|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
omoe Grandmaster Cheater Reputation: 8
Joined: 11 Jun 2013 Posts: 547
|
Posted: Sun Aug 25, 2013 8:57 am Post subject: Game showing error assertion fail when script is used |
|
|
So a guy asked me for a STRIKE SUIT ZERO health cheat and i did it but when i was testing it the game showed an error , ,Im not sure whats wrong , The cheat works fine tho .
Code: |
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,4096)
label(returnhere)
label(originalcode)
label(player)
registersymbol(aob1)
aobscan(aob1,D8 65 08 D9 5E 34 D9 EE)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
cmp [esi+80],1
je player
jmp originalcode
originalcode:
fsub dword ptr [ebp+08]
fstp dword ptr [esi+34]
player:
//fsub dword ptr [ebp+08]
fstp dword ptr [esi+34]
jmp returnhere
aob1:
jmp newmem
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
aob1:
db D8 65 08 D9 5E 34 D9 EE
unregistersymbol(aob8) |
Description: |
|
Filesize: |
62.53 KB |
Viewed: |
7456 Time(s) |
|
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun Aug 25, 2013 9:08 am Post subject: |
|
|
you forgot one "jmp returnhere"
And again, test your filter (cmp [esi+80],1 )
change
alloc(newmem,4096)
to
globalalloc(newmem,4096)
Inject your AA script. Press ctrl+m, ctrl+g, type newmem, then OK.
highlight second "fstp dword ptr [esi+34]", and do "find out what ...."
If more than one entry, you should add another filter.
Edit:
try this one
Code: | [ENABLE]
aobscan(aob1,D8 65 08 D9 5E 34 D9 EE)
registersymbol(aob1)
alloc(newmem,4096)
label(returnhere)
label(player)
newmem:
cmp [esi+80],1
je player // if player, skip fsub
fsub dword ptr [ebp+08]
player:
fstp dword ptr [esi+34]
jmp returnhere
aob1:
jmp newmem
nop
returnhere:
[DISABLE]
aob1:
db D8 65 08 D9 5E 34 D9 EE
unregistersymbol(aob1)
dealloc(newmem) |
PS
if you see in your AA script something like this:
Code: | jmp originalcode
originalcode:
|
you can remove "jmp originalcode" line.
_________________
|
|
Back to top |
|
|
omoe Grandmaster Cheater Reputation: 8
Joined: 11 Jun 2013 Posts: 547
|
Posted: Sun Aug 25, 2013 10:05 am Post subject: |
|
|
mgr.inz.Player wrote: | you forgot one "jmp returnhere"
And again, test your filter (cmp [esi+80],1 )
change
alloc(newmem,4096)
to
globalalloc(newmem,4096)
Inject your AA script. Press ctrl+m, ctrl+g, type newmem, then OK.
highlight second "fstp dword ptr [esi+34]", and do "find out what ...."
If more than one entry, you should add another filter.
Edit:
try this one
Code: | [ENABLE]
aobscan(aob1,D8 65 08 D9 5E 34 D9 EE)
registersymbol(aob1)
alloc(newmem,4096)
label(returnhere)
label(player)
newmem:
cmp [esi+80],1
je player // if player, skip fsub
fsub dword ptr [ebp+08]
player:
fstp dword ptr [esi+34]
jmp returnhere
aob1:
jmp newmem
nop
returnhere:
[DISABLE]
aob1:
db D8 65 08 D9 5E 34 D9 EE
unregistersymbol(aob1)
dealloc(newmem) |
PS
if you see in your AA script something like this:
Code: | jmp originalcode
originalcode:
|
you can remove "jmp originalcode" line. |
Yup thanks the error is gone now , Btw when you said to add another filter you meant something like this right ?
Code: | [ENABLE]
aobscan(aob1,D8 65 08 D9 5E 34 D9 EE)
registersymbol(aob1)
alloc(newmem,4096)
label(returnhere)
label(player)
newmem:
cmp [esi+80],1
je player
cmp [esi+01BC],1
je player
fsub dword ptr [ebp+08]
player:
fstp dword ptr [esi+34]
jmp returnhere
aob1:
jmp newmem
nop
returnhere:
[DISABLE]
aob8:
db D8 65 08 D9 5E 34 D9 EE
unregistersymbol(aob1)
dealloc(newmem) |
|
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Sun Aug 25, 2013 10:55 am Post subject: |
|
|
Example:
You found out that at offset 0x80, for player, there is always 1. Lets call it phase 1.
But, sometimes enemy structure has 1 at 0x80 too. So, you gathered already filtered (phase1) enemy structures, then you compared them with player structure. Then, you found out that at offset 0x1BC, already filtered ones, have 1 for player and other value for enemies.
So, you must do something like this (pseudocode):
Code: | if ([esi+80] == 1) and ([esi+1BC] == 1) then
// do stuff for player
else
// do stuff for non-player, just do "original" stuff
end |
You see, there is AND. But this (your code):
Code: | cmp [esi+80],1
je player
cmp [esi+01BC],1
je player |
this is OR.
Probably you know something about boolean algebra, this:
A AND B = NOT ( (NOT A) OR (NOT B) )
Another pseudocode:
Code: | if ([esi+80] != 1) or ([esi+1BC] != 1) then
// do stuff for non-player, just do "original" stuff
else
// do stuff for player
end |
So, finally, script with two filters will look like this:
Code: | [ENABLE]
aobscan(aob1,D8 65 08 D9 5E 34 D9 EE)
registersymbol(aob1)
alloc(newmem,4096)
label(returnhere)
label(originalcode)
newmem:
cmp [esi+80],1
jne originalcode
cmp [esi+01BC],1
jne originalcode
// we are here, so we found player address (structure)
fstp dword ptr [esi+34]
jmp returnhere
originalcode:
fsub dword ptr [ebp+08]
fstp dword ptr [esi+34]
jmp returnhere
aob1:
jmp newmem
nop
returnhere:
[DISABLE]
aob8:
db D8 65 08 D9 5E 34 D9 EE
unregistersymbol(aob1)
dealloc(newmem) |
_________________
|
|
Back to top |
|
|
omoe Grandmaster Cheater Reputation: 8
Joined: 11 Jun 2013 Posts: 547
|
Posted: Sun Aug 25, 2013 11:45 am Post subject: |
|
|
Thank you i get it now .
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|