|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
oddgamer Advanced Cheater Reputation: 0
Joined: 19 Jan 2013 Posts: 58
|
Posted: Sat Jan 19, 2013 2:40 am Post subject: Emulator values? |
|
|
Hi. I've been staring at lua stuff for a bit and all I've got is eye strain.
I'm running some emulators and would like to use CE to search and edit the values. I've got two set-ups for that.
In one, the bytes are in reverse order. So 143963 normally shows up as 5B 32 02 in a normal app, but in the emulator the value shows up as 02 32 5B.
The other one is weird! It stores what should be consecutive bytes four bytes apart! There's nothing in between. So 143963 would show up, in hex, as 5B 00 00 00 32 00 00 00 02.
If possible I'd like to have ones for 2, 3, and 4 byte values. Probably asking too much to do floats, and they aren't common anyway (numbers usually divided by a hundred or something).
If you can help, thanks! |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Sat Jan 19, 2013 4:41 am Post subject: |
|
|
The reverse bytes one is a big endian type, there is a custom type for those at http://forum.cheatengine.org/viewtopic.php?p=5305367#5305367
As for the other one, not sure, are you sure that in the game those values are the same one? (Perhaps it's actually 3 values of the type byte, and the emulator splits them up for you) _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sat Jan 19, 2013 5:10 am Post subject: Re: Emulator values? |
|
|
Another AA custom type
Float Big Endian
Code: | alloc(TypeName,256)
alloc(ByteSize,4)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(UsesFloat,4)
TypeName:
db 'Float Big Endian',0
ByteSize:
dd 4
UsesFloat:
db 01
ConvertRoutine:
[32-bit]
push ebp
mov ebp,esp
mov eax,[ebp+8] //place the address that contains the bytes into eax
mov eax,[eax] //place the bytes into eax
bswap eax
pop ebp
ret 4
[/32-bit]
[64-bit]
//rcx=address of input
mov eax,[rcx] //eax now contains the bytes 'input' pointed to
bswap eax
ret
[/64-bit]
ConvertBackRoutine:
[32-bit]
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx
bswap eax
mov [ebx],eax //write the value into the address
pop ebx
pop eax
pop ebp
ret 8
[/32-bit]
[64-bit]
//ecx=input
//rdx=address of output
bswap ecx
mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
ret
[/64-bit] |
Some emulators convert all 1 byte values to 4 byte values. For example C64 emulator:
_________________
|
|
Back to top |
|
|
oddgamer Advanced Cheater Reputation: 0
Joined: 19 Jan 2013 Posts: 58
|
Posted: Sat Jan 19, 2013 5:47 am Post subject: Re: Emulator values? |
|
|
mgr.inz.Player wrote: | Some emulators convert all 1 byte values to 4 byte values. For example C64 emulator: |
That's exactly it. In fact that's the emulator, specifically, I'm trying to work with. When you use CE to search for values, the individual bytes are separated out like that. It's annoying for finding the values in some ways, especially for large values that change but have unknown starts since whether a byte goes 'up' or 'down' depends on the values involved. 'Changed' versus 'didn't change' takes absolute /ages/ to do and isn't always really viable for things where you've got limited time to figure out what is going on before you die horribly or similar.
I suppose you /could/ do it as a AoB and convert to Hex all the time. Still obnoxious to work with, so I was hoping for something that would deal with that. |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 457
Joined: 09 May 2003 Posts: 25262 Location: The netherlands
|
Posted: Sat Jan 19, 2013 6:21 am Post subject: |
|
|
Assuming that 5B 00 00 00 32 00 00 00 02 is in fact 143963 (and you didn't just write it the other way around for whatever reason)
Then this custom type will find your value:
Code: |
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(PreferedAlignment, 4)
TypeName:
db 'CCS64 3 byte',0
ByteSize:
dd #12
PreferedAlignment:
dd 1
UsesFloat:
db 0
ConvertRoutine:
[64-bit]
xor rax,rax
mov al,[rcx+8]
shl eax,#16
mov al,[rcx]
mov ah,[rcx+4]
ret
[/64-bit]
[32-bit]
push ebp
mov ebp,esp
mov eax,[ebp+8]
push ebx
xor ebx,ebx
mov bl,[eax+8]
shl ebx,#16
mov bl,[eax]
mov bh,[eax+4]
mov eax,ebx
pop ebx
pop ebp
ret 4
[/32-bit]
ConvertBackRoutine:
[64-bit]
mov [rdx],cl
mov [rdx+4],ch
shr ecx,#16
mov [rdx+8],cl
ret
[/64-bit]
[32-bit]
push ebp
mov ebp,esp
push eax
push ebx
mov eax,[ebp+8]
mov ebx,[ebp+c]
mov [ebx],al
mov [ebx+4],ah
shr eax,#16
mov [ebx+8],al
pop ebx
pop eax
pop ebp
ret 8
[/32-bit]
|
and a 2 byte version:
Code: |
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(PreferedAlignment, 4)
TypeName:
db 'CCS64 2 byte',0
ByteSize:
dd #8
PreferedAlignment:
dd 1
UsesFloat:
db 0
ConvertRoutine:
[64-bit]
xor rax,rax
mov al,[rcx]
mov ah,[rcx+4]
ret
[/64-bit]
[32-bit]
push ebp
mov ebp,esp
mov eax,[ebp+8]
push ebx
xor ebx,ebx
mov bl,[eax]
mov bh,[eax+4]
mov eax,ebx
pop ebx
pop ebp
ret 4
[/32-bit]
ConvertBackRoutine:
[64-bit]
mov [rdx],cl
mov [rdx+4],ch
ret
[/64-bit]
[32-bit]
push ebp
mov ebp,esp
push eax
push ebx
mov eax,[ebp+8]
mov ebx,[ebp+c]
mov [ebx],al
mov [ebx+4],ah
pop ebx
pop eax
pop ebp
ret 8
[/32-bit]
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Last edited by Dark Byte on Tue Jan 22, 2013 4:01 am; edited 1 time in total |
|
Back to top |
|
|
oddgamer Advanced Cheater Reputation: 0
Joined: 19 Jan 2013 Posts: 58
|
Posted: Mon Jan 21, 2013 11:09 pm Post subject: |
|
|
Dark Byte wrote: | Assuming that 5B 00 00 00 32 00 00 00 02 is in fact 143963 (and you didn't just write it the other way around for whatever reason)
Then this custom type will find your value:
|
Works perfectly, thank you! I can now search for the actual values! Yay! |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Tue Jan 22, 2013 10:21 am Post subject: |
|
|
Yes, we can implement almost all weird types. And custom type is handy for other reasons too.
For example I use custom type for searching some "normal" values; I know that "assassin's creed" keeps player coordinates inside this structure:
single placeholder1; 1.0
single placeholder2; 0.0
single coordinateX
single coordinateY
single coordinateZ
single placeholder3; 1.0 (if standing on the ground)
I use stairs, and increased decreased scans. After three scans I have only one address (structure address). X is at +8, Y at +C, Z at +10. _________________
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|