 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
daxxtrias
How do I cheat?
![]() Reputation: 0
Joined: 11 Jun 2012
Posts: 7
Location: United States
|
 Posted: Mon Jun 11, 2012 11:14 am Post subject: [ASM] Code causing crash when injected, no debugger. |
 |
|
I'm trying to skip pointer tracking by using a registered symbol. However before that can be done I need to be able to inject my code, seamlessly without crashes, and thats where this post comes in.
Original codeblock from the unmodified game
| Code: |
Sins of a Solar Empire Rebellion.exe+193FCF - D9 59 08 - fstp dword ptr [ecx+08]
Sins of a Solar Empire Rebellion.exe+193FD2 - 8B 49 04 - mov ecx,[ecx+04]
Sins of a Solar Empire Rebellion.exe+193FD5 - 8B 01 - mov eax,[ecx]
Sins of a Solar Empire Rebellion.exe+193FD7 - 8B 90 04020000 - mov edx,[eax+00000204]
Sins of a Solar Empire Rebellion.exe+193FDD - 51 - push ecx
Sins of a Solar Empire Rebellion.exe+193FDE - D9 1C 24 - fstp dword ptr [esp]
|
My Auto-Assembler script:
| Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
registersymbol(ptr_creds) //add "ptr_creds" to the userdefined symbollist
alloc(newmem,2048) //2kb should be enough
alloc(ptr_creds,4)
label(returnhere)
label(originalcode)
label(exit)
Sins of a Solar Empire Rebellion.exe+193FCF:
jmp newmem
nop
returnhere:
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
/*
push eax
push ecx
lea eax,[ecx+8] //this instruction places the result of ecx+8 into eax
mov [ptr_creds],eax //store the base address to ptr_creds
pop ecx
pop eax
*/
originalcode:
fstp dword ptr [ecx+08]
mov ecx,[ecx+04]
exit:
jmp returnhere
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
unregistersymbol(ptr_creds)
dealloc(newmem)
dealloc(ptr_creds)
Sins of a Solar Empire Rebellion.exe+193FCF:
fstp dword ptr [ecx+08]
mov ecx,[ecx+04]
|
Synopsis:
Unless I'm missing something, my current "placebo" script shouldnt affect the game in any way that would cause it to crash. As soon as its enabled, the game crashes. I don't even get to toggle it off.
Can someone please enlighten me if I'm doing something wrong?
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 472
Joined: 09 May 2003
Posts: 25891
Location: The netherlands
|
| Posted: Mon Jun 11, 2012 11:48 am Post subject: |
|
|
Make sure this is ce 6.2
Anyhow, move
| Code: |
Sins of a Solar Empire Rebellion.exe+193FCF:
jmp newmem
nop
returnhere:
|
under the jmp returnhere line
This is in case this code gets executed too often. When that happens it will jump to a non assembled piece of code.
This way the target is assembled before the original code is overwritten
Also check the instructions above and after and make sure there is no jump into Sins of a Solar Empire Rebellion.exe+193FD2
Could also be an integrity check, but as you said, it crashes instantly and those checks only trigger once every few seconds (if it is an integrity check, read geri's tutorial on how to deal with that with stealthedit)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
daxxtrias
How do I cheat?
![]() Reputation: 0
Joined: 11 Jun 2012
Posts: 7
Location: United States
|
| Posted: Mon Jun 11, 2012 1:00 pm Post subject: |
|
|
Solved the problem, The code cave initialization priority contributed I'm sure, but i did not need to StealthEdit it.
Thanks
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
