Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Scan and replace very long AOB
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
Corroder
Master Cheater
Reputation: 8

Joined: 10 Apr 2015
Posts: 403

PostPosted: Thu Sep 17, 2015 10:01 pm    Post subject: Scan and replace very long AOB Reply with quote

Does some one can help to make a function which able to scan and replace very long AOB ?

Code:

AOB to scan :
27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05
60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df
01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fe 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06
62 08 12 da 01 00 d2 82 63 07 62 08 96 11 cd 01 00 10 c2 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 1a 01 00 62 04 66 a9
5a 62 09 11 c0 00 00 60 f8 13 66 ab e9 01 62 09 11 f7 00 00 ab 62 09 96 12 cd 00 00 2a 62 08 12 bb 00 00 12 43 00 00 62 09 11
b0 00 00 29 62 08 12 41 00 00 62 04 66 a1 10 62 08 96 11 87 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 08 96 11 b9 00 00 ab 62
09 10 0d 00 00 2a d6 07 92 07 08 05 d2 2a c3 02 08 03 11 a2 00 00 12 4e 00 00 62 09 96 12 7c 00 00 5d 82 41 62 04 66 ca 89 01
66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12
4a 82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12
90 00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00
00 60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04
66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80
93 b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04
5d d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04
66 a1 10 62 05 61 83 e6 01 32 07 06 11 37 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 47 47

AOB replace
27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05
60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df
01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fd 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06
62 08 12 d9 01 00 d2 82 63 07 62 08 96 11 cc 01 00 10 c1 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 19 01 00 62 04 66 a9
5a 62 09 11 bf 00 00 60 f8 13 66 ab e9 01 62 09 11 f6 00 00 ab 62 09 96 12 cc 00 00 2a 62 08 12 ba 00 00 12 00 00 00 62 09 11
af 00 00 29 62 08 12 40 00 00 62 04 66 a1 10 62 08 96 11 00 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 09 11 00 00 00 af 62 08
10 0d 00 00 c0 63 07 c3 08 af 08 03 1f 08 07 c2 04 96 12 00 00 00 12 00 00 00 62 09 12 00 00 00 5d 82 41 62 04 66 ca 89 01 66
ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a
82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12 90
00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00 00
60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04 66
ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80 93
b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04 5d
d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04 66
a1 10 62 05 61 83 e6 01 32 07 06 11 38 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 02 47 47



Thanks and regard
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 118

Joined: 09 Jun 2013
Posts: 3198

PostPosted: Thu Sep 17, 2015 10:13 pm    Post subject: Reply with quote

Code:
[ENABLE]
aobscan(myaob,27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05 60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df 01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fe 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06 62 08 12 da 01 00 d2 82 63 07 62 08 96 11 cd 01 00 10 c2 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 1a 01 00 62 04 66 a9 5a 62 09 11 c0 00 00 60 f8 13 66 ab e9 01 62 09 11 f7 00 00 ab 62 09 96 12 cd 00 00 2a 62 08 12 bb 00 00 12 43 00 00 62 09 11 b0 00 00 29 62 08 12 41 00 00 62 04 66 a1 10 62 08 96 11 87 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 08 96 11 b9 00 00 ab 62 09 10 0d 00 00 2a d6 07 92 07 08 05 d2 2a c3 02 08 03 11 a2 00 00 12 4e 00 00 62 09 96 12 7c 00 00 5d 82 41 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a 82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12 90 00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00 00 60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80 93 b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04 5d d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04 66 a1 10 62 05 61 83 e6 01 32 07 06 11 37 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 47 47)

myaob:
db 27 26 63 08 40 d5 bf 01 29 10 0c 00 00 ad 64 a7 08 08 64 92 08 d6 a9 92 04 63 09 d0 30 20 80 f8 13 63 04 20 80 93 b1 01 63 05 60 85 b0 01 66 b4 a3 01 66 a9 a3 01 80 c4 d8 01 d6 62 09 11 06 00 00 d2 20 14 01 00 00 47 5d 86 df 01 d2 66 b5 e4 01 4a 86 df 01 01 62 09 11 04 00 00 80 86 df 01 d7 62 09 96 12 fd 01 00 24 00 62 08 11 0c 00 00 24 44 c7 c1 c4 24 48 c7 c0 24 2c c5 63 06 62 08 12 d9 01 00 d2 82 63 07 62 08 96 11 cc 01 00 10 c1 01 00 09 62 07 62 06 23 80 f8 13 63 04 62 09 11 19 01 00 62 04 66 a9 5a 62 09 11 bf 00 00 60 f8 13 66 ab e9 01 62 09 11 f6 00 00 ab 62 09 96 12 cc 00 00 2a 62 08 12 ba 00 00 12 00 00 00 62 09 11 af 00 00 29 62 08 12 40 00 00 62 04 66 a1 10 62 08 96 11 00 00 00 60 85 b0 01 66 b4 a3 01 66 a1 10 62 09 11 00 00 00 af 62 08 10 0d 00 00 c0 63 07 c3 08 af 08 03 1f 08 07 c2 04 96 12 00 00 00 12 00 00 00 62 09 12 00 00 00 5d 82 41 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a 82 41 05 80 93 b1 01 63 05 62 09 11 f5 00 00 10 e5 00 00 62 04 66 a9 5a 62 08 12 97 00 00 60 f8 13 66 ab e9 01 62 09 96 12 90 00 00 ab 62 08 96 11 0c 00 00 2a 11 2a 00 00 62 08 96 11 23 00 00 29 62 08 96 11 25 00 00 62 04 66 a9 5a 62 08 96 11 61 00 00 60 f8 13 66 8d 8d 01 62 09 96 12 5a 00 00 ab 12 49 00 00 62 08 12 64 00 00 5d fe b9 01 62 04 66 ca 89 01 66 ac c5 01 62 04 66 ca 89 01 66 bb de 01 62 04 66 ca 89 01 66 e0 ef 01 62 04 66 ca 89 01 66 ec 17 62 04 66 ca 89 01 66 b3 12 4a fe b9 01 05 80 93 b1 01 63 05 10 48 00 00 62 04 66 a9 5a 60 f8 13 66 b4 d0 01 14 31 00 00 10 0d 00 00 1e b3 a6 c3 08 08 04 aa 63 08 c6 63 04 5d d2 26 62 04 66 ca 89 01 66 bb de 01 d0 66 e1 c7 01 4a d2 26 02 80 93 b1 01 63 05 10 07 00 00 20 80 93 b1 01 63 05 d3 62 04 66 a1 10 62 05 61 83 e6 01 32 07 06 11 38 fe ff 08 07 08 06 62 09 11 0b 00 00 d0 66 e1 c7 01 d3 4f d9 8d 01 01 02 47 47
[DISABLE]
Back to top
View user's profile Send private message
Corroder
Master Cheater
Reputation: 8

Joined: 10 Apr 2015
Posts: 403

PostPosted: Fri Sep 18, 2015 12:13 am    Post subject: Reply with quote

Thanks Zanzer,

I am not think about use AA before.
I did by separate AOB into 2 part for manual scan and also can do by use simple aobswap(scan, replace) function if want put the code in a game trainer by ignoring result list found.

Regards
Back to top
View user's profile Send private message
lolAnonymous
Expert Cheater
Reputation: 1

Joined: 19 Jul 2015
Posts: 146

PostPosted: Fri Sep 18, 2015 1:56 am    Post subject: Reply with quote

Sir Why Don't U Use Luacall ?
Back to top
View user's profile Send private message
Corroder
Master Cheater
Reputation: 8

Joined: 10 Apr 2015
Posts: 403

PostPosted: Fri Sep 18, 2015 9:07 am    Post subject: Reply with quote

MasterHacking321,

I just want other method, even that will easy use luacall, aobscan, or aobswap and ignoring how much AOB codes found as result list.

As you know aobscan will doing for first record / address found and then stop. We able manipulating it by "scan till end" or "scan till not found", to process scan and replace all codes found.

In other case if need, we also able to save that AOB code as string and load it with a function.

My point is just to progress it with very simple way and put the method into a game trainer. And the easy way is like shown by Zanzer.

regards
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 118

Joined: 09 Jun 2013
Posts: 3198

PostPosted: Fri Sep 18, 2015 10:13 am    Post subject: Reply with quote

Not sure if unpack() has a limit in the number of results it can return.
Code:
[ENABLE]
{$lua}
aob_replace = {0x90, 0x90, 0x90, 0x90}
aob_original = {0x48, 0x83, 0xEC, 0x28}
aob = AOBScan(unpack(aob_original))
for i=0, aob.Count-1 do
  writeBytes(aob[i], unpack(aob_replace))
end
{$asm}
[DISABLE]
{$lua}
for i=0, aob.Count-1 do
  writeBytes(aob[i], unpack(aob_original))
end
aob.Destroy()
aob = nil
{$asm}
Back to top
View user's profile Send private message
lolAnonymous
Expert Cheater
Reputation: 1

Joined: 19 Jul 2015
Posts: 146

PostPosted: Fri Sep 18, 2015 11:52 am    Post subject: Reply with quote

Nice Work Zanzer Very Happy Wink

Thanks A lot
Back to top
View user's profile Send private message
Corroder
Master Cheater
Reputation: 8

Joined: 10 Apr 2015
Posts: 403

PostPosted: Fri Sep 18, 2015 7:13 pm    Post subject: Reply with quote

Thank so much Zanzer,

This is about unpack() -- from REDIS scripting unpack(ARGV)

Code:

That said, unpack() actually has a limit on the size of the table which
is defined by LUAI_MAXCSTACK in luaconf.h forcing a maximum number of Lua

stack slots that a C function can use. This limit is set to 8000 by
default, meaning that your ARGV table can contain up to 8000 elements (it's
more than reasonable in this context).


Maybe this condition is similar in LUA 5.2 / 5.3

Next with Zanzer function, i have problem to adding 0x.. for every bytes.
If the AOB is short then no problem, but if very long, it give a problem.
Maybe this function able to handle it, if I not wrong.

Code:

local scan = '48 83 EC 28';
local replace = '90 90 90 90';
local replace_table = {};

for byte in string.gfind(replace, "[^%s]+") do
   table.insert(replace_table, tonumber('0x'..byte));
end

print(unpack(replace_table));

local data = AOBScan(scan);
if (data) then
   local count = data.getCount();
   for i=0, count-1 do
      local address = data.getString(i);
      writeBytes(address, replace_table);
   end
end


regards


Last edited by Corroder on Fri Sep 18, 2015 7:38 pm; edited 1 time in total
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 118

Joined: 09 Jun 2013
Posts: 3198

PostPosted: Fri Sep 18, 2015 7:28 pm    Post subject: Reply with quote

Code:
local replace_str = "90 90 90 90"
local aob_replace = {}
for i in string.gmatch(replace_str, "%S+") do
  aob_replace[#aob_replace+1] = tonumber(i,16)
end

Code:
[ENABLE]
{$lua}
aob_pattern_str = "48 83 EC 28"
aob_replace_str = "90 90 90 90"
aob_pattern_arr = {}
aob_replace_arr = {}
for i in string.gmatch(aob_pattern_str, "%S+") do
  aob_pattern_arr[#aob_pattern_arr+1] = tonumber(i,16)
end
for i in string.gmatch(aob_replace_str, "%S+") do
  aob_replace_arr[#aob_replace_arr+1] = tonumber(i,16)
end
aob_scan = AOBScan(unpack(aob_pattern_arr))
for i=0, aob_scan.Count-1 do
  writeBytes(aob_scan[i], unpack(aob_replace_arr))
end
{$asm}
[DISABLE]
{$lua}
for i=0, aob_scan.Count-1 do
  writeBytes(aob_scan[i], unpack(aob_pattern_arr))
end
aob_scan.Destroy()
aob_scan = nil
aob_pattern_str = nil
aob_replace_str = nil
aob_pattern_arr = nil
aob_replace_arr = nil
{$asm}
Back to top
View user's profile Send private message
Corroder
Master Cheater
Reputation: 8

Joined: 10 Apr 2015
Posts: 403

PostPosted: Fri Sep 18, 2015 7:42 pm    Post subject: Reply with quote

Thanks Zanzer for very quick reply...

I am use the second code and it work properly.

Regards
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 118

Joined: 09 Jun 2013
Posts: 3198

PostPosted: Fri Sep 18, 2015 8:08 pm    Post subject: Reply with quote

Here's an even better script. It allows you to use the '??' wildcard for both the search and replace.
So the code below will only overwrite the function call bytes: "E8 ?? ?? ?? ??"
Code:
[ENABLE]
{$lua}
local pattern = "48 83 EC 28 E8 ?? ?? ?? ?? 48 83 C4 28 EB"
local replace = "?? ?? ?? ?? 90 90 90 90 90 ?? ?? ?? ?? ??"
aob_scan_results = AOBScan(pattern)
aob_backup_bytes = {}
local length = (#replace + 1) / 3
for i = 0, aob_scan_results.Count - 1 do
  local backup = readBytes(aob_scan_results[i], length, true)
  local bytes = {}
  for hex in string.gmatch(replace, "%S+") do
    local size = #bytes + 1
    if hex == "??" then
      bytes[size] = backup[size]
    else
      bytes[size] = tonumber(hex, 16)
    end
  end
  aob_backup_bytes[i] = backup
  writeBytes(aob_scan_results[i], bytes)
end
{$asm}
[DISABLE]
{$lua}
for i = 0, aob_scan_results.Count - 1 do
  writeBytes(aob_scan_results[i], aob_backup_bytes[i])
end
aob_scan_results.Destroy()
aob_scan_results = nil
aob_backup_bytes = nil
Back to top
View user's profile Send private message
lolAnonymous
Expert Cheater
Reputation: 1

Joined: 19 Jul 2015
Posts: 146

PostPosted: Fri Sep 18, 2015 9:09 pm    Post subject: Reply with quote

Thanks Zanzer and Corroder both of u did awesome Very Happy

Thanks a lot Smile
Back to top
View user's profile Send private message
Corroder
Master Cheater
Reputation: 8

Joined: 10 Apr 2015
Posts: 403

PostPosted: Sat Sep 19, 2015 5:45 am    Post subject: Reply with quote

Ahaa....very nice function Zanzer.
Also work properly and very useful code.
Thank so much...
Back to top
View user's profile Send private message
lolAnonymous
Expert Cheater
Reputation: 1

Joined: 19 Jul 2015
Posts: 146

PostPosted: Sat Sep 19, 2015 5:46 am    Post subject: Reply with quote

Yup Sir It Is Awesome Wink
Back to top
View user's profile Send private message
Demadom
How do I cheat?
Reputation: 0

Joined: 15 Nov 2014
Posts: 8

PostPosted: Wed Mar 08, 2017 11:54 pm    Post subject: Reply with quote

I cant get any of the above coeds to work. I keeps giveing me an error.
The error is
[string "[ENABLE]
....."]:1: unexpected symbol near '['
Never ran across this so wtf does it mean?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites