Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


CREATETHREAD understanding
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Auto Assembler tutorials
View previous topic :: View next topic  
Author Message
educofu
Expert Cheater
Reputation: 3

Joined: 21 Aug 2009
Posts: 171
Location: Brazil,MG,OP

PostPosted: Thu Dec 24, 2009 12:25 pm    Post subject: CREATETHREAD understanding Reply with quote

in AA,what is and how do i use the createthread?
_________________
"I finally started thinking outside of the box, only to find myself in a larger box."
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Wed Jan 06, 2010 3:21 pm    Post subject: Reply with quote

let's say you have a piece of code you want to execute, but don't want to hook the game's api

you can then use createthread to execute that code:

Code:

alloc(mycode,4096)
CREATETHREAD(mycode);

mycode:
mov eax,[gamex.dll+123456]
mov ebx,[eax+4c]
mov [eax+48],ebx

push #1000
call sleep
jmp mycode

would for example set the health to the max health every second

or if you want to call an ingame routine without hooking you can also use createthread
Code:

createthread(togglegodmode)


assuming togglegodmode contains the address of the game's routine to toggle godmode, and accepts a parameterless call, otherwhise you have to allocate an initialization routine that sets up the parameters and then call togglegodmode (and createthread on the initialization routine)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
educofu
Expert Cheater
Reputation: 3

Joined: 21 Aug 2009
Posts: 171
Location: Brazil,MG,OP

PostPosted: Wed Jan 06, 2010 5:15 pm    Post subject: Reply with quote

thanks.
_________________
"I finally started thinking outside of the box, only to find myself in a larger box."
Back to top
View user's profile Send private message MSN Messenger
Aqua Regia
Advanced Cheater
Reputation: 0

Joined: 12 May 2009
Posts: 51
Location: Sweden

PostPosted: Sat Mar 20, 2010 2:40 pm    Post subject: Reply with quote

If you use createthread in a cheat table, do you have to destroy the thread under [DISABLE]?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Sat Mar 20, 2010 3:40 pm    Post subject: Reply with quote

in case of threads you have to add in your own disable way , and don't free the associated memory

e.g:
[enable]
alloc(mycode,4096)
CREATETHREAD(mycode);
label(mustend)
registersymbol(mustend)

mycode:
mov eax,[gamex.dll+123456]
mov ebx,[eax+4c]
mov [eax+48],ebx

push #1000
call sleep
cmp [mustend],1
jne mycode

ret

mustend:
dd 0

[disable]
mustend:
dd 1

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Aqua Regia
Advanced Cheater
Reputation: 0

Joined: 12 May 2009
Posts: 51
Location: Sweden

PostPosted: Sat Mar 20, 2010 4:47 pm    Post subject: Reply with quote

Thanks for responding, any idea why the program would crash when I execute that code?

I'm using Windows 7 64-bit version. When I tried the first code you posted in this thread it didn't crash when I removed the sleep part.



sfsf.png
 Description:
 Filesize:  40.77 KB
 Viewed:  99244 Time(s)

sfsf.png


Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Sat Mar 20, 2010 7:21 pm    Post subject: Reply with quote

when you say you removed the sleep part, did you also remove the parameter push ?

If not, that's the problem (by default a created thread has as return value on the stack the address of terminatethread, by messing with the stack, you'll start crashing

(also, infinitely looping like that is really a bad idea)


edit:
and of course
mov eax,[gamex.dll+123456]
mov ebx,[eax+4c]
mov [eax+48],ebx

will 100% cause a crash in almost any game if the address/pointer is wrong

edit2:
And again, don't even dare to dealloc the memory of the thread

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Aqua Regia
Advanced Cheater
Reputation: 0

Joined: 12 May 2009
Posts: 51
Location: Sweden

PostPosted: Sat Mar 20, 2010 7:39 pm    Post subject: Reply with quote

I was wrong, it's the push part. If I comment that part out it doesn't crash.

This is the code you posted above, I only replaced the part right after "mycode:". What's the return doing there anyway? And are symbols like variables or something, and "dd" sets them?

Code:
[enable]
alloc(mycode,4096)
CREATETHREAD(mycode);
label(mustend)
registersymbol(mustend)

mycode:
inc [0028FF44]

push #1000
call sleep
cmp [mustend],1
jne mycode

ret

mustend:
dd 0

[disable]
mustend:
dd 1
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Sat Mar 20, 2010 8:48 pm    Post subject: Reply with quote

symbols are names you can use throughout ce
e.g in the memory view you can goto address "mustend" and it'll go there
and you can even put it into your addresslist

and dd initializes a 4 byte value at the current address
dq a 8 byte, dw a 2 byte and db a 1 byte

and as I said in the previous post, the ret will cause the thread to jump to the terminatethread function so it'll terminate itself

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
XaLeX
Expert Cheater
Reputation: 0

Joined: 19 Aug 2008
Posts: 226

PostPosted: Thu Jul 01, 2010 8:22 am    Post subject: Reply with quote

There's something i don't get about this..

Code:
[ENABLE]
globalalloc(routine,256)
createthread(routine)
label(end)
registersymbol(end)

routine:

push eax
push ecx
//do stuff
pop ecx
pop eax

push #1000
call sleep

cmp [end],1
jne routine //if !end then loop routine

ret

end:
dd 0

[disable]
end:
dd 1


and it says, "Error in line 2 (end:) this address specifier is not valid"

i tried playing with (global)alloc, label and stuff, but there's always a different error Shocked

..i got around using end by using an ingame address, but everything crashes anyway xD
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Thu Jul 01, 2010 9:20 am    Post subject: Reply with quote

that script will work, but it looks like you found a bug

push #1000 is assembled wrong, replace it with "push 000003e8"

I'll see if I can quickly upload a fixed version

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Thu Jul 01, 2010 9:25 am    Post subject: Reply with quote

ok, redownload ce and it'll be fixed

one thing I have to say about that script: You have to wait a full second before you can re-enable it else you might end up having multiple threads running.
A lower sleep (e.g 10 ms) will fix it and won't even lag the game at all (1 millisecond is a really long time for a cpu)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
XaLeX
Expert Cheater
Reputation: 0

Joined: 19 Aug 2008
Posts: 226

PostPosted: Thu Jul 01, 2010 10:02 am    Post subject: Reply with quote

woah, i'm glad i could help improve CE Very Happy even though i gave you work to do on your birthday xD

anyway, you've been very helpful, as always.. thanks ^_^
Back to top
View user's profile Send private message
Twizz
Newbie cheater
Reputation: 0

Joined: 21 Jan 2011
Posts: 12

PostPosted: Sat Jan 29, 2011 9:33 pm    Post subject: Reply with quote

Dark Byte wrote:
in case of threads you have to add in your own disable way , and don't free the associated memory

e.g:
[enable]
alloc(mycode,4096)
CREATETHREAD(mycode);
label(mustend)
registersymbol(mustend)

mycode:
mov eax,[gamex.dll+123456]
mov ebx,[eax+4c]
mov [eax+48],ebx

push #1000
call sleep
cmp [mustend],1
jne mycode

ret

mustend:
dd 0

[disable]
mustend:
dd 1


If we don't free the associated memory... then will we alloc (in your example) a KB of memory everytime we tick it? If so, when will it become available to the system again? When we close cheat engine?

When the thread reaches a ret, does it terminate? What if the thread reaches a ret and there is something on the stack, will it jump there?

Haha, maybe noob questions, but I'm still trying to learn. Razz Thanks
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25252
Location: The netherlands

PostPosted: Sat Jan 29, 2011 9:38 pm    Post subject: Reply with quote

Assuming you only want to do it one time.

But if you do want to call it multiple times you can replace the alloc with globalalloc
That way it will reuse the memory next time it's executed

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials -> Auto Assembler tutorials All times are GMT - 6 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites