|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Craf How do I cheat? Reputation: 0
Joined: 28 Aug 2015 Posts: 2
|
Posted: Fri Aug 28, 2015 5:07 am Post subject: UDF fields value in AA |
|
|
How I can access UDF fields values in AA script? I understand that I must use LUA script in {$lua} section, but how pass readed values to registers or memory?
And second question:
when I use next AA script in Code injection
Code: |
[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [eax+50], 40FF
originalcode:
movss xmm0,[eax+50]
exit:
jmp returnhere
"game.exe"+E19C2:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
"game.exe"+E19C2:
movss xmm0,[eax+50]
|
all working fine, cheat are enable/disable OK,
but when I try use it in LUA script in UDF
Code: |
function chkValueChange(sender)
bValueActive = not bValueActive
value = control_getCaption(UDF1_txtValue)
if (bValueActive == true) then
script = [[alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [eax+50], ]].. string.format( '%x',value ) ..[[
originalcode:
movss xmm0,[eax+50]
exit:
jmp returnhere
"game.exe"+E19C2:
jmp newmem
returnhere:]]
autoAssemble(script);
else
script = [[
dealloc(newmem)
"game.exe"+E19C2:
movss xmm0,[eax+50] ]]
autoAssemble(script);
end
end
|
cheat dont wont DISABLE and I must do something in game that change [eax+50] value for disable cheat
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Fri Aug 28, 2015 8:34 am Post subject: |
|
|
something like this:
Code: |
[ENABLE]
{$lua}
return string.format("define(valuex,(float)%f)", tonumber(UDF.Objectname.Text) )
{$asm}
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [eax+50], valuex
originalcode:
movss xmm0,[eax+50]
exit:
jmp returnhere
"game.exe"+E19C2:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
"game.exe"+E19C2:
movss xmm0,[eax+50]
|
as for deactivate, your deactivate script doesn't know what newmem is, so it can't execute the rest. (So get rid of the dealloc)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Craf How do I cheat? Reputation: 0
Joined: 28 Aug 2015 Posts: 2
|
Posted: Fri Aug 28, 2015 12:36 pm Post subject: |
|
|
Thnx for help with {$lua}
I rewrite my trainer
Code: |
define(address,"game.exe"+E19C2)
define(bytes,F3 0F 10 40 50)
[ENABLE]
{$lua}
return string.format("define(value, %x)", CETrainer.txtValue.Text )
{$asm}
assert(address,bytes)
alloc(newmem,$1000)
alloc(valueaddr, 4)
registersymbol(valueaddr)
label(code)
label(return)
newmem:
mov [valueaddr], eax
mov [eax+50], value
code:
movss xmm0,[eax+50]
jmp return
address:
jmp newmem
return:
[DISABLE]
push eax
mov eax, [valueaddr]
mov [eax+50], 0
pop eax
dealloc(valueaddr)
dealloc(newmem)
address:
db bytes
// movss xmm0,[eax+50]
|
but this doesn't work:( In [eax+50] I still have value from cheat after disable it. How fix this?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Fri Aug 28, 2015 1:34 pm Post subject: |
|
|
aa scripts write code, they don't execute code. Also, your disable section will write to address 00000000 as you didn't specify an address
Anyhow, store the last known address in a registered symbol as well
then
Code: |
[addresswithlastknownaddress]:
dd [valueaddr]
|
Or use lua like:
Code: |
writeInteger(readPointer(addresswithlastknownaddress), readInteger(valueaddr)
|
Also, why use hexadecimal for a float value ?
And make sure you only write valueaddr one time, else you will be overwriting it with a result of the subsequent executions by the game
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Craf How do I cheat? Reputation: 0
Joined: 28 Aug 2015 Posts: 2
|
Posted: Sat Aug 29, 2015 1:46 am Post subject: |
|
|
Dark Byte wrote: | aa scripts write code, they don't execute code. Also, your disable section will write to address 00000000 as you didn't specify an address
Anyhow, store the last known address in a registered symbol as well
then
Code: |
[addresswithlastknownaddress]:
dd [valueaddr]
|
Or use lua like:
Code: |
writeInteger(readPointer(addresswithlastknownaddress), readInteger(valueaddr)
|
Also, why use hexadecimal for a float value ?
And make sure you only write valueaddr one time, else you will be overwriting it with a result of the subsequent executions by the game |
Sorry, i dont understand, what I must do:( Can U show me on my code example?
About HEX - in trainer must be entered value like 1056964608, and I just convert ir to HEX for better control in memory and code in debugger:)
EDITED (later):
Ok, nvm, I find other injection point after that I dont need reset value. And once more thnx for explain {$lua} section
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|