 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Craf
How do I cheat?
![]() Reputation: 0
Joined: 28 Aug 2015
Posts: 2
|
 Posted: Fri Aug 28, 2015 5:07 am Post subject: UDF fields value in AA |
 |
|
How I can access UDF fields values in AA script? I understand that I must use LUA script in {$lua} section, but how pass readed values to registers or memory?
And second question:
when I use next AA script in Code injection
| Code: |
[ENABLE]
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [eax+50], 40FF
originalcode:
movss xmm0,[eax+50]
exit:
jmp returnhere
"game.exe"+E19C2:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
"game.exe"+E19C2:
movss xmm0,[eax+50]
|
all working fine, cheat are enable/disable OK,
but when I try use it in LUA script in UDF
| Code: |
function chkValueChange(sender)
bValueActive = not bValueActive
value = control_getCaption(UDF1_txtValue)
if (bValueActive == true) then
script = [[alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [eax+50], ]].. string.format( '%x',value ) ..[[
originalcode:
movss xmm0,[eax+50]
exit:
jmp returnhere
"game.exe"+E19C2:
jmp newmem
returnhere:]]
autoAssemble(script);
else
script = [[
dealloc(newmem)
"game.exe"+E19C2:
movss xmm0,[eax+50] ]]
autoAssemble(script);
end
end
|
cheat dont wont DISABLE and I must do something in game that change [eax+50] value for disable cheat
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Fri Aug 28, 2015 8:34 am Post subject: |
|
|
something like this:
| Code: |
[ENABLE]
{$lua}
return string.format("define(valuex,(float)%f)", tonumber(UDF.Objectname.Text) )
{$asm}
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)
newmem:
mov [eax+50], valuex
originalcode:
movss xmm0,[eax+50]
exit:
jmp returnhere
"game.exe"+E19C2:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
"game.exe"+E19C2:
movss xmm0,[eax+50]
|
as for deactivate, your deactivate script doesn't know what newmem is, so it can't execute the rest. (So get rid of the dealloc)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Craf
How do I cheat?
![]() Reputation: 0
Joined: 28 Aug 2015
Posts: 2
|
| Posted: Fri Aug 28, 2015 12:36 pm Post subject: |
|
|
Thnx for help with {$lua}
I rewrite my trainer
| Code: |
define(address,"game.exe"+E19C2)
define(bytes,F3 0F 10 40 50)
[ENABLE]
{$lua}
return string.format("define(value, %x)", CETrainer.txtValue.Text )
{$asm}
assert(address,bytes)
alloc(newmem,$1000)
alloc(valueaddr, 4)
registersymbol(valueaddr)
label(code)
label(return)
newmem:
mov [valueaddr], eax
mov [eax+50], value
code:
movss xmm0,[eax+50]
jmp return
address:
jmp newmem
return:
[DISABLE]
push eax
mov eax, [valueaddr]
mov [eax+50], 0
pop eax
dealloc(valueaddr)
dealloc(newmem)
address:
db bytes
// movss xmm0,[eax+50]
|
but this doesn't work:( In [eax+50] I still have value from cheat after disable it. How fix this?
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25807
Location: The netherlands
|
| Posted: Fri Aug 28, 2015 1:34 pm Post subject: |
|
|
aa scripts write code, they don't execute code. Also, your disable section will write to address 00000000 as you didn't specify an address
Anyhow, store the last known address in a registered symbol as well
then
| Code: |
[addresswithlastknownaddress]:
dd [valueaddr]
|
Or use lua like:
| Code: |
writeInteger(readPointer(addresswithlastknownaddress), readInteger(valueaddr)
|
Also, why use hexadecimal for a float value ?
And make sure you only write valueaddr one time, else you will be overwriting it with a result of the subsequent executions by the game
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Craf
How do I cheat?
![]() Reputation: 0
Joined: 28 Aug 2015
Posts: 2
|
| Posted: Sat Aug 29, 2015 1:46 am Post subject: |
|
|
| Dark Byte wrote: | aa scripts write code, they don't execute code. Also, your disable section will write to address 00000000 as you didn't specify an address
Anyhow, store the last known address in a registered symbol as well
then
| Code: |
[addresswithlastknownaddress]:
dd [valueaddr]
|
Or use lua like:
| Code: |
writeInteger(readPointer(addresswithlastknownaddress), readInteger(valueaddr)
|
Also, why use hexadecimal for a float value ?
And make sure you only write valueaddr one time, else you will be overwriting it with a result of the subsequent executions by the game |
Sorry, i dont understand, what I must do:( Can U show me on my code example?
About HEX - in trainer must be entered value like 1056964608, and I just convert ir to HEX for better control in memory and code in debugger:)
EDITED (later):
Ok, nvm, I find other injection point after that I dont need reset value. And once more thnx for explain {$lua} section
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
