Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Need a help with DLL

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
stanoja
Cheater
Reputation: 0

Joined: 08 Mar 2007
Posts: 33
Location: Mk.

PostPosted: Wed Dec 24, 2014 1:26 am    Post subject: Need a help with DLL Reply with quote

Guys, it's 6 AM and I've been stuck all night with this problem. I'm trying to write a dll in visual c++ with some simple functions like add 100, 1000 to a given value.
I've tried the guide on the wiki about auto assembly example 3 (http://wiki.cheatengine.org/index.php?title=Auto_Assembler_Example_3#Injecting_The_DLL) and I manage to load the example dll and use the fnDllTest2, but my function doesn't "work" or my assembly script is screwed up.

These are the 2 functions, one of them works, the other one brings back a constant value, and it's not an address to a value as I've tried.
Code:

   __declspec(dllexport) int __stdcall fnTestDll2(int a, int b)
   {
      nTestDll++;
      return a * 2 + b;
   }

   __declspec(dllexport) int __stdcall fnIncSto(int br)
   {
      return br+1000;
   }


part of my assembly script:
Code:

...
alloc(_TMPVAR,4)
alloc(_TMPVAR2,4)
registersymbol(_TMPVAR)
registersymbol(_TMPVAR2)

_TMPVAR2:
 db FF 00 00 00 //give it some starting value, 255
...
push eax
push 5
push 12
call fnTestDll2
mov [_TMPVAR],eax
push [_TMPVAR2]
call fnIncSto
mov [_TMPVAR2], eax
pop eax


For the first function (test fnTestDll2) it works, for my fn it gives unrecognizable (by me) results.

Any help or suggestions?
Thanks in advance!

EDIT: Is the global integer nTestDll only an example of a global variable or it has some function not know to part of the mankind?

_________________
Busy thinking...
Back to top
View user's profile Send private message Send e-mail
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Wed Dec 24, 2014 4:56 am    Post subject: Reply with quote

i'm not sure what you expect and what you get so i can't really help
you do know that those pushed values are in hexadecimal?

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
stanoja
Cheater
Reputation: 0

Joined: 08 Mar 2007
Posts: 33
Location: Mk.

PostPosted: Wed Dec 24, 2014 8:51 am    Post subject: Reply with quote

I know that they're hexadecimal Smile
My trick is to learn to make dlls for assembly and implement them so I'm trying to make basic functions.
Right now I just want to increase a given number by constant value (now 1000).

For my function I just pushed one value for the only argument "int br" - of my empty allocated 4 bytes (_TMPVAR2), and I call the function fnIncSto.

The eax push/pop are because I'm doing a code injection so I don't want to mess with the value.

I followed the example as I said, I can't see where I'm wrong, either I'm tired or I screwed something up.

Not to mention that the first function with the 0x05 an 0x12 works flawlessly. I will try now and check if it's 2 byte operand, I'm out of ideas.

EDIT: If I push constants it works, when I push values written on my allocated memory it doesn'. Is my assembly any good? Am I using the "variables" right?

_________________
Busy thinking...
Back to top
View user's profile Send private message Send e-mail
stanoja
Cheater
Reputation: 0

Joined: 08 Mar 2007
Posts: 33
Location: Mk.

PostPosted: Wed Dec 24, 2014 5:58 pm    Post subject: Reply with quote

If I allocate 4 bytes for my "variable" and push it's value into the stack it doesn't bring up the desired result.
If I allocate 2 bytes and push it into the stack it works flawlessly!

So, widening up the argument from int to int64/long?

EDIT: Making the function and the argument from int to long doesn't work. I really have no idea what to do. Any suggestions?

_________________
Busy thinking...
Back to top
View user's profile Send private message Send e-mail
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Wed Dec 24, 2014 6:55 pm    Post subject: Reply with quote

It all depends on the variable types you're working with.

if you push _TMPVAR2 it will push the address of _tmpvar2
if you push [_tmpvar2] it will push the value of _tmpvar2

(You haven't posted the code you're working with so we can't really help with details like variable types and levels of indirection. A simple & or * can change a lot)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
stanoja
Cheater
Reputation: 0

Joined: 08 Mar 2007
Posts: 33
Location: Mk.

PostPosted: Wed Dec 24, 2014 7:54 pm    Post subject: Reply with quote

Dark Byte wrote:
It all depends on the variable types you're working with.
(You haven't posted the code you're working with so we can't really help with details like variable types and levels of indirection. A simple & or * can change a lot)


You're right, I was too busy today and I completely misread the part of placing my code. So, here it is!

The assembly script:

Code:

[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
alloc(_PLAYER_ADDRESS,4)
alloc(_TMPVAR,4)
alloc(_TMPVAR2,4)
registersymbol(_PLAYER_ADDRESS)
registersymbol(_TMPVAR)
registersymbol(_TMPVAR2)

_TMPVAR2:
 db 00 00 00 23

newmem:
mov [_PLAYER_ADDRESS], esi
loadlibrary(C:\Users\Stanoje\Documents\Visual Studio 2012\Projects\Staddon.dll\Debug\Staddon.dll)
push eax
push 5
push 12
call fnTestDll2
mov [_TMPVAR],eax
push _TMPVAR2
call fnIncSto
mov [_TMPVAR2], eax
pop eax


originalcode:
mov [esi+00000CEC],eax

exit:
jmp returnhere

"Game.dll"+1BE536:
jmp newmem
nop

returnhere:


[DISABLE]
//dealloc(_PLAYER_ADDRESS)
dealloc(newmem)

"Game.dll"+1BE536:
mov [esi+00000CEC],eax


Have in mind that it's not finished yet.
Explanation: Actually what I'm doing is replacing the code when you buy/sell an item in the game, it finds the address of the player class (of course only the "esi" value, without the offset 0x00000CEC) and it put it into a global "variable". So I use that variable into my cheat table for a well known purpose - with specific offsets I find the health, mana, GOLD, experience and stuff.

Here is the dll code:

Code:

// Staddon.dll.cpp : Defines the exported functions for the DLL application.
//

#include "stdafx.h"

extern "C"
{
   __declspec(dllexport) int nTestDll=9999;

   //lua del
   __declspec(dllexport) int fnTestDll(int a, int b)
   {
      nTestDll++;
      return a * 2 + b;
   }

   //assembly del
   __declspec(dllexport) int __stdcall fnTestDll2(int a, int b)
   {
      nTestDll++;
      return a * 2 + b;
   }

   __declspec(dllexport) int __stdcall fnIncSto(int broj)
   {
      return broj+10000;
   }

}


Explanation:
What I'm trying to do here is to use the DLL to, let's say, increment a experience/gold/maximum health/maximum mana/some-other-value by a given number, my case 1000. I don't want to interfere with lua, I find this way to be more suitable in my case; say I can use the dll later for another game with some major modifications.

The actual problem now is when I allocate 2 bytes it works. Push 4 bytes doesn't.
Thank you for your time DarkByte but If I manage to extend this thing to a bigger scale I'll write something about it Smile

_________________
Busy thinking...
Back to top
View user's profile Send private message Send e-mail
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Wed Dec 24, 2014 8:14 pm    Post subject: Reply with quote

fnIncSto takes an integer, increases it with 10000 and returns it in eax
Code:
 
push _TMPVAR2
call fnIncSto
mov [_TMPVAR2], eax

pushes passes the "address" of _TMPVAR2 to fnIncSto
so eax becomes the address of_TMPVAR2+10000

perhaps instead of passing the address, you might want to pass it the value, or change the function to dereference it to an integer *(int *)
you also don't seem to initialize TMPVAR2

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
stanoja
Cheater
Reputation: 0

Joined: 08 Mar 2007
Posts: 33
Location: Mk.

PostPosted: Wed Dec 24, 2014 11:59 pm    Post subject: Reply with quote

As written in my first post, obviously I've tried both ways and I'm out of any fresh thinking. I'll sleep over this and then check with better eyes Smile

I think I managed to solve the problem, I'll write my results in 12-15 hours.

Thank you Dark Byte, I really appreciate your attention and help!

_________________
Busy thinking...
Back to top
View user's profile Send private message Send e-mail
stanoja
Cheater
Reputation: 0

Joined: 08 Mar 2007
Posts: 33
Location: Mk.

PostPosted: Thu Dec 25, 2014 10:07 am    Post subject: Reply with quote

Solved!

The actual problem was all in changing the script, saving the script, and re-enabling it to apply the new changes. I was doing that unsynchronized. On top of that my Cheat Engine window and my game were up for 4 days, and I did restart everything, including my PC.

It all works now, Thanks a lot Dark Byte!

_________________
Busy thinking...
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites