|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
Birdi Expert Cheater Reputation: 0
Joined: 08 Jun 2020 Posts: 122 Location: Migrating
|
Posted: Fri May 14, 2021 10:45 pm Post subject: Pass Lua variable to ASM label? |
|
|
Trying to make a 'randomizer' of sorts using CE, not totally sure how to pass a value from Lua to ASM though. I know you can use AutoAssemble() within Lua but I need to just store the given value at a specific label.
Under the [ENABLE] section of the script I defined in Lua an array with all the possible values, store it in a variable:
valuesArray = {4456,4457,4458,4459,4460,4461,4462,4463,4464,4465}
var = (valuesArray[math.random(#t)])
Just need to know how I could pass var to a further label in ASM:
p_val1:
db 0
As well, is it possible to loop through and do this endlessly until the script is deactivated? Loop until DISABLE basically, so it assigns a random value every frame, or however often it can.
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Sat May 15, 2021 6:56 am Post subject: |
|
|
To use a lua variable in an ASM script just use "$" (i.e.: "$var"). But it's only used when assembled. If you want it to constantly run you'd need to create a loop like a timer, or use the ASM random function. If you use the ASM one you'd need to find out how to setup the stack/registries the way the function needs then call that in your ASM script and use it's return value.
_________________
|
|
Back to top |
|
|
Birdi Expert Cheater Reputation: 0
Joined: 08 Jun 2020 Posts: 122 Location: Migrating
|
Posted: Sat May 15, 2021 11:42 am Post subject: |
|
|
Well, here's my nonfunctional attempt:
[ENABLE]
{$lua}
function loopVar()
valuesArray = {2925, 2932, 2939, ...}
varSet = (valuesArray[math.random(#valuesArray)])
AutoAssemble("mov [forced_drop],$varSet")
end
function ActivateTimer()
timer = createTimer()
timer.Interval = 1000
timer.OnTimer = loopVar()
timer.Enabled = true
end
{$asm}
luacall(ActivateTimer())
...
registersymbol(forced_drop)
label(forced_drop)
...
forced_drop:
dd #2925
[DISABLE]
luacall(timer.destroy())
...
I'm assuming it's an issue with my use of AutoAssemble() in the Lua function, but I'm totally lost otherwise.
//
As an aside, how do you use [code] blocks on the forum here? Never seems to work for me :<
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Sat May 15, 2021 12:50 pm Post subject: |
|
|
You need to allocate the memory for "forced_drop". The lua script gets run first, so the symbol isn't registered when you run the "AutoAssemble" function. And that function doesn't run the code it only assembles it, you have to inject it some way to get the game to run it or make it code to run in a thread (so it would need a RET). You can also just build a string to assemble. Try something like this.
Code: | {$lua}
if syntaxcheck then return end
[ENABLE]
function loopVar()
valuesArray = {2925, 2932, 2939}
varSet = (valuesArray[math.random(#valuesArray)])
AutoAssemble([[
alloc(forced_drop, 4)
registerSymbol(forced_drop)
//...
forced_drop:
dd ]]..string.format('%X', varSet))
end
timer = createTimer(MainForm)
timer.Interval = 1000
timer.OnTimer = loopVar
[DISABLE]
timer.destroy() |
_________________
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4300
|
Posted: Sat May 15, 2021 1:33 pm Post subject: |
|
|
If you can guarantee the AA code won't run faster than Lua can update the random value (or you don't care), creating a timer that periodically writes a new random value to a registered symbol is a very easy solution:
Code: | [ENABLE]
{$lua}
if syntaxcheck then return end
myTimer = createTimer()
myTimer.Interval = 1000
myTimer.OnTimer = function()
writeInteger('forced_drop', getRandomValue())
end
{$asm}
...
alloc(forced_drop, 4)
registersymbol(forced_drop)
// timers don't run immediately - initialize this first
forced_drop:
dd 2426
...
[DISABLE]
{$lua}
if syntaxcheck then return end
myTimer.destroy()
myTimer = nil
{$asm}
dealloc(forced_drop)
unregistersymbol(forced_drop)
... |
Mixing AA and Lua code at runtime is difficult and potentially expensive if it's in a busy part of the code, but it is possible to call CE Lua code from the game.
https://forum.cheatengine.org/viewtopic.php?t=615359
I guess you could fill a large buffer with random values in advance. If you're fine with a repeating pattern, just loop over it again; otherwise, do something with page exception breakpoints to populate it again (similar to how linux uses page faults to grow the stack).
You could also just use a pseudorandom number generator from inside the game's memory space. There's probably some dll that has an export for random number generation. If not or you want to minimize side effects, implement one yourself. The xoshiro256++ is a good generator (see the function "next"):
https://xoshiro.di.unimi.it/xoshiro256plusplus.c
TheyCallMeTim13 - you're not deallocating the forced_drop allocation. That leaks 4kb (really 64kb due to allocation granularity) every time the function is run.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Sat May 15, 2021 4:46 pm Post subject: |
|
|
ParkourPenguin wrote: | ...
TheyCallMeTim13 - you're not deallocating the forced_drop allocation. That leaks 4kb (really 64kb due to allocation granularity) every time the function is run. |
Good catch.
_________________
|
|
Back to top |
|
|
Birdi Expert Cheater Reputation: 0
Joined: 08 Jun 2020 Posts: 122 Location: Migrating
|
Posted: Sat May 15, 2021 8:24 pm Post subject: |
|
|
[code][ENABLE]
{$lua}
if syntaxcheck then return end
valuesArray = {2925, 2932, 2939, 2946, 2953, 2960, 2967, 2974, 2981, 2988, 2995, 3002, 3009, 3016, 3023, 3030, 3037, 3044, 3051, 3058, 3065, 3072, 3079, 3086, 3093, 3100, 3107, 3114, 3121, 3128, 3135, 3142, 3149, 3156, 3163, 3170, 3177, 3184, 3191, 3198, 3205, 3212, 3219, 3226, 3233, 3240, 3247, 3254, 3261, 3268, 3275, 3282, 3296, 3303, 3310, 3317, 3324, 3331, 3338, 3345, 3352, 3359, 3366, 3373, 3380, 3387, 3394, 3401, 3408, 3415, 3422, 3429, 3436, 3443, 3450, 3457, 3464, 3471, 3478, 3485, 3492, 3499, 3506, 3513, 3520, 3527, 3534, 3541, 3548, 3555, 3562, 3569, 3576, 3583, 3590, 3597, 3604, 3611, 3618, 3632, 3639, 3646, 3653, 3660, 3667, 3674, 3681, 3688, 3695, 3702, 3709, 3716, 3723, 3730, 3737, 3744, 3751, 3758, 3765, 3772, 3779, 3786, 3793, 3800, 3807, 3814, 3828, 3835, 3842, 3849, 3856, 3863, 3870, 3877, 3884, 3891, 3898, 3905, 3912, 3919, 3926, 3933, 3940, 3947, 3954, 3961, 3968, 3975, 3982, 3989, 3996, 4003, 4010, 4017, 4024, 4031, 4038, 4045, 4052, 4059, 4066, 4073, 4080, 4087, 4094, 4101, 4108, 4115, 4122, 4136, 4143, 4150, 4157, 4164, 4171, 4178, 4185, 4192, 4199, 4248, 4255, 4269, 4276, 4283, 4290, 4297, 4304, 4311, 4318, 4325, 4332, 4339, 4346, 4353, 4360, 4367, 4374, 4381, 4388, 4395, 4402, 4423, 4430, 4437, 4444, 4451, 4458, 4465, 4472, 4479, 4486, 4493, 4507, 4514, 4521, 4528, 4549, 4556, 4563, 4570, 4577, 4584, 4591, 4598, 4605, 4612, 4619, 4626, 4682, 4689}
myTimer = createTimer()
myTimer.Interval = 1000
myTimer.OnTimer = function()
varSet = (valuesArray[math.random(#valuesArray)])
writeInteger('forced_drop', varSet)
end
{$asm}
aobscanmodule(INJECT_ForceDrops,Dungeons-Win64-Shipping.exe,48 89 01 C6 41 08 01 48 8B 42 0C 48 89 41 0C 8B 42 14 89 41 14 48 8D)
alloc(newmem,$1000,INJECT_ForceDrops)
alloc(forced_drop, 4)
registersymbol(forced_drop)
label(forced_drop)
label(code)
label(return)
newmem:
code:
mov r8,[forced_drop]
mov [rcx],r8
mov byte ptr [rcx+08],01
jmp return
forced_drop:
dd #2925
INJECT_ForceDrops:
jmp newmem
nop 2
return:
registersymbol(INJECT_ForceDrops)
[DISABLE]
{$lua}
if syntaxcheck then return end
myTimer.destroy()
myTimer = nil
{$asm}
dealloc(forced_drop)
unregistersymbol(forced_drop)
INJECT_ForceDrops:
db 48 89 01 C6 41 08 01
unregistersymbol(INJECT_ForceDrops)
dealloc(newmem)[/code]
At this point I'm just getting an "Offset too Big" error for:
mov r8,[forced_drop]
..so it won't enable at all. I thought it might be the register, but using something like eax provides me with "Not all Instructions could be injected"
My only other guess is that the array is too large without allocated space in memory?
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Sat May 15, 2021 8:37 pm Post subject: |
|
|
use the allocate near parameter.
Code: | alloc(forced_drop, 4, INJECT_ForceDrops) |
_________________
|
|
Back to top |
|
|
Birdi Expert Cheater Reputation: 0
Joined: 08 Jun 2020 Posts: 122 Location: Migrating
|
Posted: Sat May 15, 2021 8:49 pm Post subject: |
|
|
Still getting the Offset Too Big error with that..
Thanks for all the help btw. Didn't think it would be so difficult to make a loop work, much appreciated :>
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|