Joined: 05 Nov 2017 Posts: 39 Location: Behind the keyboard
Posted: Fri Feb 16, 2018 2:22 pm Post subject: Don't know what is this
Again i was cheating with a game and again i come up with a problem
Hope u guys will solve it!!
Problem is that in BF Hardline i found the ammo address and opcode writing to it.In memory viewer replacing it with nop's works fine but when i make a aa script and then replace the origcode with the nop's then.....guess what?
it again crashes (every game i use cheat engine on just love to crash)
but but...the weird thing for me is that if i make a aob script with only bytes of the opcode and then set them to db 90......
it works!!!!!
This is not the Integrity check,Is it?
cuz if it was it should also crash with the aob script.
Both (ammo) scripts are shown below.
Same is the case with the health value
plz someone explain this!!!
Any help would b appreciated.Thanks!
Set a breakpoint before the instruction you're hooking and see what code is generated when you enable the script?
If it's an x64 game (and I assume it is from rbx being used in the disable section) then if the newmem is too far from the original memory that's being hooked the "jmp" can end up being ~14 bytes instead of just 5 which will often mess things up, however passing a 3rd parameter to alloc as shown in the script can usually solve that by making sure you get memory close enough to use the 5 byte jmp. (the 14 byte jmp is actually multiple instructions, together achieving the desired result, which CE shows as a single "pseudo"-instruction)
Though if all you want to do is nop it then there's no point in allocating memory, jumping to it, running some nops and jumping back when you could literally just do the nops in place or even assemble a jump to the next instruction (short jumps are 2 bytes). I can understand just wanting to figure out why it doesn't work however. _________________
Joined: 05 Nov 2017 Posts: 39 Location: Behind the keyboard
Posted: Sat Feb 17, 2018 12:04 am Post subject:
Thanks FreeEr
But I figured it out
I have Query memory regions option enabled which caused the allocation to fail
Anyway thanks again for your time
Cheers!!!!
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum