Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


cycle through aobscan with multiple results

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
thenewcomer
Newbie cheater
Reputation: 0

Joined: 09 Mar 2013
Posts: 22
Location: Behind you

PostPosted: Sun Jul 13, 2014 11:20 pm    Post subject: cycle through aobscan with multiple results Reply with quote

i know theres a way to do this in autoassembly, but im not sure on the syntax since i know close to nothing about coding.

lets say i aobscan for the bytes "13 37 DE AD BE EF" and it returns 20 results. i know how to change the first one, and i know how to change all of results.

but how would i go about changing lets say, only the fourth result?
i know this is bad technique but its the closest thing to "update-proof" i can get. if i wildcard the aob, i get 28 results or some such. if i keep certain bytes, they get patched. cant lengthen the array either. ive tried searching for the name of the function as string and getting the offset and that didnt work. since it loads in flash, pointers arent an option. such an annoyance!


i found an lua function on a post from darkbyte 3 years ago that would work perfectly, except it called a nonexistent label and other things lol.

_________________
-TNC
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Mon Jul 14, 2014 4:11 am    Post subject: Reply with quote

"if i wildcard the aob, i get 28 results or some such. if i keep certain bytes, they get patched."

Steps:

1. Resize Memory Viewer and resize Hex Viewer (bottom part). Ten lines before and 10 lines after, around your hack point, should be visible

2. Do screenshot of Memory Viewer and attach it to your post

3. Tell what bytes get patched. ( offsets? )

Then, maybe we can help.


The other way is to use Lua script. Or place Lua script inside AA script (from CE6.4 and above)

_________________
Back to top
View user's profile Send private message MSN Messenger
661089799107
Expert Cheater
Reputation: 3

Joined: 25 Jan 2009
Posts: 186

PostPosted: Mon Jul 14, 2014 8:21 am    Post subject: Reply with quote

Edit: Sorry missed the part where you mentioned wildcard already.

Last edited by 661089799107 on Mon Jul 14, 2014 6:40 pm; edited 3 times in total
Back to top
View user's profile Send private message
thenewcomer
Newbie cheater
Reputation: 0

Joined: 09 Mar 2013
Posts: 22
Location: Behind you

PostPosted: Mon Jul 14, 2014 12:31 pm    Post subject: lol Reply with quote

mgr.inz.Player wrote:
"if i wildcard the aob, i get 28 results or some such. if i keep certain bytes, they get patched."

Steps:
1. Resize Memory Viewer and resize Hex Viewer (bottom part). Ten lines before and 10 lines after, around your hack point, should be visible
2. Do screenshot of Memory Viewer and attach it to your post
3. Tell what bytes get patched. ( offsets? )
Then, maybe we can help.
The other way is to use Lua script. Or place Lua script inside AA script (from CE6.4 and above)


this is the entire function. the bytes between functions fluctuate in size
also, i know ?? is any character. thats what i mean by wildcard Wink

Code:
private function startTimer() : void
//f1 99 ca 02
//f0 f1 0b
//d0
//30
//f0 f3 0b
//d0
//66 db 5d
//12 08 00 00 <-- doesnt change
//f0 f5 0b
//d0
//4f a8 5e 00
//f0 f8 0b
//d0
//5d 80 02
//25 e8 07 <-- what im modifying, also doesnt change
//d0
//66 dc 5d
//4a 80 02 02
//68 db 5d
//f0 f9 0b
//d0
//66 db 5d
//60 7a
//66 bd 8e 01
//d0
//66 a9 5e
//27
//24 00 <-- doesnt change
//26
//4f 91 1a 05 <-- only 2 middle bytes get patched
//f0 fb 0b
//d0
//66 db 5d
//4f 92 2d 00 <-- only 2 middle bytes get patched
//f0 fc 0b
//47 <-- ends the function
}// end function


and the resulting wildcarded array is
Code:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 08 00 00 f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? 05 f0 ?? ?? d0 66 ?? ?? 4f ?? ?? 00 f0 ?? ?? 47



and when i search for it, the result is 28 found addresses. the 4th one is the correct one i want to modify

_________________
-TNC
Back to top
View user's profile Send private message
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Mon Jul 14, 2014 1:01 pm    Post subject: Reply with quote

Maybe you can make sense of this. I did not try everything outlined in that thread, I admit.
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Mon Jul 14, 2014 3:03 pm    Post subject: Re: lol Reply with quote

++METHOS wrote:
Maybe you can make sense of this. I did not try everything outlined in that thread, I admit.

This solution suits offline games (as long as they're not updated), but since it's about an Flash game, this solution probably won't work.

thenewcomer wrote:
mgr.inz.Player wrote:
"if i wildcard the aob, i get 28 results or some such. if i keep certain bytes, they get patched."

Steps:
1. Resize Memory Viewer and resize Hex Viewer (bottom part). Ten lines before and 10 lines after, around your hack point, should be visible
2. Do screenshot of Memory Viewer and attach it to your post
3. Tell what bytes get patched. ( offsets? )
Then, maybe we can help.
The other way is to use Lua script. Or place Lua script inside AA script (from CE6.4 and above)


this is the entire function. the bytes between functions fluctuate in size
also, i know ?? is any character. thats what i mean by wildcard Wink

Code:
private function startTimer() : void
//f1 99 ca 02
//f0 f1 0b
//d0
//30
//f0 f3 0b
//d0
//66 db 5d
//12 08 00 00 <-- doesnt change
//f0 f5 0b
//d0
//4f a8 5e 00
//f0 f8 0b
//d0
//5d 80 02
//25 e8 07 <-- what im modifying, also doesnt change
//d0
//66 dc 5d
//4a 80 02 02
//68 db 5d
//f0 f9 0b
//d0
//66 db 5d
//60 7a
//66 bd 8e 01
//d0
//66 a9 5e
//27
//24 00 <-- doesnt change
//26
//4f 91 1a 05 <-- only 2 middle bytes get patched
//f0 fb 0b
//d0
//66 db 5d
//4f 92 2d 00 <-- only 2 middle bytes get patched
//f0 fc 0b
//47 <-- ends the function
}// end function


and the resulting wildcarded array is
Code:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 08 00 00 f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? 05 f0 ?? ?? d0 66 ?? ?? 4f ?? ?? 00 f0 ?? ?? 47



and when i search for it, the result is 28 found addresses. the 4th one is the correct one i want to modify


Ok some tip... never relay on jump offset or 'any' non changing bytes (if they're not numbers).
Basically treat most functions this way..
Code:
private function startTimer() : void
//f1 XX XX XX
//f0 XX XX
//d0
//30
//f0 XX XX
//d0
//66 XX XX
//12 XX XX XX
//f0 XX XX
//d0
//4f XX XX XX
//f0 XX XX
//d0
//5d XX XX
//25 e8 07
//d0
//66 XX XX
//4a XX XX XX
//68 XX XX
//f0 XX XX
//d0
//66 XX XX
//60 XX
//66 XX XX XX
//d0
//66 XX XX
//27
//24 00
//26
//4f XX XX XX
//f0 XX X
//d0
//66 XX XX
//4f XX XX XX
//f0 XX XX
//47 <-- ends the function
}// end function


So AoB is
Code:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 ?? ?? ?? f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? ?? f0 ?? ?? d0 66 ?? ?? 4f ?? ?? ?? f0 ?? ?? 47

Now, when you getting many results and cannot divide it down (without keeping it 'dynamic').
So what I'm doing, is searching for the aob (without the wildcards), and dumping the memory area (the aob + 50 to 100 bytes after the last byte of the aob)...
So for example you end up with this aob (you didn't specify the game.. so I just added different function):
Quote:
f1 99 ca 02 f0 f1 0b d0 30 f0 f3 0b d0 66 db 5d 12 08 00 00 f0 f5 0b d0 4f a8 5e 00 f0 f8 0b d0 5d 80 02 25 e8 07 d0 66 dc 5d 4a 80 02 02 68 db 5d f0 f9 0b d0 66 db 5d 60 7a 66 bd 8e 01 d0 66 a9 5e 27 24 00 26 4f 91 1a 05 f0 fb 0b d0 66 db 5d 4f 92 2d 00 f0 fc 0b 47 00 00 9F 01 02 01 06 07 38 D0 30 D0 66 88 01 46 E4 03 00 96 2A 12 06 00 00 29 D0 66 E9 01 96 2A 12 06 00 00 29 D0 66 94 02 96 2A 12 06 00 00 29 D0 66 95 02 96 2A 12 06 00 00 29 D0 66 96 02 96 48

So
orange = your aob
Blue= wildcard area (information about the function that coming after it..)
white = the function that coming after the function you're modifying (let's call it endTime())


So now basically we're gonna make 1 AoB, so we're gonna wildcard all the bytes that can change after update (and the information about the function), assuming you remember the opcodes as bytes representation.

So that's the before and after AoBs you're ending up with:
Quote:
f1 99 ca 02 f0 f1 0b d0 30 f0 f3 0b d0 66 db 5d 12 08 00 00 f0 f5 0b d0 4f a8 5e 00 f0 f8 0b d0 5d 80 02 25 e8 07 d0 66 dc 5d 4a 80 02 02 68 db 5d f0 f9 0b d0 66 db 5d 60 7a 66 bd 8e 01 d0 66 a9 5e 27 24 00 26 4f 91 1a 05 f0 fb 0b d0 66 db 5d 4f 92 2d 00 f0 fc 0b 47 00 00 9F 01 02 01 06 07 38 D0 30 D0 66 88 01 46 E4 03 00 96 2A 12 06 00 00 29 D0 66 E9 01 96 2A 12 06 00 00 29 D0 66 94 02 96 2A 12 06 00 00 29 D0 66 95 02 96 2A 12 06 00 00 29 D0 66 96 02 96 48

Quote:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 ?? ?? ?? f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? ?? f0 ?? ?? d0 66 ?? ?? 4f ?? ?? ?? f0 ?? ?? 47 ?? ?? ?? ?? ?? ?? ?? ?? ?? d0 30 d0 66 ?? ?? 46 ?? ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 48

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
thenewcomer
Newbie cheater
Reputation: 0

Joined: 09 Mar 2013
Posts: 22
Location: Behind you

PostPosted: Mon Jul 14, 2014 10:35 pm    Post subject: Re: lol Reply with quote

++METHOS wrote:
Maybe you can make sense of this. I did not try everything outlined in that thread, I admit.

this is exactly what i was looking for, thanks. gonna see if i can get it working tonight

DaSpamer wrote:


Ok some tip... never rely on jump offset or 'any' non changing bytes (if they're not numbers).
Basically treat most functions this way..
Code:
code

heh, i know how to wildcard an array too Wink thanks anyways though.
also those two lines with the last bytes still on them, those bytes are parameters (numbers) that dont change.

DaSpamer wrote:

So AoB is
Code:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 ?? ?? ?? f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? ?? f0 ?? ?? d0 66 ?? ?? 4f ?? ?? ?? f0 ?? ?? 47

Now, when you getting many results and cannot divide it down (without keeping it 'dynamic').
So what I'm doing, is searching for the aob (without the wildcards), and dumping the memory area (the aob + 50 to 100 bytes after the last byte of the aob)...
So for example you end up with this aob (you didn't specify the game.. so I just added different function):
Quote:
f1 99 ca 02 f0 f1 0b d0 30 f0 f3 0b d0 66 db 5d 12 08 00 00 f0 f5 0b d0 4f a8 5e 00 f0 f8 0b d0 5d 80 02 25 e8 07 d0 66 dc 5d 4a 80 02 02 68 db 5d f0 f9 0b d0 66 db 5d 60 7a 66 bd 8e 01 d0 66 a9 5e 27 24 00 26 4f 91 1a 05 f0 fb 0b d0 66 db 5d 4f 92 2d 00 f0 fc 0b 47 00 00 9F 01 02 01 06 07 38 D0 30 D0 66 88 01 46 E4 03 00 96 2A 12 06 00 00 29 D0 66 E9 01 96 2A 12 06 00 00 29 D0 66 94 02 96 2A 12 06 00 00 29 D0 66 95 02 96 2A 12 06 00 00 29 D0 66 96 02 96 48

So
orange = your aob
Blue= wildcard area (information about the function that coming after it..)
white = the function that coming after the function you're modifying (let's call it endTime())


So now basically we're gonna make 1 AoB, so we're gonna wildcard all the bytes that can change after update (and the information about the function), assuming you remember the opcodes as bytes representation.

So that's the before and after AoBs you're ending up with:
Quote:
f1 99 ca 02 f0 f1 0b d0 30 f0 f3 0b d0 66 db 5d 12 08 00 00 f0 f5 0b d0 4f a8 5e 00 f0 f8 0b d0 5d 80 02 25 e8 07 d0 66 dc 5d 4a 80 02 02 68 db 5d f0 f9 0b d0 66 db 5d 60 7a 66 bd 8e 01 d0 66 a9 5e 27 24 00 26 4f 91 1a 05 f0 fb 0b d0 66 db 5d 4f 92 2d 00 f0 fc 0b 47 00 00 9F 01 02 01 06 07 38 D0 30 D0 66 88 01 46 E4 03 00 96 2A 12 06 00 00 29 D0 66 E9 01 96 2A 12 06 00 00 29 D0 66 94 02 96 2A 12 06 00 00 29 D0 66 95 02 96 2A 12 06 00 00 29 D0 66 96 02 96 48

Quote:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 ?? ?? ?? f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? ?? f0 ?? ?? d0 66 ?? ?? 4f ?? ?? ?? f0 ?? ?? 47 ?? ?? ?? ?? ?? ?? ?? ?? ?? d0 30 d0 66 ?? ?? 46 ?? ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 48


that makes sense, but doesnt the amount of bytes inbetween the functions fluctuate? i was under the impression it did, but i could be wrong. ill have to test it out along with the new function in the thread mentioned above. thanks guys

_________________
-TNC
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Mon Jul 14, 2014 10:49 pm    Post subject: Re: lol Reply with quote

thenewcomer wrote:
++METHOS wrote:
Maybe you can make sense of this. I did not try everything outlined in that thread, I admit.

this is exactly what i was looking for, thanks. gonna see if i can get it working tonight

DaSpamer wrote:


Ok some tip... never rely on jump offset or 'any' non changing bytes (if they're not numbers).
Basically treat most functions this way..
Code:
code

heh, i know how to wildcard an array too Wink thanks anyways though.
also those two lines with the last bytes still on them, those bytes are parameters (numbers) that dont change.

DaSpamer wrote:

So AoB is
Code:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 ?? ?? ?? f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? ?? f0 ?? ?? d0 66 ?? ?? 4f ?? ?? ?? f0 ?? ?? 47

Now, when you getting many results and cannot divide it down (without keeping it 'dynamic').
So what I'm doing, is searching for the aob (without the wildcards), and dumping the memory area (the aob + 50 to 100 bytes after the last byte of the aob)...
So for example you end up with this aob (you didn't specify the game.. so I just added different function):
Quote:
f1 99 ca 02 f0 f1 0b d0 30 f0 f3 0b d0 66 db 5d 12 08 00 00 f0 f5 0b d0 4f a8 5e 00 f0 f8 0b d0 5d 80 02 25 e8 07 d0 66 dc 5d 4a 80 02 02 68 db 5d f0 f9 0b d0 66 db 5d 60 7a 66 bd 8e 01 d0 66 a9 5e 27 24 00 26 4f 91 1a 05 f0 fb 0b d0 66 db 5d 4f 92 2d 00 f0 fc 0b 47 00 00 9F 01 02 01 06 07 38 D0 30 D0 66 88 01 46 E4 03 00 96 2A 12 06 00 00 29 D0 66 E9 01 96 2A 12 06 00 00 29 D0 66 94 02 96 2A 12 06 00 00 29 D0 66 95 02 96 2A 12 06 00 00 29 D0 66 96 02 96 48

So
orange = your aob
Blue= wildcard area (information about the function that coming after it..)
white = the function that coming after the function you're modifying (let's call it endTime())


So now basically we're gonna make 1 AoB, so we're gonna wildcard all the bytes that can change after update (and the information about the function), assuming you remember the opcodes as bytes representation.

