr

[DISABLE]



progressiive_aobscanex.lua
 Description:
updated 2018-3-3 add some support function

Download
 Filename:  progressiive_aobscanex.lua
 Filesize:  2.8 KB
 Downloaded:  867 Time(s)


progressiive_aobscanex.lua
 Description:

Download
 Filename:  progressiive_aobscanex.lua
 Filesize:  1.2 KB
 Downloaded:  926 Time(s)


_________________
- Retarded.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Extensions All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites