Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Emulator values?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
oddgamer
Advanced Cheater
Reputation: 0

Joined: 19 Jan 2013
Posts: 58

PostPosted: Sat Jan 19, 2013 2:40 am    Post subject: Emulator values? Reply with quote

Hi. I've been staring at lua stuff for a bit and all I've got is eye strain.

I'm running some emulators and would like to use CE to search and edit the values. I've got two set-ups for that.

In one, the bytes are in reverse order. So 143963 normally shows up as 5B 32 02 in a normal app, but in the emulator the value shows up as 02 32 5B.

The other one is weird! It stores what should be consecutive bytes four bytes apart! There's nothing in between. So 143963 would show up, in hex, as 5B 00 00 00 32 00 00 00 02.

If possible I'd like to have ones for 2, 3, and 4 byte values. Probably asking too much to do floats, and they aren't common anyway (numbers usually divided by a hundred or something).

If you can help, thanks!
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sat Jan 19, 2013 4:41 am    Post subject: Reply with quote

The reverse bytes one is a big endian type, there is a custom type for those at http://forum.cheatengine.org/viewtopic.php?p=5305367#5305367

As for the other one, not sure, are you sure that in the game those values are the same one? (Perhaps it's actually 3 values of the type byte, and the emulator splits them up for you)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sat Jan 19, 2013 5:10 am    Post subject: Re: Emulator values? Reply with quote

Another AA custom type

Float Big Endian
Code:
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(UsesFloat,4)

TypeName:
db 'Float Big Endian',0
ByteSize:
dd 4
UsesFloat:
db 01

ConvertRoutine:
[32-bit]
push ebp
mov ebp,esp
mov eax,[ebp+8] //place the address that contains the bytes into eax
mov eax,[eax]   //place the bytes into eax
bswap eax
pop ebp
ret 4
[/32-bit]

[64-bit]
//rcx=address of input
mov eax,[rcx] //eax now contains the bytes 'input' pointed to
bswap eax
ret
[/64-bit]

ConvertBackRoutine:
[32-bit]
push ebp
mov ebp,esp
//[ebp+8]=input
//[ebp+c]=address of output
push eax
push ebx
mov eax,[ebp+8] //load the value into eax
mov ebx,[ebp+c] //load the address into ebx
bswap eax
mov [ebx],eax //write the value into the address
pop ebx
pop eax

pop ebp
ret 8
[/32-bit]

[64-bit]
//ecx=input
//rdx=address of output
bswap ecx
mov [rdx],ecx //place the integer the 4 bytes pointed to by rdx
ret
[/64-bit]





Some emulators convert all 1 byte values to 4 byte values. For example C64 emulator:

_________________
Back to top
View user's profile Send private message MSN Messenger
oddgamer
Advanced Cheater
Reputation: 0

Joined: 19 Jan 2013
Posts: 58

PostPosted: Sat Jan 19, 2013 5:47 am    Post subject: Re: Emulator values? Reply with quote

mgr.inz.Player wrote:
Some emulators convert all 1 byte values to 4 byte values. For example C64 emulator:


That's exactly it. In fact that's the emulator, specifically, I'm trying to work with. When you use CE to search for values, the individual bytes are separated out like that. It's annoying for finding the values in some ways, especially for large values that change but have unknown starts since whether a byte goes 'up' or 'down' depends on the values involved. 'Changed' versus 'didn't change' takes absolute /ages/ to do and isn't always really viable for things where you've got limited time to figure out what is going on before you die horribly or similar.

I suppose you /could/ do it as a AoB and convert to Hex all the time. Still obnoxious to work with, so I was hoping for something that would deal with that.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Sat Jan 19, 2013 6:21 am    Post subject: Reply with quote

Assuming that 5B 00 00 00 32 00 00 00 02 is in fact 143963 (and you didn't just write it the other way around for whatever reason)

Then this custom type will find your value:
Code:

alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(PreferedAlignment, 4)

TypeName:
db 'CCS64 3 byte',0

ByteSize:
dd #12

PreferedAlignment:
dd 1

UsesFloat:
db 0

ConvertRoutine:

[64-bit]

xor rax,rax
mov al,[rcx+8]
shl eax,#16
mov al,[rcx]
mov ah,[rcx+4]

ret
[/64-bit]

[32-bit]

push ebp
mov ebp,esp

mov eax,[ebp+8]
push ebx
xor ebx,ebx
mov bl,[eax+8]
shl ebx,#16
mov bl,[eax]
mov bh,[eax+4]

mov eax,ebx
pop ebx

pop ebp
ret 4
[/32-bit]


ConvertBackRoutine:

[64-bit]

mov [rdx],cl
mov [rdx+4],ch

shr ecx,#16
mov [rdx+8],cl

ret
[/64-bit]

[32-bit]

push ebp
mov ebp,esp

push eax
push ebx
mov eax,[ebp+8]
mov ebx,[ebp+c]
mov [ebx],al
mov [ebx+4],ah

shr eax,#16
mov [ebx+8],al
pop ebx
pop eax

pop ebp
ret 8
[/32-bit]



and a 2 byte version:
Code:

alloc(ConvertRoutine,1024)
alloc(ConvertBackRoutine,1024)
alloc(TypeName,256)
alloc(ByteSize,4)
alloc(UsesFloat,1)
alloc(PreferedAlignment, 4)

TypeName:
db 'CCS64 2 byte',0

ByteSize:
dd #8

PreferedAlignment:
dd 1

UsesFloat:
db 0

ConvertRoutine:

[64-bit]

xor rax,rax

mov al,[rcx]
mov ah,[rcx+4]

ret
[/64-bit]

[32-bit]

push ebp
mov ebp,esp

mov eax,[ebp+8]
push ebx
xor ebx,ebx

mov bl,[eax]
mov bh,[eax+4]

mov eax,ebx
pop ebx

pop ebp
ret 4
[/32-bit]


ConvertBackRoutine:

[64-bit]

mov [rdx],cl
mov [rdx+4],ch


ret
[/64-bit]

[32-bit]

push ebp
mov ebp,esp

push eax
push ebx
mov eax,[ebp+8]
mov ebx,[ebp+c]
mov [ebx],al
mov [ebx+4],ah

pop ebx
pop eax

pop ebp
ret 8
[/32-bit]

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping


Last edited by Dark Byte on Tue Jan 22, 2013 4:01 am; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
oddgamer
Advanced Cheater
Reputation: 0

Joined: 19 Jan 2013
Posts: 58

PostPosted: Mon Jan 21, 2013 11:09 pm    Post subject: Reply with quote

Dark Byte wrote:
Assuming that 5B 00 00 00 32 00 00 00 02 is in fact 143963 (and you didn't just write it the other way around for whatever reason)

Then this custom type will find your value:


Works perfectly, thank you! I can now search for the actual values! Yay!
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Tue Jan 22, 2013 10:21 am    Post subject: Reply with quote

Yes, we can implement almost all weird types. And custom type is handy for other reasons too.

For example I use custom type for searching some "normal" values; I know that "assassin's creed" keeps player coordinates inside this structure:

single placeholder1; 1.0
single placeholder2; 0.0
single coordinateX
single coordinateY
single coordinateZ
single placeholder3; 1.0 (if standing on the ground)

I use stairs, and increased decreased scans. After three scans I have only one address (structure address). X is at +8, Y at +C, Z at +10.

_________________
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites