Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


What is the equivalent to Game Guardian xor search in CE?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Discussions
View previous topic :: View next topic  
Author Message
SAMASAL
Newbie cheater
Reputation: 0

Joined: 02 Apr 2015
Posts: 11

PostPosted: Sun Dec 24, 2017 11:44 am    Post subject: What is the equivalent to Game Guardian xor search in CE? Reply with quote

(Edit: Forum does NOT allow me to post a youtube link about how it is done sorry)

GG is very useful for finding xor values, once you know the xor values are 4 bytes apart for example, you can search the value directly as a dword x4, and will get you the result in less than a minute, I am not fond of game guardian and would like to know if it is possible to do so in Cheat Engine.

Thanks everyone for your answer.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sun Dec 24, 2017 12:01 pm    Post subject: Reply with quote

use custom types

e.g:
open the process, rightclick the value type and choose the option to define a new assembler type
and paste this in:
Code:

alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(CallMethod,1)

TypeName:
db 'dword xor +4',0

ByteSize:
dd 8

UsesFloat:
db 0 //Change to 1 if this custom type should be treated as a float

CallMethod:
db 1 //Remove or change to 0 for legacy call mechanism

//The convert routine should hold a routine that converts the data to an integer (in eax)
//function declared as: cdecl int ConvertRoutine(unsigned char *input, PTR_UINT address);
//Note: Keep in mind that this routine can be called by multiple threads at the same time.
ConvertRoutine:
//jmp dllname.functionname
[64-bit]
//or manual:
//parameters: (64-bit)
//rcx=address of input
//rdx=address
mov eax,[rcx] //eax now contains the bytes 'input' pointed to
xor eax,[rcx+4]

ret
[/64-bit]

[32-bit]
//jmp dllname.functionname
//or manual:
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=address of input
//[ebp+c]=address
//example:

push ebx
mov ebx,[ebp+8] //place the address that contains the bytes into eax
mov eax,[ebx] //place the bytes into eax so it's handled as a normal 4 byte value
xor eax,[ebx+4]

pop ebx

pop ebp
ret
[/32-bit]

//The convert back routine should hold a routine that converts the given integer back to a row of bytes (e.g when the user wats to write a new value)
//function declared as: cdecl void ConvertBackRoutine(int i, PTR_UINT address, unsigned char *output);
ConvertBackRoutine:
//jmp dllname.functionname
//or manual:
[64-bit]
//parameters: (64-bit)
//ecx=input
//rdx=address
//r8=address of output
//example:
xor ecx,[r8+4]
mov [r8],ecx //place the integer at the 4 bytes pointed to by r8

ret
[/64-bit]

[32-bit]
//parameters: (32-bit)
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address
//[ebp+10]=address of output
//example:
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+10] //load the output address into ebx
xor eax,[ebx+4]
mov [ebx],eax //write the value into the address
pop ebx
pop eax

pop ebp
ret
[/32-bit]



from then on, you can use the dword xor +4 type when you like

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping


Last edited by Dark Byte on Sun Dec 24, 2017 12:25 pm; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
SAMASAL
Newbie cheater
Reputation: 0

Joined: 02 Apr 2015
Posts: 11

PostPosted: Sun Dec 24, 2017 12:05 pm    Post subject: Reply with quote

Edit: I will read a bit about custom types and check why it does not work, thank you.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sun Dec 24, 2017 12:22 pm    Post subject: Reply with quote

Sorry, I copy pasted the wrong script and deleted the right one afterwards...

let me rewrite it

edit: fixed the above post

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
SAMASAL
Newbie cheater
Reputation: 0

Joined: 02 Apr 2015
Posts: 11

PostPosted: Sun Dec 24, 2017 12:34 pm    Post subject: Reply with quote

Dark Byte wrote:
Sorry, I copy pasted the wrong script and deleted the right one afterwards...

let me rewrite it

edit: fixed the above post


Thanks for helping out, before I try trial and error can you let me now which values in the code needs to be modified for x8, x16 and x24?.

This really helps out a ton thanks.

Edit: I think I found them, this is trivial for you of course thanks again Dark.

Change Xor 4 for Xor 16:
xor **x,[**+4]
xor **x,[**+16]

Edit2: nevermind does not work need to check again what am I doing.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sun Dec 24, 2017 2:31 pm    Post subject: Reply with quote

don't forget to adjust
Code:

ByteSize:
dd 8


also, you may want to disable fastscan

(or add
Code:

alloc(PREFEREDALIGNMENT,4)
PREFEREDALIGNMENT:
dd 4


)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
SAMASAL
Newbie cheater
Reputation: 0

Joined: 02 Apr 2015
Posts: 11

PostPosted: Sun Dec 24, 2017 5:45 pm    Post subject: Reply with quote

Dark Byte wrote:
don't forget to adjust
Code:

ByteSize:
dd 8


also, you may want to disable fastscan

(or add
Code:

alloc(PREFEREDALIGNMENT,4)
PREFEREDALIGNMENT:
dd 4


)


Yes It is working! the bytesize was the missing step, thanks and merry christmas!, thanks for taking time to make this happen.
Back to top
View user's profile Send private message
Guccina5678
How do I cheat?
Reputation: 0

Joined: 24 Feb 2024
Posts: 8

PostPosted: Sat Mar 23, 2024 4:56 pm    Post subject: Dword code ty darkbyte Reply with quote

I used your code and was able to finally create an unlimited barn in my game. Thank you so much!
_________________
Screaming into the void
Back to top
View user's profile Send private message
ZadkielSan
Advanced Cheater
Reputation: 0

Joined: 09 Sep 2012
Posts: 75

PostPosted: Wed Mar 27, 2024 11:20 am    Post subject: Re: Dword code ty darkbyte Reply with quote

Guccina5678 wrote:
I used your code and was able to finally create an unlimited barn in my game. Thank you so much!



good for you, still can't use this, it says "divided by zero" or find nothing, I want to be able to do xor search x4 and x8 like game guardian but it's not possible Sad
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Discussions All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites