| View previous topic :: View next topic |
| Author |
Message |
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
 Posted: Mon May 30, 2016 6:29 am Post subject: Another Assembly Issue! |
 |
|
Alright so I have tried to set value to 999 every time I consume an item.
It works while I'm making the Script, but after re-opening the game It's not working anymore, original code:
| Code: |
[ENABLE]
aobscan(INJECT,89 48 18 48 8B 47 10 48 63) // should be unique
alloc(newmem,$100,7914A7DC)
label(code)
label(return)
newmem:
code:
mov [rax+18],ecx
mov rax,[rdi+10]
jmp return
INJECT:
jmp code
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 89 48 18 48 8B 47 10
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 7914A7DC
""+7914A7B2: 48 8B 47 10 - mov rax,[rdi+10]
""+7914A7B6: 48 63 8F 94 00 00 00 - movsxd rcx,dword ptr [rdi+00000094]
""+7914A7BD: 48 63 C9 - movsxd rcx,ecx
""+7914A7C0: 39 48 18 - cmp [rax+18],ecx
""+7914A7C3: 0F 86 14 01 00 00 - jbe 7914A8DD
""+7914A7C9: 48 8D 44 C8 20 - lea rax,[rax+rcx*8+20]
""+7914A7CE: 48 8B 00 - mov rax,[rax]
""+7914A7D1: 48 8B 40 18 - mov rax,[rax+18]
""+7914A7D5: 48 63 48 18 - movsxd rcx,dword ptr [rax+18]
""+7914A7D9: 2B 4D E0 - sub ecx,[rbp-20]
// ---------- INJECTING HERE ----------
""+7914A7DC: 89 48 18 - mov [rax+18],ecx
""+7914A7DF: 48 8B 47 10 - mov rax,[rdi+10]
// ---------- DONE INJECTING ----------
""+7914A7E3: 48 63 8F 94 00 00 00 - movsxd rcx,dword ptr [rdi+00000094]
""+7914A7EA: 48 63 C9 - movsxd rcx,ecx
""+7914A7ED: 39 48 18 - cmp [rax+18],ecx
""+7914A7F0: 0F 86 D0 00 00 00 - jbe 7914A8C6
""+7914A7F6: 48 8D 44 C8 20 - lea rax,[rax+rcx*8+20]
""+7914A7FB: 48 8B 00 - mov rax,[rax]
""+7914A7FE: 48 8B 40 18 - mov rax,[rax+18]
""+7914A802: 48 63 40 18 - movsxd rax,dword ptr [rax+18]
""+7914A806: 85 C0 - test eax,eax
""+7914A808: 40 0F 9F C0 - setg al
} |
|
|
| Back to top |
|
 |
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 30, 2016 6:37 am Post subject: |
|
|
I'm assuming you changed this code everywhere to mask the target:
| Quote: | | ""+7914A7DC: 89 48 18 - mov [rax+18],ecx |
Have you tried using cheat table framework code with a basic code injection template (i.e. module+offset in lieu of AOB)?
That, or consider expanding on your AOB signature and incorporating wildcard entries.
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 6:40 am Post subject: |
|
|
| Sorry I'm a bit new to this, Ehm this code was found for an item, for example when I consumed it, I went with F5, find what accesses it, this code showed up and I used the AOB injection, now everytime I restart my game it's just won't work, do I need to find the base address for the Item I'm using or something ?
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 30, 2016 6:43 am Post subject: |
|
|
To clarify...what won't work? Enabling the script? Something else?
If the problem lies with the script, then you can try doing as previously suggested. If the problem lies elsewhere, then you will have to be more specific.
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 6:47 am Post subject: |
|
|
| Ok the Script works when I first inject it, the first time finding the acutal value of my item, using what accesses this Address, and making the script, now when I close everything, launch my game and open Cheat engine with my script and trying to enable it, It will enable the script but the Script itself is just not working, the item is not set to 999 as I did in script the first time.
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 30, 2016 6:49 am Post subject: |
|
|
And if you consume the item again, the value does not change?
If that is the case, then find the value again and check to see what else is accessing it. I would first try to change the value of the item, in-game, to see if it changes to 999. Don't forget to change your script so that the value can change to 999.
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 6:52 am Post subject: |
|
|
Yes I always change the value first to see if it's changes in this case it did.
The second thing: The value after consuming it does change, it's sub, not setting it to 999 as I wanted by doing this : mov [rax+18],(int)999
I tried to see what else is accessing it, only this value pop up when I consume the item
|
|
| Back to top |
|
|
hhhuut
Grandmaster Cheater
 Reputation: 6
Joined: 08 Feb 2015
Posts: 607
|
| Posted: Mon May 30, 2016 6:53 am Post subject: |
|
|
This is a unity game, right?
Did you try to scan for the AOB manually so that you see if it's unique or if there's more than one match?
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 6:54 am Post subject: |
|
|
Yes It is Unity, and I did not, I will try that right now, to scan this : 89 48 18 48 8B 47 10 48 63
Am I right ?
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 30, 2016 6:57 am Post subject: |
|
|
| You're not listening or understanding...either way, good luck.
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 6:58 am Post subject: |
|
|
I am I'm just having a bit of hard time understanding what you mean, I told you what you asked tho:
The value does change, it's decreasing even with the script is on, It's like the address is changing when I Restart my game
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 30, 2016 7:02 am Post subject: |
|
|
| KalasWD wrote: | | The value does change, it's decreasing even with the script is on |
-Then, as I said, while your script is activated, right-click on the item value in your cheat table (if it's not there, find it and add it), and check to see what else is accessing it. If the only thing that is accessing it is the instruction in your script, then you need to paste your entire, finished script so that we can see it.
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 7:31 am Post subject: |
|
|
that's another address I found while the script is activated and consumed an item:
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048,69C90000)
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
originalcode:
mov [rax+18],000003E7
exit:
jmp returnhere
69C90000:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
69C90000:
mov [rax+18],000003E7
//Alt: db C7 40 18 E7 03 00 00 |
Code itself is " mov [rax+18],000003E7 "
|
|
| Back to top |
|
|
++METHOS
I post too much
![]() Reputation: 92
Joined: 29 Oct 2010
Posts: 4197
|
| Posted: Mon May 30, 2016 7:35 am Post subject: |
|
|
That's your script.
3E7 hex = 999 dec
That being the case, it seems no other instruction is actually accessing that address (for now). Therefore, as I originally suggested:
| ++METHOS wrote: | Have you tried using cheat table framework code with a basic code injection template (i.e. module+offset in lieu of AOB)?
That, or consider expanding on your AOB signature and incorporating wildcard entries. |
If you cannot use module addressing, then just expand on the AOB signature (incorporate wildcard entries, if needed).
|
|
| Back to top |
|
|
KalasDev
Master Cheater
![]() Reputation: 1
Joined: 29 May 2016
Posts: 311
|
| Posted: Mon May 30, 2016 7:37 am Post subject: |
|
|
Ehm I see thank you i'll try 
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
