|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
nachorama How do I cheat? Reputation: 0
Joined: 07 Aug 2017 Posts: 4 Location: United Kingdom
|
Posted: Mon Oct 02, 2017 9:59 am Post subject: Find what writes to address, nop it and then change value |
|
|
Hello, bit of a lua noob here so I apologize if this is really basic question but I cant seem to find a noob friendly answer to it.
All I need to do is create a lua script that will find what writes to address (204A71B0), nop it and then change the value of the address 204A71B0 to 8E E3 18 40.
Thank you.
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 138
Joined: 06 Jul 2014 Posts: 4275
|
Posted: Mon Oct 02, 2017 10:39 am Post subject: |
|
|
Code: | function nopAndWrite(address, value, size)
if not size then size = 4 end
debug_setBreakpoint(address, size, bptWrite, bpmDebugRegister, function()
local ip = getPreviousOpcode(targetIs64Bit() and RIP or EIP)
local t = {}
for i = 1, getInstructionSize(ip) do
t[i] = 0x90
end
writeBytes(ip, t)
writeInteger(address, value)
debug_continueFromBreakpoint(co_run)
return 0
end)
writeInteger(address, value)
end |
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
nachorama How do I cheat? Reputation: 0
Joined: 07 Aug 2017 Posts: 4 Location: United Kingdom
|
Posted: Mon Oct 02, 2017 3:53 pm Post subject: |
|
|
WOW fast response. Thank you very much it works great.
One slight issue though. When I try to load from a save state in an emulator after using this code with a trainer it crashes the emulator. It does not crash if I nopped the address manually in Memory View though so I'm not sure what is going on there, maybe I have missed something.
Code: |
function nopAndWrite(address, value, size)
if not size then size = 4 end
debug_setBreakpoint(0x204A71B0, size, bptWrite, bpmDebugRegister, function()
local ip = getPreviousOpcode(targetIs64Bit() and RIP or EIP)
local t = {}
for i = 1, getInstructionSize(ip) do
t[i] = 0x90
end
writeBytes(ip, t)
writeBytes(0x204A71B0, 0x8E, 0xE3, 0x18, 0x40)
debug_continueFromBreakpoint(co_run)
return 0
end)
writeInteger(address, value)
end
|
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 138
Joined: 06 Jul 2014 Posts: 4275
|
Posted: Mon Oct 02, 2017 5:31 pm Post subject: |
|
|
getPreviousOpcode isn't guaranteed to get the correct instruction that comes before the specified one. Check to see if the script is replacing the correct bytes with NOPs.
If it's not, look for a more particular solution. e.g. code injection. (you could try to calculate the previous instruction using the thread context but that would require some work to do it properly)
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|