Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Crashing games using CE help
Goto page Previous  1, 2
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
ulysse31
Master Cheater
Reputation: 2

Joined: 19 Mar 2015
Posts: 324
Location: Paris
PostPosted: Sat Feb 11, 2017 10:39 am    Post subject: Reply with quote
akimikage wrote:
What's software BP?

A software BP is a bp that doesn't use any of your CPU debug register, it insteads overwrite 1 memory byte by "CC" (the debugger does it under the hood and hides it from you so that you still see the original byte). When the CC byte is executed or read/written from/to, it raises an exception which the debugger handles.
Back to top
View user's profile Send private message
ulysse31
Master Cheater
Reputation: 2

Joined: 19 Mar 2015
Posts: 324
Location: Paris
PostPosted: Sun Feb 12, 2017 9:26 am    Post subject: This post has 1 review(s) Reply with quote
At PM request I dl'd game and took a look.

1)First thing I did is look for memory integrity checks (guess i work too much on themida targets), there is none.

2)My settings are standard VEH debug : hardware breakpoints and veh with getset context thread on default values.

3)one odd thing with this game is that it never loads at the same Virtual Address.

4)Indeed there are strange things happening when debugging with occasional crashs. In particular sometimes instead of breaking on breakpoint (as the program flow 100% goes there), game just stops responding.
An odd thing is that around these EXP opcodes breakpoint, when killing a mob, using F7 (thus going one opcode further) would make the game pop the hitting mob sound action, which i find very odd, maybe the crashs are due to thread sync?

5)Eventually I made this code injection and got no problem after 16 battles (while I guess you couldn't do more than 3), It's far from being a resolved matter however it already took me 2 h so I'll leave it at that. (By the way, Disgaea series is my favorite series of all times in video games, closely followed by Fire Emblem)
Afaik the instruction doesn't access anything else than exp.
If you want to select the characters affected by the injection, you simply need to compare to eax's value at the begining of the script.

Code:
AOBSCAN(found, c70000000000c7400400000001e9)
alloc(newmem,2048)
label(returnhere)
label(originalcode)
label(exit)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here

push ebx
push esi
push edi// ecx has game's new exp value
mov ebx,[eax] //ebx has former exp value
sub ecx,ebx //ecx has the legit gained exp
imul ecx, ecx,100//there is our multiplier coef
//ecx now holds multiplied EXP GAIN, ebx still holds OLD EXP
add ecx,ebx //ecx now holds new exp
originalcode:
mov [eax],ecx//game writes new exp to variable
mov [eax+04],edx
pop edi
pop esi
pop ebx
exit:
jmp returnhere

found+12:
jmp newmem
returnhere:
Back to top
View user's profile Send private message
akimikage
Cheater
Reputation: 0

Joined: 04 Nov 2009
Posts: 38
PostPosted: Mon Feb 13, 2017 7:55 am    Post subject: Reply with quote
It worked! thank you very much for going the extra mile to help me. I'm just an amateur cheat maker so I don't know what principle you used to make it work though Shocked . You're pushing values that I have no idea what the functions are.

I also got my code to work without crashing by putting my code on the originalcode section and not on the newmem section. Anyways, a rep for you my friend Very Happy
Back to top
View user's profile Send private message
ulysse31
Master Cheater
Reputation: 2

Joined: 19 Mar 2015
Posts: 324
Location: Paris
PostPosted: Mon Feb 13, 2017 5:52 pm    Post subject: Reply with quote
akimikage wrote:
It worked! thank you very much for going the extra mile to help me. I'm just an amateur cheat maker so I don't know what principle you used to make it work though Shocked . You're pushing values that I have no idea what the functions are.

I also got my code to work without crashing by putting my code on the originalcode section and not on the newmem section. Anyways, a rep for you my friend Very Happy

Great
I am just pushing register that I want to use in calculating the new exp gain with injected multiplier.
Then They get popped from the stack in reverse order to make sure the original function doesn't get affected by code injection.
If you inject code inside an existing function and if you use a register, you need to first save it, then inject your code, then restore the regist (pop).
If you want to change the amount of EXP you gain with my script, you only need to change "100" to whatever other coef multiplier you like in this line :
imul ecx, ecx,100//there is our multiplier coef
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites