Cheat Engine

Xillica · Cheater Reputation: 1 Joined: 28 Jun 2015 Posts: 45

So here goes, multiple questions regarding certain topics. Thanks beforehand Smile

.
1. Is there any way to know the item_id & item_name from game without verifying it manually one-by-one? (Like Shinkansen lists, I hope Shinkansen reads this so he/she can give me of what to do or where to starts)

2. What are good AoBs (game code) that less likely to get changed with game update or different game versions? (So I can replace the bad ones with wildcards)
Note:
I tried searching about this, and found Rydian's guide about Good Signature. It tells me not to use AoBs that referencing to memory addresses that may change (such as mov edx,[0049E650]).

So if I find instructions like this mov r9d,[rax+00007714] >> 44 8B 88 14770000 what should I do? I mean the referenced memory address is defined by the rax register and it's offset, but the offset is quite big which concerns me (it doesn't change after game restarts, but is it possible if it differs for each game version or update?)

3. About alloc, is there any reason for us to input the 3rd parameter? ALLOC(allocname,sizeinbytes, preferedregion OPTIONAL)

4. What are good assembly structure for code injection (for readability, performance), or is there any scripts example that anyone recommend?
Note: I created .ct with assembly scripts for Toukiden Kiwami game, but it's my first time. It would be great if anyone can give me pointer on what to improve. The link is in my signature.

Last, Happy Birthday Dark Byte (≧∇≦)/. Thanks for creating cheat engine and this awesome forum. Very Happy

So many amazing people here xD (Dark Byte, Geri, atom0s [what's with the retired signature?],Csimbi, Recifense, ++METHOS, pox, Steve Andrew, Shinkansen, mgr.inz.Player, and the list keeps going on).

atom0s · Posted: Wed Jul 01, 2015 2:01 pm Post subject:

1. Typically you wont be able to do without comparing things unless you can either find the information online somewhere already discovered or if you read the games data files to find the information needed. One way or another you will have to figure out which location inside of the items information is specifically the id that specifies that item.

2. The referenced offset of what you showed such as 0x7714 has the potential to change, but it is less likely to depending on how the game updates. In some cases, it is best to wildcard offsets like that too in games that update frequently. At that point you would make the signature longer to ensure you got a unique AoB.

But for a rule of thumb:
- Don't use jumps or jump offsets in your signatures.
- Don't use calls in your signatures.
- Don't use raw addresses that are referenced in your signatures.
- Don't use referenced offsets in games that update often.

Once you get used to what things look like it is also best to avoid using things like:
- Stack correction / alignments since they can change in updates.
- Exception filter blocks.

3. Fairly sure that is for if you want to use an existing memory location. Using it will allow you to use an existing memory region with a name attached for CE usage.

4. Check the examples that Cheat Engine generates, they are fairly solid examples of injection for starting off.

Xillica · Cheater Reputation: 1 Joined: 28 Jun 2015 Posts: 45

Whoa, Thank you very much atom0s. Smile

I'll be sure to note what you said from now on and try to learn with that in mind.

I can understand almost all things you said, but I'm not so sure with these:

STN · Posted: Wed Jul 01, 2015 2:53 pm Post subject:

#2. Don't use jumps, conditional jumps are sometimes fine and may stick for a couple version changes but not for a lot. The code you posted is fine, it is 64 bit and everything is big due to large address spaces. Offsets don't change often, i have had some games where the offsets remained the same across 10 different versions. In areas where there is a few instructions, offsets is what make the code unique.
There are actually no rules to a good signature except no calls and address being used. It is game dependent. If the developers change the specific function then no matter how good your sig is, it will not work. For example, in a game the devs completely rewrote a function (stats) rendering my sig useless. Sometimes, they will change the offsets and everything else remains the same again making your sig useless.

Do this and you will develop an intuition on how to develop a good sig yourself instead of following others advice which is a good thing because some people advise one way and others will do differently (i always use offsets, the poster above me advises against them e.g).
1.Get 3 or 4 different versions of a game (any game, cracks or patches).
2.Make a signature for the lowest game version
3.Upgrade and notice the changes.
4.Keep upgrading and then notice the changes.
There will come a point where you realize you can't make a completely future proof signature at all, you can try and it depends on the game devs if they will fuck up which is how it really is. This should, however, make you understand what makes a good sig and how you can make your sig survive a few versions.

#3. Is used for 64 bit injection when you want to make your jumps shorter so you specify an address and allocate the cave closer (hence the jump is short). You can use it in 32 bit but there's really need as a random address is fine. See
http://www.cheatengine.org/forum/viewtopic.php?p=5523528

4. For performance ? it is just a few lines of ASM code how the heck do you optimize that lol. Readability is personal preference, just keep things tidy and it is readable. Some people like to comment out a lot, i don't, its a few lines you already know what it does. You make a cave, you jump to it, write your code and get back to game, there isn't a lot of ways you can change that. Besides, asm is the fastest it can be, my code i wrote a decade ago in masm still runs faster than my best optimized code in c++ (sigscanner), for small projects it doesn't even matter with todays processors.

Xillica · Cheater Reputation: 1 Joined: 28 Jun 2015 Posts: 45

Thank you so much STN （＾▽＾）. I will get other game versions as you said and start working to learn more from there.

Zanzer · Posted: Wed Jul 01, 2015 4:33 pm Post subject:

You butchered my name!

Here's a little trick to keep your code working even if the offset changes.

Xillica · Cheater Reputation: 1 Joined: 28 Jun 2015 Posts: 45

Why I didn't think about this before!? Wow, thank you very much Zanzer (^‿^). It seems I still have a very long way to go, if I didn't think something like this.

Zanzer · Posted: Wed Jul 01, 2015 5:11 pm Post subject:

Don't feel bad. I didn't even know you could change your name on the forums! Smile

atom0s · Posted: Wed Jul 01, 2015 6:26 pm Post subject:

Zanzer · Posted: Wed Jul 01, 2015 6:41 pm Post subject:

That's why I used wildcards for the offset value and saved it separately as a variable.
So no matter what they change it to, my code would grab that new value and add it to the base.
Making "myvar" always point to the health address directly, ignoring the offset.
Yes, in your example, the variable itself is changing from 1-byte to 4-bytes, but that's never likely to happen.

atom0s · Posted: Wed Jul 01, 2015 7:10 pm Post subject:

Xillica · Cheater Reputation: 1 Joined: 28 Jun 2015 Posts: 45

（＾ｖ＾）I can't appreciate enough atom0s, I'll be sure keep that in mind when I'm choosing signatures for singleplayer games (I can't move to multiplayer games yet, I need to improve more >_<). Note: reading your replies, always make it clearer and clearer that you are at a whole different level from me related to computers code knowledge lol (which I can never hope to reach, unless I put bloody hard work and real dedication to learn). 'The more you know, the more you know you don't know.' << me in cheatengine forum