Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Track Changes to Addresses
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting -> Lua Extensions
View previous topic :: View next topic  
Author Message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 49

Joined: 06 Jul 2014
Posts: 1696
Location: Arcadian Suburbia

PostPosted: Sun Nov 06, 2016 6:37 pm    Post subject: Track Changes to Addresses This post has 1 review(s) Reply with quote

This script creates a gui that will log changes made to an address (or several addresses). It can be accessed by going to the "Tools" menu of the memory viewer.

By default it uses a timer to look for changes, but there is an option to use breakpoints to track all writes to the addresses. Just make sure there are enough debug registers available.

Put the script in the "autorun" folder in the main CE directory and restart CE for it to take effect.

Updated with support for signed integers and custom values using mgr.inz.Player's custom types extension here.



WatchChangesToAddresses.lua
 Description:
Put this in the autorun folder

Download
 Filename:  WatchChangesToAddresses.lua
 Filesize:  23.55 KB
 Downloaded:  641 Time(s)


_________________
I don't know where I'm going, but I'll figure it out when I get there.


Last edited by ParkourPenguin on Tue Nov 22, 2016 8:57 pm; edited 3 times in total
Back to top
View user's profile Send private message
Floydman
How do I cheat?
Reputation: 0

Joined: 31 Oct 2016
Posts: 4

PostPosted: Mon Nov 07, 2016 11:09 am    Post subject: Reply with quote

This is absolutely amazing and precisely what I couldn't wrap my head around. And a very versatile script at that. Thank you!
Back to top
View user's profile Send private message
predprey
Master Cheater
Reputation: 15

Joined: 08 Oct 2015
Posts: 366

PostPosted: Mon Nov 07, 2016 11:22 pm    Post subject: Reply with quote

i'm sure this is going to be really useful for the cheat makers Very Happy great work!
Back to top
View user's profile Send private message
Zephiles
Advanced Cheater
Reputation: 0

Joined: 04 Feb 2016
Posts: 56

PostPosted: Sat Nov 12, 2016 2:45 am    Post subject: Reply with quote

This is great, but could you add support for custom types? The ones I use are 2 Byte Big Endian, 4 Byte Big Endian, and Float Big Endian.
Back to top
View user's profile Send private message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 49

Joined: 06 Jul 2014
Posts: 1696
Location: Arcadian Suburbia

PostPosted: Sat Nov 12, 2016 9:04 am    Post subject: Reply with quote

That was one of the things I considered. Unfortunately, I don't believe there's any feasible way to access the registered custom types from Lua.

The next best thing I can think of off the top of my head is to give the user the ability to write a function that converts an AoB to a string, but not everyone knows how to use Lua.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 119

Joined: 09 Jun 2013
Posts: 3220

PostPosted: Sat Nov 12, 2016 10:53 am    Post subject: Reply with quote

Have a temporary memory record added to the table as the custom type and read the .Value from that?
Back to top
View user's profile Send private message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 49

Joined: 06 Jul 2014
Posts: 1696
Location: Arcadian Suburbia

PostPosted: Sat Nov 12, 2016 12:24 pm    Post subject: Reply with quote

Sure, but that seems like a very roundabout way of doing it. I would rather implement a checkbox for big endian, but in the vast majority of circumstances YAGNI.
_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 146

Joined: 07 Nov 2008
Posts: 4136
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Mon Nov 14, 2016 7:37 am    Post subject: Reply with quote

I started making an extension "customTypesExt" you can use.
_________________
Back to top
View user's profile Send private message MSN Messenger
Zephiles
Advanced Cheater
Reputation: 0

Joined: 04 Feb 2016
Posts: 56

PostPosted: Tue Nov 22, 2016 10:00 am    Post subject: Reply with quote

I tested it with mgr.inz.Player's custom types extension, and everything seems to work except for two things. One of these things is displaying the custom types in hexadecimal form does not work. Whenever I select this, it simply displays the value in decimal form. Displaying the original types in hexadecimal form works perfectly fine, however.

The other issue is with this Lua custom type that I use:
Code:

typename="Timer Big Endian" --shown as the typename in ce
bytecount=8  --number of bytes of this type
functionbasename="b8t"

function b8t_bytestovalue(b0,b1,b2,b3,b4,b5,b6,b7)
  local time = byteTableToQword{b7,b6,b5,b4,b3,b2,b1,b0}
  local sec  = math.floor(time / 40500000)
  if sec>=0 and sec < 0xACCC84D40 then
    local ss = sec % 60
    local mm = math.floor(sec/60) % 60
    local hh = math.floor(sec/3600)
    return hh*10000+mm*100+ss
  else
    return 0x80000000
  end
end

function b8t_valuetobytes(i,address)

  local b = readBytes(address,8,true)
  if i>=0 and i<=2147475959 then
    local ss = i % 100
    if ss<60 then
      local mm = math.floor(i/100)%100
      if mm<60 then
        local hh = math.floor(i/10000)
        local sec = hh*3600+mm*60+ss
        local time = sec*40500000
        b = qwordToByteTable(time)
        for i=1,4 do
          local j = 9-i
          b[i],b[j]=b[j],b[i] -- reverse
        end
      end
    end
  end

  local UnPack = table.unpack or unpack
  return UnPack(b)
end
return typename,bytecount,functionbasename

Every time I try to use it, it gives me an access violation error.
Back to top
View user's profile Send private message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 49

Joined: 06 Jul 2014
Posts: 1696
Location: Arcadian Suburbia

PostPosted: Tue Nov 22, 2016 10:54 am    Post subject: Reply with quote

I thought I was forgetting something... I guess that was one of them. Fixed the hexadecimal output for integral custom types. I also added support for signed custom types, but it inherently isn't well-defined. This implementation uses the most significant bit (determined by the custom value's byte size) of the resulting value (not the bytes as they are in memory). That is good for types like big endian, but bad for types like the old flash 4b*8.

The custom types extension doesn't seem to work for Lua custom types. There should be integrated support for custom types in Lua in the next major update to CE, so I'll update this extension when that comes around. If you need it immediately, you may want to consider translating that Lua script to assembly.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Zephiles
Advanced Cheater
Reputation: 0

Joined: 04 Feb 2016
Posts: 56

PostPosted: Tue Nov 22, 2016 11:45 am    Post subject: Reply with quote

ParkourPenguin wrote:
I thought I was forgetting something... I guess that was one of them. Fixed the hexadecimal output for integral custom types. I also added support for signed custom types, but it inherently isn't well-defined. This implementation uses the most significant bit (determined by the custom value's byte size) of the resulting value (not the bytes as they are in memory). That is good for types like big endian, but bad for types like the old flash 4b*8.

The custom types extension doesn't seem to work for Lua custom types. There should be integrated support for custom types in Lua in the next major update to CE, so I'll update this extension when that comes around. If you need it immediately, you may want to consider translating that Lua script to assembly.

Alright, the update makes them work. One more thing I was wondering: would it be possible to add an option to select the address to remove instead of having to type it in every time? It gets a bit tedious if you're only working with a small number of addresses.
Back to top
View user's profile Send private message
ParkourPenguin
Grandmaster Cheater Supreme
Reputation: 49

Joined: 06 Jul 2014
Posts: 1696
Location: Arcadian Suburbia

PostPosted: Tue Nov 22, 2016 1:15 pm    Post subject: Reply with quote

I couldn't think of any easy way to right click on a column and have a "delete" option. There's an OnColumnClick event that only fires on a left click, the MouseDown/MouseUp events won't fire when clicking on the columns, the OnContextPopup event isn't accessible from Lua, and I'm not interested in making a workaround for any of those.

I'll work on adding column options to the list view's context menu to make it a bit faster.

_________________
I don't know where I'm going, but I'll figure it out when I get there.
Back to top
View user's profile Send private message
Zephiles
Advanced Cheater
Reputation: 0

Joined: 04 Feb 2016
Posts: 56

PostPosted: Tue Nov 22, 2016 2:17 pm    Post subject: Reply with quote

Could you possibly add a dropdown list to choose the address that you want to remove?
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 146

Joined: 07 Nov 2008
Posts: 4136
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Tue Nov 22, 2016 3:50 pm    Post subject: Reply with quote

ParkourPenguin wrote:
There should be integrated support for custom types in Lua in the next major update to CE

I can add customtypeTypeLua to my extension. But, it looks like CE6.6.1 (or 6.7) will be released soon. (maybe this year?)



About signed unsigned customtypeTypeAutoAssembler values. My script just returns EAX value.

To get signed value you just use this:

val = t.getValue(address)
if val>0x7fffffff then val=val-0x100000000 end

If cutomtype is float (usesFloat) it is already signed.

_________________
Back to top
View user's profile Send private message MSN Messenger
Zephiles
Advanced Cheater
Reputation: 0

Joined: 04 Feb 2016
Posts: 56

PostPosted: Tue Nov 22, 2016 5:27 pm    Post subject: Reply with quote

I have another small problem. I edited one of the custom types as follows:

Code:

alloc(TypeName,256)
alloc(ByteSize,4)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)

TypeName:
db '2 Byte Big Endian',0

ByteSize:
dd 2

//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: stdcall int ConvertRoutine(unsigned char *input);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
xor eax,eax
mov ax,[rcx] //eax now contains the bytes 'input' pointed to
xchg ah,al //convert to big endian
movsx eax,ax // added

ret
[/64-bit]

[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//example:
mov eax,[ebp+8] //place the address that contains the bytes into eax
mov ax,[eax] //place the bytes into eax so it's handled as a normal 4 byte value
and eax,ffff //cleanup
xchg ah,al //convert to big endian
movsx eax,ax // added

pop ebp
ret 4
[/32-bit]

//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: stdcall void ConvertBackRoutine(int i, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address of output
//example:
xchg ch,cl //convert the little endian input into a big endian input
mov [rdx],cx //place the integer the 4 bytes pointed to by rdx

ret
[/64-bit]

[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx

//convert the value to big endian
xchg ah,al
movsx eax,ax // added

mov [ebx],ax //write the value into the address
pop ebx
pop eax

pop ebp
ret 8
[/32-bit]

The only things different from the previous version of it is that
Code:

movsx eax,ax // added

is added after each instance of
Code:

xchg ah,al //convert to big endian

The values display properly in Cheat Engine itself, but when using them with this extension, negative values do not work properly. For instance, -1 will be displayed as 4294901759, -2 will be displayed as 4294901758, -3 will be displayed as 4294901757, etc. Also, checking or unchecking the signed checkbox does not change the result. Is there a way around this?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting -> Lua Extensions All times are GMT - 6 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites