 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
ZoomGC
How do I cheat?
![]() Reputation: 0
Joined: 06 Dec 2021
Posts: 6
|
 Posted: Mon Dec 06, 2021 1:52 pm Post subject: Cheat Engine Script Crashes Game [Dishonoured 2] |
 |
|
I am making a script in assembly and would like the change the blink distance for the power "Blink" in Dishonoured 2, but the issue is that when it is chnaged in the script it didn't change back, and I want to use this script to auto switch it bacl. I tried to rectify this by writing the script below but it just crashes my game after activation, I'm really not 100% sure why and would love and answer
Code:
| Code: | [ENABLE]
aobscanmodule(BlinkDist2,Dishonored2.exe,F3 44 0F 10 44 D1 24 F3 0F 10 A6) // should be unique
alloc(newmem,$1000,BlinkDist2)
alloc(StoreValue,256)
label(code)
label(BlinkDistance)
label(StoreBlink)
label(OldBlink)
label(return)
registersymbol(BlinkDistance)
registersymbol(StoreBlink)
registersymbol(OldBlink)
StoreBlink:
dd #1
BlinkDistance:
dd (float)15
StoreValue:
OldBlink:
dd (float)0
push rbx
mov rbx,[OldBlink]
newmem:
cmp [StoreBlink],#1
jne code
mov [StoreBlink],#0
push rax
mov rax,[rcx+rdx*8+24]
mov [OldBlink],rax
pop rax
jmp code
code:
push rax
mov rax,[BlinkDistance]
mov [rcx+rdx*8+24],rax
pop rax
movss xmm8,[rcx+rdx*8+24]
jmp return
BlinkDist2:
jmp newmem
nop 2
return:
registersymbol(BlinkDist2)
[DISABLE]
mov [rcx+rdx*8+24],rbx
pop rbx
BlinkDist2:
db F3 44 0F 10 44 D1 24
unregistersymbol(StoreBlink)
unregistersymbol(BlinkDist2)
unregistersymbol(OldBlink)
unregistersymbol(BlinkDistance)
dealloc(newmem)
dealloc(StoreValue)
{
// ORIGINAL CODE - INJECTION POINT: Dishonored2.exe+42886E9
Dishonored2.exe+42886C7: 77 7B - ja Dishonored2.exe+4288744
Dishonored2.exe+42886C9: 0F 28 C6 - movaps xmm0,xmm6
Dishonored2.exe+42886CC: E8 4F 3B 05 01 - call Dishonored2.exe+52DC220
Dishonored2.exe+42886D1: 48 63 47 50 - movsxd rax,dword ptr [rdi+50]
Dishonored2.exe+42886D5: 0F 28 E8 - movaps xmm5,xmm0
Dishonored2.exe+42886D8: 83 F8 FF - cmp eax,-01
Dishonored2.exe+42886DB: 7E 13 - jle Dishonored2.exe+42886F0
Dishonored2.exe+42886DD: 48 8D 14 80 - lea rdx,[rax+rax*4]
Dishonored2.exe+42886E1: 48 8B 47 40 - mov rax,[rdi+40]
Dishonored2.exe+42886E5: 48 8B 48 48 - mov rcx,[rax+48]
// ---------- INJECTING HERE ----------
Dishonored2.exe+42886E9: F3 44 0F 10 44 D1 24 - movss xmm8,[rcx+rdx*8+24]
// ---------- DONE INJECTING ----------
Dishonored2.exe+42886F0: F3 0F 10 A6 98 01 00 00 - movss xmm4,[rsi+00000198]
Dishonored2.exe+42886F8: 41 0F 28 D0 - movaps xmm2,xmm8
Dishonored2.exe+42886FC: F3 41 0F 59 D0 - mulss xmm2,xmm8
Dishonored2.exe+4288701: 0F 28 C4 - movaps xmm0,xmm4
Dishonored2.exe+4288704: F3 0F 59 C4 - mulss xmm0,xmm4
Dishonored2.exe+4288708: F3 41 0F 59 E0 - mulss xmm4,xmm8
Dishonored2.exe+428870D: F3 0F 59 D5 - mulss xmm2,xmm5
Dishonored2.exe+4288711: F3 0F 59 D5 - mulss xmm2,xmm5
Dishonored2.exe+4288715: F3 0F 58 D0 - addss xmm2,xmm0
Dishonored2.exe+4288719: 0F 28 C4 - movaps xmm0,xmm4
} |
_________________
Gotten much better at CE, still learning and loving it though, also started using IDA :) |
|
| Back to top |
|
 |
Csimbi
I post too much
 Reputation: 94
Joined: 14 Jul 2007
Posts: 3110
|
| Posted: Mon Dec 06, 2021 1:56 pm Post subject: |
|
|
Your DISABLE section is wrong.
Where are you writing that code?
|
|
| Back to top |
|
|
ZoomGC
How do I cheat?
![]() Reputation: 0
Joined: 06 Dec 2021
Posts: 6
|
| Posted: Mon Dec 06, 2021 2:29 pm Post subject: |
|
|
@Csimbi I’m writing it back to the address that was originally used (in vanilla game) for blink distance ([rcx+rds*8+24]) as to restore the the value from OldBlink back into it, the OldBlink value being in rbx…
_________________
Gotten much better at CE, still learning and loving it though, also started using IDA :) |
|
| Back to top |
|
|
STN
I post too much
 Reputation: 42
Joined: 09 Nov 2005
Posts: 2672
|
| Posted: Tue Dec 07, 2021 3:15 am Post subject: |
|
|
[DISABLE]
mov [rcx+rdx*8+24],rbx
pop rbx
BlinkDist2:
db F3 44 0F 10 44 D1 24
SHOULD BE
[DISABLE]
BlinkDist2:
db F3 44 0F 10 44 D1 24
_________________
|
|
| Back to top |
|
|
ZoomGC
How do I cheat?
![]() Reputation: 0
Joined: 06 Dec 2021
Posts: 6
|
| Posted: Tue Dec 07, 2021 5:19 pm Post subject: |
|
|
Thank you very much but how would I move the OldBlink value back into the address on disable?
_________________
Gotten much better at CE, still learning and loving it though, also started using IDA :) |
|
| Back to top |
|
|
ZoomGC
How do I cheat?
![]() Reputation: 0
Joined: 06 Dec 2021
Posts: 6
|
| Posted: Sat Dec 11, 2021 9:40 am Post subject: |
|
|
This hasn't fixed it
_________________
Gotten much better at CE, still learning and loving it though, also started using IDA :) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
