Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How to assert opcode referencing .exe with bytes that change

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
ymiu
Cheater
Reputation: 0

Joined: 16 Dec 2018
Posts: 41
PostPosted: Sun Feb 10, 2019 10:26 pm    Post subject: How to assert opcode referencing .exe with bytes that change Reply with quote
In this game, opcode is written to static offsets from the process base address. So that makes injection easy, once I find the code I want to modify.

I'm trying to use assert() to ensure that updates don't cause my script to crash the game, but I've hit a snag on an opcode that references an offset from the process base address:

Code:
Heat_Signature.exe+490C4D - F2 0F58 05 E8AD2802   - addsd xmm0,qword ptr [Heat_Signature.exe+F0ADE8] { (-1.00) }


So every time I run the game, the opcode at Heat_Signature.exe+490C4D is always addsd xmm0,qword ptr [Heat_Signature.exe+F0ADE8]

However the last 4 bytes (E8AD2802 in this example) will change each time I reboot my computer.

Is there a way to evaluate Heat_Signature.exe+F0ADE8 so that I can use it in assert()?
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25856
Location: The netherlands
PostPosted: Sun Feb 10, 2019 11:56 pm    Post subject: Reply with quote
you can do an assert on the first 6 bytes. The e8 ad part will always be the same until the game gets a patch
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
ymiu
Cheater
Reputation: 0

Joined: 16 Dec 2018
Posts: 41
PostPosted: Mon Feb 11, 2019 4:00 pm    Post subject: Reply with quote
Interesting. I'm curious how you can figure that out from such a small piece of info =)

edit:

For the record, I finally figured out a workaround since I can't use:

Code:
define(by, addsd xmm0,qword ptr [Heat_Signature.exe+F0ADE8])
assert(Heat_Signature.exe+490C4D, by)


I had to make a two-part script.
Part 1:
Code:
define(by1, F2 0F 58 05)
define(by2, Heat_Signature.exe+F0ADE8) // E8 AD x x, but this doesn't actually behave as a valid AOB on its own

[ENABLE]
alloc(assertmem,$1000,Heat_Signature.exe+490C4D)

assertmem:
  //addsd xmm0,qword ptr [Heat_Signature.exe+F0ADE8]
  db by1
  dd by2 // don't use db because it doesn't treat by2 like an AOB

registersymbol(assertmem)
...


This creates a copy of the expected bytes that I can reference with the assertmem symbol within an assert().
Part 2:
Code:
[ENABLE]
assert(Heat_Signature.exe+490C4D, assertmem)
...
[DISABLE]
Heat_Signature.exe+490C4D:
  readmem(assertmem, 8)
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites