 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
mordax
Expert Cheater
![]() Reputation: 1
Joined: 16 Apr 2010
Posts: 138
|
 Posted: Tue Dec 27, 2011 1:11 am Post subject: newmem allocation and jumping to newmem ? |
 |
|
i have quite simple problem. i wrote a script in auto assembler.
it allocates new memory and writes my code there, but it doesn't automatically jump there from specified address, how do i make it jump there automatically ?
i used the template "code injection" and then it asked where do you want jump to be placed and i put the address that needs to be modified, however it did not place jump there.
what should i do ?
| Code: | alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
my code is here
originalcode:
this is original code that CE automatically placed
exit:
jmp returnhere
"game.exe"+40000: //CE placed this here when i chose 40000 to be jump
jmp newmem
returnhere: |
as i understand, it allocates memory and then should jump there and place jump @ 40000, but it doesnt. whats wrong ?
|
|
| Back to top |
|
 |
mgr.inz.Player
I post too much
 Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Tue Dec 27, 2011 8:59 am Post subject: |
|
|
| Quote: | | it allocates memory and then should jump there and place jump @ 40000, but it doesnt |
SECTION1 (newmem section)
| Code: |
newmem: //this is allocated memory, you have read,write,execute access
my code is here
originalcode: //this is original code that CE automatically placed
exit:
jmp returnhere
(...)
|
You can place instructions between newmem and originalcode AND between originalcode and jmp returnhere
Of course after jmp returnhere you can place instructions too (but you must use conditional/unconditional jumps to get there AND final instruction must be "jmp returnhere") or variables.
btw. jmp returnhere is your jump to "game.exe"+40005 (not "game.exe"+40000 because it would cause infinite loop)
SECTION2
| Code: | "game.exe"+40000:
jmp newmem
returnhere: |
value of returnhere is automatically set to "game.exe"+40005
Do not touch this unless you know what you are doing.
| Quote: | | CE placed this here when i chose 40000 to be jump |
What is under "game.exe"+40000 ?
If there are:
add [eax],al
add [eax],al
add [eax],al
(...)
It is obvious it won't work.
Do this:
1) in main ce window press ctrl+m
2) then ctrl+g, give address
3) ctrl+a
4) template, cheat table framework code,
5) template, code injection, OK
_________________
|
|
| Back to top |
|
|
mordax
Expert Cheater
![]() Reputation: 1
Joined: 16 Apr 2010
Posts: 138
|
| Posted: Wed Dec 28, 2011 2:59 am Post subject: |
|
|
nice explanation, but i got it working already. problem was that CE automatically added "game.exe"+address
all i needed to do is remove that "game.exe"+ and leave just the address.
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Wed Dec 28, 2011 9:33 am Post subject: |
|
|
So, You don't want "modulename+offset". I don't know why, because it's better option.
OK. Do this:
1) in main ce window press ctrl+m
2) then ctrl+g, give address
3) ctrl+a
4) template, cheat table framework code,
5) template, code injection, paste your address, then press OK.
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
