| View previous topic :: View next topic |
| Author |
Message |
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
 Posted: Fri Jul 27, 2018 4:22 pm Post subject: Fast build script |
 |
|
New question, how to make fast build script?
This game is "They are billions". I was able to find the timer for the Command Center because it would go up and at max it will reset (basically I just keep search for increased and then decreased values)
Now, to build a new unit or a new building, the timer only goes up (building a new unit seem to be a different address so the timer is not reset at the same place). That make I can only look for increased values which is not effective because the lowest number of search that I found is about 400,000. Do you have any suggestion for this case? Any advance search?
============================================
============================================
So I tried to make an EXP multiplier script using Cheat Engine. I successfully made some when the EXP values are integer. Today I encountered game that the EXP value is float, what should I do (assuming I am using the code below and want to add a x2 multiplication)?
| Code: | aobscanmodule(INJECT,Ysc_dx11.exe,F3 0F 11 86 DC 0A 00 00 5E C2 10 00 66) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
movss [esi+00000ADC],xmm0
jmp return
INJECT:
jmp newmem
nop
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db F3 0F 11 86 DC 0A 00 00
unregistersymbol(INJECT)
dealloc(newmem) |
Last edited by Beginner999 on Sat Jul 28, 2018 2:33 pm; edited 3 times in total |
|
| Back to top |
|
 |
TheyCallMeTim13
Wiki Contributor
 Reputation: 50
Joined: 24 Feb 2017
Posts: 976
Location: Pluto
|
|
| Back to top |
|
|
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Fri Jul 27, 2018 5:14 pm Post subject: |
|
|
google x64/x86 float multiplication? eg http://rayseyfarth.com/asm/pdf/ch11-floating-point.pdf
"mulss"/"fmul" would be a start
but something like this may work | Code: | push (float)2
mulss xmm0, [rsp]
add rsp,8
movss [esi+00000ADC],xmm0 |
for x86 use esp and add 4 instead of 8.
_________________
|
|
| Back to top |
|
|
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
| Posted: Fri Jul 27, 2018 7:23 pm Post subject: |
|
|
Thanks @TheyCallMeTim13 and @FreeER
Everything make sense now but I still stuck with how to use the code. The Code FreeER provided above works but there is a problem. It add up everything and multiply the total EXP.
E.g: I have 20 EXP and kill a monster with 5 EXP, I got (20+5)*2 = 50 exp instead of 20+5*2=30 exp
There is a topic talking about the issue and actually gave a solution but the code part messed me up.
|
|
| Back to top |
|
|
FreeER
Grandmaster Cheater Supreme
![]() Reputation: 53
Joined: 09 Aug 2013
Posts: 1091
|
| Posted: Fri Jul 27, 2018 8:13 pm Post subject: |
|
|
Either see if the code has the 5 part somewhere or you'd have to first load the original value and subtract it from the new value
then multiply and add it back to the original value and write it.
_________________
|
|
| Back to top |
|
|
TheyCallMeTim13
Wiki Contributor
Reputation: 50
Joined: 24 Feb 2017
Posts: 976
Location: Pluto
|
| Posted: Fri Jul 27, 2018 8:34 pm Post subject: |
|
|
I would try and find where it actually adds the value to the current EXP and hook it there, so see what accesses the address and look for a read and a write close together.
But just under the "Add A Multiplier" section, there is a "Calculate a value for a Multiplier" section that goes over calculating what the added value was.
https://wiki.cheatengine.org/index.php?title=Tutorial:CodeInjection_Floats
_________________
|
|
| Back to top |
|
|
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
| Posted: Fri Jul 27, 2018 11:09 pm Post subject: |
|
|
| FreeER wrote: | Either see if the code has the 5 part somewhere or you'd have to first load the original value and subtract it from the new value
then multiply and add it back to the original value and write it. |
| TheyCallMeTim13 wrote: | I would try and find where it actually adds the value to the current EXP and hook it there, so see what accesses the address and look for a read and a write close together.
But just under the "Add A Multiplier" section, there is a "Calculate a value for a Multiplier" section that goes over calculating what the added value was.
|
Thank for your help, I made it right this time :D :D
|
|
| Back to top |
|
|
OldCheatEngineUser
Whateven rank
 Reputation: 20
Joined: 01 Feb 2016
Posts: 1587
|
| Posted: Fri Jul 27, 2018 11:22 pm Post subject: |
|
|
most likely, the value you are looking for is in xmmR.
see which xmmR holds your gained exp, and since the instruction is movss then there must be addss.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
| Posted: Sat Jul 28, 2018 10:30 am Post subject: |
|
|
| OldCheatEngineUser wrote: | most likely, the value you are looking for is in xmmR.
see which xmmR holds your gained exp, and since the instruction is movss then there must be addss. |
I could not find any addss nearby though :shock:
|
|
| Back to top |
|
|
OldCheatEngineUser
Whateven rank
Reputation: 20
Joined: 01 Feb 2016
Posts: 1587
|
| Posted: Sat Jul 28, 2018 11:58 am Post subject: |
|
|
break and trace 5 instructions above "movss [esi+00000ADC],xmm0" and include xmmR values, then post them here.
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
| Posted: Sat Jul 28, 2018 1:48 pm Post subject: |
|
|
| OldCheatEngineUser wrote: | | break and trace 5 instructions above "movss [esi+00000ADC],xmm0" and include xmmR values, then post them here. |
I already made my table working for the EXP multiplier but I will upload the instructions when it's available (for my learning purpose ) 
I don't want to post a new thread for questioning so I put it in here too. Can you help explaining how to make something like "fast build" code? Below is the instruction
| Code: |
7FF7EA57F1E4 - 8B 56 3C - mov edx,[rsi+3C]
7FF7EA57F1E7 - 83 C2 21 - add edx,21
7FF7EA57F1EA - 89 56 3C - mov [rsi+3C],edx <<
7FF7EA57F1ED - 48 8B 56 18 - mov rdx,[rsi+18]
7FF7EA57F1F1 - 48 B9 3856D7E9F77F0000 - mov rcx,00007FF7E9D75638 |
I used the auto assemble to make this script and it's work but it's not x2 the building time, it's like x10
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
aobscan(INJECT,89 56 3C 48 8B 56 18) // should be unique
alloc(newmem,$1000,7FF7EA57F1EA)
label(code)
label(return)
newmem:
imul,edx,2 //this is where I think to make the building build 2 times faster
code:
mov [rsi+3C],edx
mov rdx,[rsi+18]
jmp return
INJECT:
jmp newmem
nop
nop
return:
registersymbol(INJECT)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
INJECT:
db 89 56 3C 48 8B 56 18
unregistersymbol(INJECT)
dealloc(newmem) |
[/code]
|
|
| Back to top |
|
|
OldCheatEngineUser
Whateven rank
Reputation: 20
Joined: 01 Feb 2016
Posts: 1587
|
| Posted: Sat Jul 28, 2018 1:58 pm Post subject: |
|
|
all of these should multiply edx, but WHY it gives x10 i cant really know by just looking at the code.
its just loading current value, add 21 hex, write it back.
hmm, if edx * 2 = x10 faster .. have you tried adding 5 or 10 to edx instead of multiplying?
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
| Posted: Sat Jul 28, 2018 2:18 pm Post subject: |
|
|
| OldCheatEngineUser wrote: |
all of these should multiply edx, but WHY it gives x10 i cant really know by just looking at the code.
its just loading current value, add 21 hex, write it back.
hmm, if edx * 2 = x10 faster .. have you tried adding 5 or 10 to edx instead of multiplying? |
Thanks for your suggestion, it works fine now. I think because the game does this (200+20)*2 instead of 200+20*2 so it keep doubling the total and the timer start slowly but then speed up very quickly toward the end.
Adding a constant make it work a lot better 
The script above is for the command center ("they are billion" is the game). The timer in the command center will gradually go up until reaching the maximum value and give the player resources. THEN the timer reset so I was able to repeat search for increased and decreased value until I found the address for the timer.
Now I have a new problem, to build a new unit or a new building, the timer only goes up (building a new unit seem to be a different address so the timer is not reset at the same place). Do you have any suggestion for this case? Any advance search? 
|
|
| Back to top |
|
|
OldCheatEngineUser
Whateven rank
Reputation: 20
Joined: 01 Feb 2016
Posts: 1587
|
| Posted: Sat Jul 28, 2018 2:24 pm Post subject: |
|
|
yeah, its my bad for not thinking properly. (the solution is constant as you said, although i said read add 21 write back LOL)
no, i have no idea why would the counter go up without a reset .. i cant really help. (never seen something like this)
_________________
About Me;
I Use CE Since Version 1.X, And Still Learning How To Use It Well!
Jul 26, 2020
| STN wrote: | | i am a sweetheart. |
|
|
| Back to top |
|
|
Beginner999
Newbie cheater
![]() Reputation: 0
Joined: 27 Jul 2018
Posts: 21
|
| Posted: Sat Jul 28, 2018 2:30 pm Post subject: |
|
|
| OldCheatEngineUser wrote: | yeah, its my bad for not thinking properly. (the solution is constant as you said, although i said read add 21 write back LOL)
no, i have no idea why would the counter go up without a reset .. i cant really help. (never seen something like this) |
Thanks anyway though 
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
