| View previous topic :: View next topic |
| Author |
Message |
XaneXXXX
Expert Cheater
 Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
 Posted: Mon Nov 30, 2015 6:24 pm Post subject: Stealthedit script question. |
 |
|
Darkbyte i love the stealthedit plugin! But i was wondering if you or anyone else could explain how to use a script with it?
it does say "-Auto assembler-
The stealthedit plugin adds a new auto assembler command.
stealthedit(name, address, size)"
But how do i use this with AoB? a small "step by step" tutorial would be really helpful.
Also if it is only possible to do this using code injection please tell me how 
If you don't have time with a step by step, a simple example would also work i guess hehe
Thank you!
|
|
| Back to top |
|
 |
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon Nov 30, 2015 11:55 pm Post subject: |
|
|
You may be able to omit XXXX in the newer versions...it's been a while.
| Code: | [ENABLE]
aobscan(AOB1,00 00 00 00 00 00 00)
stealthedit(YYYY,AOB1,248)
alloc(newmem,248)
label(returnhere)
label(originalcode)
label(XXXX)
registersymbol(XXXX)
newmem:
//
jmp returnhere
originalcode:
//
jmp returnhere
YYYY:
XXXX:
//
returnhere:
[DISABLE]
dealloc(newmem)
XXXX:
db 00 00 00 00 00 00 00
unregistersymbol(XXXX) |
|
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 11:43 am Post subject: |
|
|
Thanks for your answer! Gonna try this now. How aout using the Aobscanmodule. Will that also work or does it only work with aobscan?
Also could you make another example based on this:
| Code: | [ENABLE]
aobscanmodule(AOB1,RainbowSix.exe,89 91 F8 01 00 00 8B)
alloc(newmem,$1000,"RainbowSix.exe"+DAF421)
label(code)
label(return)
newmem:
code:
mov [rcx+000001F8],edx
jmp return
AOB1:
jmp code
nop
return:
registersymbol(AOB1)
[DISABLE]
AOB1:
db 89 91 F8 01 00 00
unregistersymbol(AOB1)
dealloc(newmem) |
I tried myself but i get "module not found" when activating the script.
Thanks again
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 01, 2015 1:21 pm Post subject: |
|
|
| Code: | [ENABLE]
aobscanmodule(AOB1,RainbowSix.exe,8991F80100008B)
stealthedit(YYYY,AOB1,248)
alloc(newmem,248,"RainbowSix.exe")
label(returnhere)
label(XXXX)
registersymbol(XXXX)
newmem:
mov [rcx+000001F8],edx
jmp returnhere
YYYY:
XXXX:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
XXXX:
db 89 91 F8 01 00 00
unregistersymbol(XXXX) |
|
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 1:35 pm Post subject: |
|
|
I tried and just copy and paste your script. i still get "module not found" followed by a "Init failure"
The game is 64 bit. and yes my CPU is hardware-based DEP.
Any tips? I tried it with a 32 bit game and it worked. But i get module not found with 64 bit..
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 01, 2015 1:41 pm Post subject: |
|
|
| Are you running CE 6.4 with Stealthedit 2.3, and is the plugin enabled?
|
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 1:46 pm Post subject: |
|
|
| ++METHOS wrote: | | Are you running CE 6.4 with Stealthedit 2.3, and is the plugin enabled? |
Yes.
This is the address of the game:
First error when injecting: module not found
Followed by: stealthedit init failure
Followed by: the address specifier is not valid.
I have a modified version of cheat engine 6.4, but i have also tried with the original cheat engine 6.4 and i get the exact same problem.
Last edited by XaneXXXX on Tue Dec 01, 2015 1:56 pm; edited 1 time in total |
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 01, 2015 1:55 pm Post subject: |
|
|
I'm sleep deprived, so the script may have errors. Try this:
| Code: | [ENABLE]
aobscanmodule(AOB1,RainbowSix.exe,8991F80100008B)
stealthedit(YYYY,AOB1,248)
alloc(newmem,248,"RainbowSix.exe")
label(returnhere)
label(AOB1)
registersymbol(AOB1)
newmem:
mov [rcx+000001F8],edx
jmp returnhere
YYYY:
AOB1:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
AOB1:
db 89 91 F8 01 00 00
unregistersymbol(AOB1) |
|
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 1:56 pm Post subject: |
|
|
| ++METHOS wrote: | I'm sleep deprived, so the script may have errors. Try this:
| Code: | [ENABLE]
aobscanmodule(AOB1,RainbowSix.exe,8991F80100008B)
stealthedit(YYYY,AOB1,248)
alloc(newmem,248,"RainbowSix.exe")
label(returnhere)
label(AOB1)
registersymbol(AOB1)
newmem:
mov [rcx+000001F8],edx
jmp returnhere
YYYY:
AOB1:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
AOB1:
db 89 91 F8 01 00 00
unregistersymbol(AOB1) |
|
|
|
| Back to top |
|
|
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4719
|
| Posted: Tue Dec 01, 2015 1:59 pm Post subject: |
|
|
I'm pretty sure a "module not found" error happens when CE can't find whatever module you're providing. Usually this happens because either you're not attached to the right process or you misspelled the module name (in this case "RainbowSix.exe").
To find out if that module exists, right click in the memory viewer, select "Goto address", type in RainbowSix.exe exactly, and if you get an error message saying "This is not a valid address", then that module doesn't exist.
If this isn't the problem, then I've got no idea.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 2:00 pm Post subject: |
|
|
| ParkourPenguin wrote: | I'm pretty sure a "module not found" error happens when CE can't find whatever module you're providing. Usually this happens because either you're not attached to the right process or you misspelled the module name (in this case "RainbowSix.exe").
To find out if that module exists, right click in the memory viewer, select "Goto address", type in RainbowSix.exe exactly, and if you get an error message saying "This is not a valid address", then that module doesn't exist.
If this isn't the problem, then I've got no idea. |
Thanks for your answer. i just tried:
And the game only shows one process which is RainbowSix.exe
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 01, 2015 2:02 pm Post subject: |
|
|
Did you try running the script using aobscan?
| Code: | [ENABLE]
aobscan(AOB1,8991F80100008B)
stealthedit(YYYY,AOB1,248)
alloc(newmem,248)
label(returnhere)
label(XXXX)
registersymbol(XXXX)
newmem:
mov [rcx+000001F8],edx
jmp returnhere
YYYY:
XXXX:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
XXXX:
db 89 91 F8 01 00 00
unregistersymbol(XXXX) |
I haven't tested, but perhaps the stealthedit does not work with aobscanmodule.
|
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 2:03 pm Post subject: |
|
|
| ++METHOS wrote: | Did you try running the script using aobscan?
| Code: | [ENABLE]
aobscan(AOB1,8991F80100008B)
stealthedit(YYYY,AOB1,248)
alloc(newmem,248)
label(returnhere)
label(XXXX)
registersymbol(XXXX)
newmem:
mov [rcx+000001F8],edx
jmp returnhere
YYYY:
XXXX:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
XXXX:
db 89 91 F8 01 00 00
unregistersymbol(XXXX) |
|
I did when i execute it it's loading for a few seconds (searching for the AoB), then same problem occur (module not found).. so weird.
I also might add that it works if i do it manually. (Right click in memory viewer and choose stealthedit this page). But with script i get the module not found.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Tue Dec 01, 2015 2:06 pm Post subject: |
|
|
| Close the game and CE and try again. Other than that, I'd have to look myself.
|
|
| Back to top |
|
|
XaneXXXX
Expert Cheater
Reputation: 0
Joined: 29 Nov 2012
Posts: 212
|
| Posted: Tue Dec 01, 2015 2:07 pm Post subject: |
|
|
| ++METHOS wrote: | | Close the game and CE and try again. Other than that, I'd have to look myself. |
Just did, even restarted my pc to be sure. same problem.. damn it.
I also tried with another 64 bit game. Same problem (works fine with 32 bit games).
I also tried running CE 32 bit and 64 bit version. still no success.
If you could try this any 64 bit game/program i would really appreciate it!
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
