Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


(C#/ASM) Save value from codecave

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
BufferOverflow
How do I cheat?
Reputation: 0

Joined: 18 Jan 2015
Posts: 6

PostPosted: Tue May 23, 2017 10:48 am    Post subject: (C#/ASM) Save value from codecave Reply with quote

Hello,

Lets say i've made a detour to my codecave and i want to extract the value inside the rax register before returning. How would i do something like this? Do i need to save the address stored in rax to somewhere and then read from that address in c#?
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Tue May 23, 2017 8:55 pm    Post subject: Reply with quote

Move the value into another location before your cave returns back to the original code. Anytime the code cave is called it will update that second location with the value. This is commonly done in tables that offer the ability to edit values live while still using a cave to obtain and set the value in the first place.
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
BufferOverflow
How do I cheat?
Reputation: 0

Joined: 18 Jan 2015
Posts: 6

PostPosted: Wed May 24, 2017 4:45 am    Post subject: Reply with quote

atom0s wrote:
Move the value into another location before your cave returns back to the original code. Anytime the code cave is called it will update that second location with the value. This is commonly done in tables that offer the ability to edit values live while still using a cave to obtain and set the value in the first place.


My assembly is quite awful, is the table you are talking about a "Lookup table", i googled a bit but i couldn't really figure out how to make one of these tables and get the address to it.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Wed May 24, 2017 1:24 pm    Post subject: Reply with quote

I was referring to cheat tables that had been posted on this site in the past. They do what you are referring to fairly often to display values and such in the table as well as trainers etc. Basically what you would be doing is allocating a second location of memory which you would have the known address to. Inside of your cave, move the value you want to view into that second memory location then you can display it since you know the address to read consistently.

Here is an example of using a second memory location to check for a flag in Minesweeper:
Code:
[ENABLE]
alloc(TimeFlag,4)
alloc(cave,256)
registersymbol(TimeFlag)
label(back)

// Our Time Cave
cave:
cmp [TimeFlag],1
jne back
inc [0100579C]
jmp back

// Create Cave And Jump For Main Time Inc
1002FF5:
jmp cave
nop
back:

// Disable Initial Time Tick
1003830:
nop
nop
nop
nop
nop
nop

[DISABLE]
// Restore Main Time Tick
1002FF5:
inc [0100579C]

// Restore Initial Time Tick
1003830:
inc [0100579C]

// Remove Our Defines
dealloc(cave)
dealloc(TimeCave)
unregistersymbol(TimeFlag)


You can then create a new address to your table with the address of: TimeFlag

This will allow you to toggle the cheat by editing this second memory location.

Here is another example for Pinball on WinXP, this stores the score value into the second memory location and can be visible on the table by adding a new pointer with the address pPointer.

Code:
[ENABLE]
alloc(cave,256)
alloc(pPointer,4)
label(back)
registersymbol(pPointer)

cave:
lea eax,[ecx+52]
add [eax], esi
mov [pPointer],eax
jmp back

1017579:
jmp cave
back:


[DISABLE]
1017579:
lea eax [ecx+52]
add [eax],esi

dealloc(cave)
dealloc(pPointer)
unregistersymbol(pPointer)

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
BufferOverflow
How do I cheat?
Reputation: 0

Joined: 18 Jan 2015
Posts: 6

PostPosted: Thu May 25, 2017 4:34 am    Post subject: Reply with quote

Thank you that cleared things up a lot!


EDIT: Nevermind i solved it! Thank you for your help! Very Happy

One last question i bumped into if you don't mind Laughing

If i want to mov rcx to a 64-bit address, do i have to mov the addres into rax before?

If i do for example:
Code:
mov 23A1B670000, rcx

it will overflow and add "random" instructions to the addresses afterwards.

Would something like this work better? (i'm not able to access my desktop at the moment to test it):
Code:
mov rax, 23A1B670000
mov rax, rcx

Or would it just overwrite rax instead of moving the value to the address inside rax?
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Sun May 28, 2017 6:27 pm    Post subject: Reply with quote

Addresses should be embraced with [ ] otherwise it is going to try and use that as a value.
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites