Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cheat Engine 6.2 Tutorial Step 9

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Auto Assemble scripts
View previous topic :: View next topic  
Author Message
Igor
Expert Cheater
Reputation: 1

Joined: 04 Apr 2012
Posts: 145

PostPosted: Fri Apr 27, 2012 5:57 am    Post subject: Cheat Engine 6.2 Tutorial Step 9 This post has 1 review(s) Reply with quote

Here Is My Solution for Cheat Engine 6.2 Tutorial Step 9

Code:
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(IsEnemy)

newmem:
cmp [ebx+10],2
je IsEnemy
sub [ebx+04],0
fldz
jmp returnhere

IsEnemy:
mov [ebx+04],eax
fldz
jmp returnhere

"tutorial-i386.exe"+250C6:
jmp newmem
returnhere:

[DISABLE]
dealloc(newmem)
"tutorial-i386.exe"+250C6:
mov [ebx+04],eax
fldz
//Alt: db 89 43 04 D9 EE



CE 6.2 Beta 6 Step-9.jpg
 Description:
 Filesize:  88.16 KB
 Viewed:  30811 Time(s)

CE 6.2 Beta 6 Step-9.jpg



tutorial-i386.CT
 Description:

Download
 Filename:  tutorial-i386.CT
 Filesize:  193.04 KB
 Downloaded:  2147 Time(s)


_________________
r--._,---------------.
"-, .c-.-----------""
/ i--'
C__J
Back to top
View user's profile Send private message
Igor
Expert Cheater
Reputation: 1

Joined: 04 Apr 2012
Posts: 145

PostPosted: Fri May 04, 2012 8:58 am    Post subject: Reply with quote

Alternative Solution For step 9 Password:-31337157

Options:
-God Mode
-One Hit Kill

Read Comments in code to understand how I did it. I explained all in Comments.

Code:
//Made by svchost with Cheat Engine 6.2 RC 1
//4th May, 2012

[ENABLE]
alloc(StoreHealthAddress,2048)
label(StoreHealthAddressReturn)
alloc(WriteHealthAddress,2048)
label(WriteHealthAddressReturn)

globalalloc(Player1_Dave,4)
globalalloc(Player2_Eric,4)
globalalloc(Enemy1_Hal,4)
globalalloc(Enemy2_Kitt,4)

label(WriteOrignal)
label(IsPlayer1_Dave)
label(IsPlayer2_Eric)
label(IsEnemy1_Hal)
label(IsEnemy2_Kitt)


//----------------------------------------
//  Read And Store Address For Later Comparison
//----------------------------------------

//At "tutorial-i386.exe"+2504C address, ebx is constant for Health Address Calculation
"tutorial-i386.exe"+2504C:
jmp StoreHealthAddress
nop
nop
nop
nop
nop
nop
StoreHealthAddressReturn:



StoreHealthAddress:

//From below I calculated Manually Health Address
//And stored at the Custom Address
//Note:-For Health address, add 4 to it. eg.add [Player1_Dave],4
//means value at the [Player1_Dave] is the Health Address.

push ecx
mov ecx,[ebx+49C]     // Offset->49C Player1
mov [Player1_Dave],ecx
pop ecx

push ecx
mov ecx,[ebx+4A0]   // Offset->4A0 Player2
mov [Player2_Eric],ecx
pop ecx

push ecx
mov ecx,[ebx+4A4]  // Offset->4A4 Enemy1
mov [Enemy1_Hal],ecx
pop ecx

push ecx
mov ecx,[ebx+4A8]  // Offset->4A8 Enemy2
mov [Enemy2_Kitt],ecx
pop ecx

//From below it is orignal code at the "tutorial-i386.exe"+2504C
mov ebx,eax
mov esi,edx
mov [ebp-3C],00000000
jmp StoreHealthAddressReturn


//----------------------------------------
//            Write Address
//----------------------------------------


//At this Address Friendly as well as Enemy Health is Decreasing
"Tutorial-i386.exe"+250C6:
jmp WriteHealthAddress
WriteHealthAddressReturn:


//Now I'm checking the Health address For each player seperately.
WriteHealthAddress:
cmp ebx,[Player1_Dave]
je IsPlayer1_Dave

cmp ebx,[Player2_Eric]
je IsPlayer2_Eric

cmp ebx,[Enemy1_Hal]
je IsEnemy1_Hal

cmp ebx,[Enemy2_Kitt]
je IsEnemy2_Kitt

jmp WriteOrignal
jmp WriteHealthAddressReturn

//----------------------------------

IsPlayer1_Dave:
mov [ebx+04],(float)99999
fldz
jmp WriteHealthAddressReturn

IsPlayer2_Eric:
mov [ebx+04],(float)99999
fldz
jmp WriteHealthAddressReturn

IsEnemy1_Hal:
mov [ebx+04],(float)0
fldz
jmp WriteHealthAddressReturn

IsEnemy2_Kitt:
mov [ebx+04],(float)0
fldz
jmp WriteHealthAddressReturn

//----------------------------------

WriteOrignal:
mov [ebx+04],eax
fldz
jmp WriteHealthAddressReturn


[DISABLE]
dealloc(StoreHealthAddress)
"tutorial-i386.exe"+2504C:
mov ebx,eax
mov esi,edx
mov [ebp-3C],00000000

dealloc(WriteHealthAddress)
"Tutorial-i386.exe"+250C6:
mov [ebx+04],eax
fldz


In some games, one instruction is accessing thousands of address
eg."Game.exe"+43E
mov [eax+3C],ecx ->Suppose, this opcode is accessing thousands of address. To solve this, use the method i used in the above code.

Ask me questions if you have any.



tutorial-i386.CT
 Description:

Download
 Filename:  tutorial-i386.CT
 Filesize:  123.42 KB
 Downloaded:  1839 Time(s)


_________________
r--._,---------------.
"-, .c-.-----------""
/ i--'
C__J
Back to top
View user's profile Send private message
nikoliazekter
Newbie cheater
Reputation: 0

Joined: 08 Jun 2012
Posts: 12

PostPosted: Fri Jun 08, 2012 10:11 am    Post subject: Reply Reply with quote

Can I do this without assembler knowledge? And how do you do this? Reply me please.
P.S. I am from Ukraine and I am 13. Cool . So my knowledge of English is bad.
Back to top
View user's profile Send private message
Igor
Expert Cheater
Reputation: 1

Joined: 04 Apr 2012
Posts: 145

PostPosted: Fri Jun 08, 2012 11:10 am    Post subject: Re: Reply Reply with quote

nikoliazekter wrote:
Can I do this without assembler knowledge? And how do you do this? Reply me please.
P.S. I am from Ukraine and I am 13. Cool . So my knowledge of English is bad.
Obviously you should learn asm to do this.

-Complete all steps of CE tutorial.
-Read help file of CE (press F1 in CE main window to open help).
-http://forum.cheatengine.org/viewtopic.php?t=95363
-http://forum.cheatengine.org/viewtopic.php?t=222520

_________________
r--._,---------------.
"-, .c-.-----------""
/ i--'
C__J
Back to top
View user's profile Send private message
Invader
Advanced Cheater
Reputation: 0

Joined: 19 Mar 2012
Posts: 77

PostPosted: Sat Jun 16, 2012 3:21 pm    Post subject: Reply with quote

thanks alot but can you tell me if this code is right or wrong
Quote:
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat

alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here
cmp [ebx+10],1
jnz originalcode
mov eax,42C80000
originalcode:
mov [ebx+04],eax
fldz

exit:
jmp returnhere

"Tutorial-i386.exe"+250C6:
jmp newmem
returnhere:



[DISABLE]
//code from here till the end of the code will be used to disable the cheat

dealloc(newmem)
"Tutorial-i386.exe"+250C6:
mov [ebx+04],eax
fldz

Back to top
View user's profile Send private message
simonsong90
Cheater
Reputation: 0

Joined: 17 Sep 2006
Posts: 38

PostPosted: Fri Mar 01, 2013 5:03 pm    Post subject: Reply with quote

Here's mine
Code:
[enable]
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(Enemy)
label(Player)

newmem:
cmp [ebx+10],1
je Player
jmp Enemy

Player:
fadd dword ptr [ebx+04]
fstp dword ptr [ebp-30]
jmp returnhere

Enemy:
fsubr dword ptr [ebx+04]
fstp dword ptr [ebp-30]
jmp returnhere

"Tutorial-i386.exe"+2509D:
jmp newmem
nop
returnhere:

[disable]
dealloc(newmem)
"Tutorial-i386.exe"+2509D:
fsubr dword ptr [ebx+04]
fstp dword ptr [ebp-30]
Back to top
View user's profile Send private message
Nemexia55
Advanced Cheater
Reputation: 0

Joined: 28 Jan 2014
Posts: 62
Location: Iran

PostPosted: Mon Feb 17, 2014 9:35 am    Post subject: Reply with quote

its so hard!
_________________
Some one help me with AA!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Auto Assemble scripts All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum



Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)