 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Magnymbus
How do I cheat?
![]() Reputation: 0
Joined: 17 Jul 2020
Posts: 2
|
 Posted: Fri Jul 17, 2020 5:38 am Post subject: AOB injection help request |
 |
|
I seem to be unable to find static pointers for player coordinates or a static pointer base from an AOB injection. Pointer scans return about four results that work for a few launches, but they always stop working eventually, and the pointer base I'm registering and allocating keeps changing. Bear in mind that I am very new, so while I understand some of the terminology, I don't yet understand the methodology. Anywho, what follows is my injection script:
| Code: |
{ Game : Dredgers.exe
Version:
Date : 2020-07-17
Author : ---
This script does blah blah blah
}
[ENABLE]
aobscanmodule(injCoordHook,Dredgers.exe,F3 0F 11 8E B4 00 00 00 F3 0F 11) // should be unique
alloc(newmem,$1000)
alloc(ptrCoordBase,0x4)
label(code)
label(return)
newmem:
mov [ptrCoordBase],ebx
code:
movss [esi+000000B4],xmm1
jmp return
injCoordHook:
jmp newmem
nop 3
return:
registersymbol(injCoordHook)
registersymbol(ptrCoordBase)
[DISABLE]
injCoordHook:
db F3 0F 11 8E B4 00 00 00
unregistersymbol(injCoordHook)
unregistersymbol(ptrCoordBase)
dealloc(newmem)
dealloc(ptrCoordBase)
{
// ORIGINAL CODE - INJECTION POINT: "Dredgers.exe"+7EBC59
"Dredgers.exe"+7EBC3B: F6 C4 44 - test ah,44
"Dredgers.exe"+7EBC3E: 7A 18 - jp Dredgers.exe+7EBC58
"Dredgers.exe"+7EBC40: F3 0F 10 96 B8 00 00 00 - movss xmm2,[esi+000000B8]
"Dredgers.exe"+7EBC48: 0F 5A D2 - cvtps2pd xmm2,xmm2
"Dredgers.exe"+7EBC4B: 0F 5A D8 - cvtps2pd xmm3,xmm0
"Dredgers.exe"+7EBC4E: 66 0F 2E D3 - ucomisd xmm2,xmm3
"Dredgers.exe"+7EBC52: 9F - lahf
"Dredgers.exe"+7EBC53: F6 C4 44 - test ah,44
"Dredgers.exe"+7EBC56: 7B 1D - jnp Dredgers.exe+7EBC75
"Dredgers.exe"+7EBC58: 56 - push esi
// ---------- INJECTING HERE ----------
"Dredgers.exe"+7EBC59: F3 0F 11 8E B4 00 00 00 - movss [esi+000000B4],xmm1
// ---------- DONE INJECTING ----------
"Dredgers.exe"+7EBC61: F3 0F 11 86 B8 00 00 00 - movss [esi+000000B8],xmm0
"Dredgers.exe"+7EBC69: C6 46 64 01 - mov byte ptr [esi+64],01
"Dredgers.exe"+7EBC6D: E8 BE 3F 0D 00 - call Dredgers.exe+8BFC30
"Dredgers.exe"+7EBC72: 83 C4 04 - add esp,04
"Dredgers.exe"+7EBC75: 5E - pop esi
"Dredgers.exe"+7EBC76: C2 08 00 - ret 0008
"Dredgers.exe"+7EBC79: CC - int 3
"Dredgers.exe"+7EBC7A: CC - int 3
"Dredgers.exe"+7EBC7B: CC - int 3
"Dredgers.exe"+7EBC7C: CC - int 3
} |
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 140
Joined: 06 Jul 2014
Posts: 4300
|
| Posted: Fri Jul 17, 2020 10:42 am Post subject: |
|
|
Everything looks mostly ok, except ebx. Is that the register you actually want to copy, or should it be esi?
Also check if that instruction access any addresses aside from the one you want (right click menu in the disassembler).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
Magnymbus
How do I cheat?
![]() Reputation: 0
Joined: 17 Jul 2020
Posts: 2
|
| Posted: Fri Jul 17, 2020 11:17 am Post subject: |
|
|
Oh, hell. I forgot about that. That fixes the unstable base. Now I just need to fix the pointers that change only occasionally
Edit: Looks like I need to find a better injection point. Pointer keeps moving every so often. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