So that's the before and after AoBs you're ending up with:
Quote:
f1 99 ca 02 f0 f1 0b d0 30 f0 f3 0b d0 66 db 5d 12 08 00 00 f0 f5 0b d0 4f a8 5e 00 f0 f8 0b d0 5d 80 02 25 e8 07 d0 66 dc 5d 4a 80 02 02 68 db 5d f0 f9 0b d0 66 db 5d 60 7a 66 bd 8e 01 d0 66 a9 5e 27 24 00 26 4f 91 1a 05 f0 fb 0b d0 66 db 5d 4f 92 2d 00 f0 fc 0b 47 00 00 9F 01 02 01 06 07 38 D0 30 D0 66 88 01 46 E4 03 00 96 2A 12 06 00 00 29 D0 66 E9 01 96 2A 12 06 00 00 29 D0 66 94 02 96 2A 12 06 00 00 29 D0 66 95 02 96 2A 12 06 00 00 29 D0 66 96 02 96 48

Quote:
f1 ?? ?? ?? f0 ?? ?? d0 30 f0 ?? ?? d0 66 ?? ?? 12 ?? ?? ?? f0 ?? ?? d0 4f ?? ?? ?? f0 ?? ?? d0 5d ?? ?? 25 e8 07 d0 66 ?? ?? 4a ?? ?? ?? 68 ?? ?? f0 ?? ?? d0 66 ?? ?? 60 ?? 66 ?? ?? ?? d0 66 ?? ?? 27 24 00 26 4f ?? ?? ?? f0 ?? ?? d0 66 ?? ?? 4f ?? ?? ?? f0 ?? ?? 47 ?? ?? ?? ?? ?? ?? ?? ?? ?? d0 30 d0 66 ?? ?? 46 ?? ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 2a 12 ?? ?? ?? 29 d0 66 ?? ?? ?? 48


that makes sense, but doesnt the amount of bytes inbetween the functions fluctuate? i was under the impression it did, but i could be wrong. ill have to test it out along with the new function in the thread mentioned above. thanks guys

The bytes can change but the count remains the same.

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
thenewcomer
Newbie cheater
Reputation: 0

Joined: 09 Mar 2013
Posts: 22
Location: Behind you

PostPosted: Tue Jul 15, 2014 1:21 am    Post subject: Re: lol Reply with quote

DaSpamer wrote:

The bytes can change but the count remains the same.


thats great news for us then lol

_________________
-TNC
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Tue Jul 15, 2014 2:45 am    Post subject: Re: lol Reply with quote

DaSpamer wrote:
The bytes can change but the count remains the same.

Are you sure?


@thenewcomer, how many bytes startTimer function had before the update?

_________________
Back to top
View user's profile Send private message MSN Messenger
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Wed Jul 16, 2014 7:23 am    Post subject: Re: lol Reply with quote

mgr.inz.Player wrote:
DaSpamer wrote:
The bytes can change but the count remains the same.

Are you sure?


@thenewcomer, how many bytes startTimer function had before the update?


functions length (amount of bytes) may change, but the info about the function doesn't
the info contains the following:
00 00 9F 01 02 01 06 07 38
don't know - 00 00 0F
maxstack - 01 (1)
localcount - 02 (2)
initscopedepth - 01 (1)
maxscopedepth - 06 (6)
don't know either - 07 38


So it's safe to just wildcard function data (as I don't know what are the first 3 bytes and the last 2 bytes before new function begins).
Function length does not change as long as there was no changes to the way the game was compiled (e.g property names got shorter, like 66 XX XX XX to 66 XX XX), or the function was not touched (changed / rewritten), if it was touched, it's always better to update manually (hacks most likely to be patched too).

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites