Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Rydian's Guide To Basic AOBs And Scripts
Goto page Previous  1, 2, 3, 4, 5, 6  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials
View previous topic :: View next topic  
Author Message
DemoKing700
Cheater
Reputation: 0

Joined: 17 Dec 2014
Posts: 33
Location: 127.0.0.1

PostPosted: Tue Sep 08, 2015 6:33 am    Post subject: Reply with quote

Zanzer wrote:
When you define a
label(_ammo)
you need to have the corresponding
_ammo:
in your code.

In memory viewer, to the left of the instruction are the number of bytes the instruction takes up.
To remove (NOP) the instruction, you need to replace each of those bytes with a hex 90.
That instruction uses 7 bytes, so the simplest code to remove it is:
Code:
aobscan(ammo,XX XX XX)
ammo:
db 90 90 90 90 90 90 90

AOBSCAN creates and positions the label 'ammo' at your byte pattern.
You then use that label to position your injection at 'ammo'.
Finally, you tell CE to write the 7 hex 90 (NOP) bytes to that location.

By the way, I noticed your script used the Code Injection template instead of the AOB Injection template.


@Zanzer u mean i dont need to put the label(_ammo) and registersymbol(_ammo)???????
and is there a simpler way u can explain when to use the label and register symbol and when not??? Smile thanks a ton

_________________
AƖωαуѕ Ƈυяισυѕ Smile
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Tue Sep 08, 2015 10:46 am    Post subject: Reply with quote

In your original code, you should have replaced
"iw3sp.exe"+1BF454:
with the AOB scan label you created
ammo:

Now a lot of people seem to also create a new label, like _ammo, and place it directly under "ammo:"
I don't see the purpose of this. So no, you did not need _ammo at all.
You would, however, have needed
registersymbol(ammo)
in order to save your AOB scan label for the DISABLE section.

So the only time you need to create a new label is when you are going to reference it for something in the script.
Such as the starting injection location of your custom code (ammo).

The only time you need to register a symbol is when you want to reference it outside of the current section.
Such as when you want to undo the injection inside your DISABLE.

But this is the beauty of programming.
There are many ways to achieve the same result.
As long as it gets the job done, there are no wrong ways.
Back to top
View user's profile Send private message
DemoKing700
Cheater
Reputation: 0

Joined: 17 Dec 2014
Posts: 33
Location: 127.0.0.1

PostPosted: Tue Sep 08, 2015 11:52 am    Post subject: Reply with quote

Zanzer wrote:
In your original code, you should have replaced
"iw3sp.exe"+1BF454:
with the AOB scan label you created
ammo:

Now a lot of people seem to also create a new label, like _ammo, and place it directly under "ammo:"
I don't see the purpose of this. So no, you did not need _ammo at all.
You would, however, have needed
registersymbol(ammo)
in order to save your AOB scan label for the DISABLE section.

So the only time you need to create a new label is when you are going to reference it for something in the script.
Such as the starting injection location of your custom code (ammo).

The only time you need to register a symbol is when you want to reference it outside of the current section.
Such as when you want to undo the injection inside your DISABLE.

But this is the beauty of programming.
There are many ways to achieve the same result.
As long as it gets the job done, there are no wrong ways.


omg man i love you!!thanks
atlast did it succesfully!!! you da man!!!

_________________
AƖωαуѕ Ƈυяισυѕ Smile
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Wed Sep 16, 2015 12:26 am    Post subject: Reply with quote

Added a note that if you're manually overwriting bytes with the db stuff and junk that you need to make sure you're taking care of the same number of bytes.
_________________
Back to top
View user's profile Send private message
darkcheater93
How do I cheat?
Reputation: 0

Joined: 07 Sep 2015
Posts: 2
Location: indonesia

PostPosted: Fri Sep 25, 2015 7:40 pm    Post subject: good Reply with quote

Thanks man! Very Happy
Back to top
View user's profile Send private message
Stacktrace
Expert Cheater
Reputation: 1

Joined: 04 Jul 2015
Posts: 105

PostPosted: Tue Sep 29, 2015 3:15 pm    Post subject: Reply with quote

You can also use this rather easy way to edit memory:

[ENABLE]
Process.exe+123:
db 90 90 90 90 90 90
[DISABLE]
Process.exe+123:
db 14 12 11 11 49 00
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Sun Oct 04, 2015 11:10 pm    Post subject: Reply with quote

Yeah but you lose the ability to have it last past updates, that doesn't work after restarts for most game code on newer games or anything in .NET or things like Unity, you can't reference the address in the table, and so on and so forth.
_________________
Back to top
View user's profile Send private message
lampuiho
Expert Cheater
Reputation: 6

Joined: 16 Jan 2010
Posts: 122

PostPosted: Sun Oct 11, 2015 12:31 pm    Post subject: Reply with quote

can the disable script be not static? I mean can cheatengine read a number of bytes from a certain address and save it somewhere in cheatengine's own memory then when the disable script is run, it writes those saved bytes back to the address registered?

I need to do this because I am overwriting an instruction that reads a static address but it changes when the game updates. I need the aob script to work after updates. Now it only finds the address correctly but not the static addresses.

For the enable part to work, it's the same except that I need to be able to calculate the address from the result of an aob scan and write the offset to the original instruction.
Back to top
View user's profile Send private message
Zanzer
I post too much
Reputation: 126

Joined: 09 Jun 2013
Posts: 3278

PostPosted: Sun Oct 11, 2015 12:58 pm    Post subject: Reply with quote

Code:
{ ORIGINAL CODE:
"Calculator.exe"+199BA4: 48 83 EC 28           -  sub rsp,28
"Calculator.exe"+199BA8: E8 9B 03 00 00        -  call Calculator.exe+199F48
"Calculator.exe"+199BAD: 48 83 C4 28           -  add rsp,28
}

[ENABLE]
aobscan(myaob,48 83 EC 28 E8 * * * * 48 83 C4 28)

// save the 5 bytes appearing at myaob+4
// myaob+4 takes us to the CALL instruction
// READMEM copies the specified number of bytes, whatever they are
alloc(myaob_backup,5)
myaob_backup:
  readmem(myaob+4,5)
registersymbol(myaob_backup)

// NOP the CALL instruction
myaob+4:
  db 90 90 90 90 90
registersymbol(myaob)

[DISABLE]
// rewrite the CALL instruction with whatever bytes we backed up
myaob+4:
  readmem(myaob_backup,5)
unregistersymbol(myaob)
unregistersymbol(myaob_backup)
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Thu Oct 29, 2015 7:31 am    Post subject: Reply with quote

Updated the first post with some quick info on dealing with FSTP and such, since I apparently forgot to put that anywhere.
_________________
Back to top
View user's profile Send private message
IceDragon87
How do I cheat?
Reputation: 0

Joined: 11 Dec 2015
Posts: 3

PostPosted: Fri Dec 11, 2015 1:57 am    Post subject: Reply with quote

Hello

This is to Rydian

Im just going to put this out here i need help with this AOB Script from the thread: "Fable Anniversary [updated for build 832816]" (i can't post urls yet).

Im am absolutely no programmer, script writer or such. I am just curious if i need to edit anything to enable the cheats to work in game.

I tried to read through your tutorials but it really is confusing to me.

Would it be too much to ask for assistance?
Back to top
View user's profile Send private message
wlix32
Newbie cheater
Reputation: 0

Joined: 01 Jan 2016
Posts: 12

PostPosted: Sat Jan 02, 2016 12:57 pm    Post subject: Reply with quote

Thanks a lot, all this values on cave story have base address, but when the value is on a floating point, firstly need I find the base address using the point scan or AOB have something to works with it?
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Sat Jan 02, 2016 8:12 pm    Post subject: Reply with quote

I can't really do anything for games I don't have.

Whether the value is floating-point or not has no bearing on whether it's static or not.

_________________
Back to top
View user's profile Send private message
JohannesJoestar
Advanced Cheater
Reputation: 0

Joined: 01 Nov 2015
Posts: 79

PostPosted: Wed Feb 03, 2016 8:21 am    Post subject: Reply with quote

Hey!

I'm Brimsy Vincent from youtube who recently commented on one of your videos.

In Rouge Legacy I tried to make one hit kill with code injection. Although my attempt succeeded the script didn't work when I restarted the game. My next attempt succeeded however again , It didn't work when restarted. Looking at the codes I saw that each time the value I was manipulating via code injecting was being stored in a different register. One time its EAX and other time its EDI and so on.

Since you worked on that game before I thought it would be best to ask you.

Did you make one hit kill cheat yourself ? If so can you tell me how you did it ? Or maybe some kind of tutorial you can send me ?

Thanks in advance !
Back to top
View user's profile Send private message
Rydian
Grandmaster Cheater Supreme
Reputation: 31

Joined: 17 Sep 2012
Posts: 1358

PostPosted: Wed Feb 03, 2016 3:12 pm    Post subject: Reply with quote

I had an infinite HP script that worked with...
mov [esi+00000118],edx
But I haven't played Rogue Legacy in a while (I don't even have it installed here) so that may have been constantly-run code or something.

So you attached to an enemy's HP and found what wrote it when it got damaged and it's just one main opcode but it's different each game run?

_________________
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials All times are GMT - 6 Hours
Goto page Previous  1, 2, 3, 4, 5, 6  Next
Page 4 of 6

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites