|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
bknight2602 Grandmaster Cheater Reputation: 0
Joined: 08 Oct 2012 Posts: 577
|
Posted: Thu Jan 27, 2022 12:07 pm Post subject: memscan finds no values, but normal scan finds over 14000 |
|
|
Code: |
ms = createMemScan();
memscan_firstScan(ms, soExactValue, vtWord, rtRounded, expvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
|
I have a memscan that finds no matches, but a scan with writable checked
executable with a box copyonwrite not checked and fast scan not cheked finds over 14000.
What is wrong with the memscan?
|
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1055 Location: 0x90
|
Posted: Thu Jan 27, 2022 12:44 pm Post subject: |
|
|
See here:
MemScan
|
|
Back to top |
|
|
bknight2602 Grandmaster Cheater Reputation: 0
Joined: 08 Oct 2012 Posts: 577
|
Posted: Thu Jan 27, 2022 4:13 pm Post subject: |
|
|
I'm afraid all the descriptions don't indicate to me why the memscan doesn't get any matches.
But thanks for the link.
|
|
Back to top |
|
|
LeFiXER Grandmaster Cheater Supreme Reputation: 20
Joined: 02 Sep 2011 Posts: 1055 Location: 0x90
|
Posted: Thu Jan 27, 2022 4:25 pm Post subject: |
|
|
More precisely:
Code: |
firstScan(scanoption, vartype, roundingtype, input1, input2 ,startAddress ,stopAddress ,protectionflags ,alignmenttype ,"alignmentparam" ,isHexadecimalInput ,isNotABinaryString, isunicodescan, iscasesensitive);
|
Take a look at your parameters:
Code: |
ms = createMemScan();
memscan_firstScan(ms, soExactValue, vtWord, rtRounded, expvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
|
The first one should not be the memscan object. It should be the scan option you have the choices of:
Code: |
scanOption: Defines what type of scan is done. Valid values for firstscan are:
soUnknownValue: Unknown initial value scan
soExactValue: Exact Value scan
soValueBetween: Value between scan
soBiggerThan: Bigger than ... scan
soSmallerThan: smaller than ... scan
|
That aside, appending statements with a semi-colon is not required in Lua unless each statement is on the same line e.g.:
Code: |
if object then object.destroy(); object = nil end
|
Your initialisation of ms is not required because "memscan_" accesses a global object. You either omit the initilialisation or opt for something like this:
Code: |
ms = createMemScan()
ms.firstscan(...)
|
|
|
Back to top |
|
|
bknight2602 Grandmaster Cheater Reputation: 0
Joined: 08 Oct 2012 Posts: 577
|
Posted: Thu Jan 27, 2022 4:41 pm Post subject: |
|
|
Here is a code that I just ran
Code: |
ms = createMemScan();
ms2 = createMemScan();
--The key to recalculating should be goldoffset subtracted from a specific hero experience address
memscan_firstScan(ms, soExactValue, vtWord, rtRounded, expvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
memscan_waitTillDone(ms);
fl = createFoundList(ms);
foundlist_initialize(fl);
foundlist_getCount(fl);
memscan_firstScan(ms2, soExactValue, vtWord, rtRounded, goldvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
memscan_waitTillDone(ms2);
fl2 = createFoundList(ms2);
foundlist_initialize(fl2);
foundlist_getCount(fl2);
|
Found matches in both scans, with additional code following but not posted here. I can if you wish. Why does it work here and not on the other code?
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Thu Jan 27, 2022 5:18 pm Post subject: |
|
|
Well one thing is that the way you are doing it, isn't really documented any more. Now, because of the way Lua is set up in CE it should still work that way. But many may not know for sure and thus won't even try to help because it's used in a object oriented fashion by most people any more; this includes me. So let's look at how it's documented in the "celua.txt" file.
Code: |
MemScan Class (Inheritance: Object)
getCurrentMemscan() : Returns the current memory scan object. If tabs are used the current tab's memscan object
createMemScan(progressbar OPTIONAL) : Returns a new MemScan class object
properties
LastScanWasRegionScan: boolean - returns true is the previous scan was an unknown initial value
LastScanValue: string
LastScanType: ScanType/string - 'stNewScan', 'stFirstScan', 'stNextScan'
ScanresultFolder: string - Path where the results are stored
OnScanDone: function(memscan) - Set a function to be called when the scan has finished
OnGuiUpdate: function(memscan, TotalAddressesToScan, CurrentlyScanned, ResultsFound) - Called during the scan so you can update the interface if needed
FoundList: FoundList - The foundlist currently attached to this memscan object
OnlyOneResult: boolean - If this is set to true memscan will stop scanning after having found the first result, and written the address to "Result"
IsUnique: boolean - Same as OnlyOneResult but will use multiple threads, so if the value is not unique you will be given a random address
Result: Integer - If OnlyOneResult is used this will contain the address after a scan has finished
CodePage: boolean;
ScanOption: TScanoption
VariableType: TVariableType
VarType: TVariableType : ^
Roundingtype: TRoundingType
Scanvalue: string : Value to scan
Scanvalue1: string : ^
Scanvalue2: string : Secondary value to scan (e.g value between scan)
Startaddress: integer
Stopaddress: integer
Hexadecimal: boolean
BinaryStringAsDecimal: boolean
UTF16: boolean
Casesensitive: boolean
Fastscanmethod: TFastScanMethod
Fastscanparameter: string
Customtype: TCustomType
ScanWritable: TScanregionpreference ('scanDontCare', 'scanExclude', 'scanInclude')
ScanExecutable: TScanregionpreference ('scanDontCare', 'scanExclude', 'scanInclude')
ScanCopyOnWrite: TScanregionpreference ('scanDontCare', 'scanExclude', 'scanInclude')
Percentage: boolean
CompareToSavedScan: boolean
SavedScanName: string
methods
scan(): Does either a first scan or next scan based on the given property values
firstScan() : Does a first scan based on the given property values
nextScan() : Does a next scan based on the given property values
newScan() : Clears the current results
firstScan(scanoption, vartype, roundingtype, input1, input2 ,startAddress ,stopAddress ,protectionflags ,alignmenttype ,"alignmentparam" ,isHexadecimalInput ,isNotABinaryString, isunicodescan, iscasesensitive);
Does an initial scan.
memscan: The MemScan object created with createMemScan
scanOption: Defines what type of scan is done. Valid values for firstscan are:
soUnknownValue: Unknown initial value scan
soExactValue: Exact Value scan
soValueBetween: Value between scan
soBiggerThan: Bigger than ... scan
soSmallerThan: smaller than ... scan
vartype: Defines the variable type. Valid variable types are:
vtByte 0
vtWord 1
vtDword 2
vtQword 3
vtSingle 4
vtDouble 5
vtString 6
vtByteArray 8
vtGrouped 14
vtBinary 9
vtAll 10
roundingtype: Defined the way scans for exact value floating points are handled
rtRounded : Normal rounded scans. If exact value = "3" then it includes 3.0 to 3.49999999. If exact value is "3.0" it includes 3.00 to 3.0499999999
rtTruncated: Truncated algorithm. If exact value = "3" then it includes 3.0 to 3.99999999. If exact value is "3.0" it includes 3.00 to 3.099999999
rtExtremerounded: Rounded Extreme. If exact value = "3" then it includes 2.0000001 to 3.99999999. If exact value is "3.0" it includes 2.900000001 to 3.099999999
input1: If required by the scanoption this is a string of the given variable type
input2: If requires by the scanoption this is the secondary input
startAddress : The start address to scan from. You want to set this to 0
stopAddress : The address the scan should stop at. (You want to set this to 0xffffffffffffffff)
protectionflags : See aobscan about protectionflags
alignmenttype : Scan alignment type. Valid options are:
fsmNotAligned : No alignment check
fsmAligned : The address must be dividable by the value in alignmentparam
fsmLastDigits : The last digits of the address must end with the digits provided by alignmentparam
alignmentparam : String that holds the alignment parameter.
isHexadecimalInput: When true this will handle the input field as a hexadecimal string else decimal
isNotABinaryString: When true and the varType is vtBinary this will handle the input field as a decimal instead of a binary string
isunicodescan: When true and the vartype is vtString this will do a unicode (utf16) string scan else normal utf8 string
iscasesensitive : When true and the vartype is vtString this check if the case matches
|
Now if you look at the "firstScan" Method.
Code: |
firstScan(scanoption, vartype, roundingtype, input1, input2 ,startAddress ,stopAddress ,protectionflags ,alignmenttype ,"alignmentparam" ,isHexadecimalInput ,isNotABinaryString, isunicodescan, iscasesensitive); |
You'll see there are four boolean parameters, "isHexadecimalInput", "isNotABinaryString", "isunicodescan", "iscasesensitive". Note the "isNotABinaryString", and you are passing false to this; thus you are saying it is a binary string.
You also use globals for the objects and never call "destroy" no them so that may be causing some issues. And without knowing other relevant information like what you're actually scanning for it's hard to say what else might be going on. Could be a simple as a wrong value type, or maybe the wrong type for the scan value. Plus you call "foundlist_getCount" but you don't actually do anything with it, so how are you actually checking for the results count?
_________________
|
|
Back to top |
|
|
bknight2602 Grandmaster Cheater Reputation: 0
Joined: 08 Oct 2012 Posts: 577
|
Posted: Thu Jan 27, 2022 5:58 pm Post subject: |
|
|
Here is the complete function with a lot of commented lines that I debugged.
Code: |
function RecalculateAddresses()
print("Hero name ", heroname, "experience to search = " ,expvalue, " and gold to match = ", goldvalue)
if heroname == "Hero 1" then
goldoffset = 0x78--items are in num format
elseif heroname == "Hero 2" then
goldoffset = 0x75--items are in num format
elseif heroname == "Hero 3" then
goldoffset = 0x72--items are in num format
else
goldoffset = 0x6F--items are in num format
end
--print(goldoffset)
errorOnLookupFailure(false);
ms = createMemScan();
ms2 = createMemScan();
--The key to recalculating should be goldoffset added to specific hero experience AOB
memscan_firstScan(ms, soExactValue, vtWord, rtRounded, expvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
memscan_waitTillDone(ms);
fl = createFoundList(ms);
foundlist_initialize(fl);
foundlist_getCount(fl);
print(foundlist_getCount(fl))
memscan_firstScan(ms2, soExactValue, vtWord, rtRounded, goldvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
memscan_waitTillDone(ms2);
fl2 = createFoundList(ms2);
foundlist_initialize(fl2);
foundlist_getCount(fl2);
print(foundlist_getCount(fl2))
print("num of search hits for experience is ", foundlist_getCount(fl));
print("num of search hits for gold is ", foundlist_getCount(fl2));
print("Gold offset from if statement", goldoffset);
for x = 0, foundlist_getCount(fl)-1 do--Items are in the hex format (0125D60F) without 0x
memrec1 = foundlist_getAddress(fl, x);
memrec2 = tonumber(memrec1, 16);
print("Experience from foundlist_getAddress(fl, x)", x, memrec1);
for y = 0, foundlist_getCount(fl2)-1 do--Items are in hex format without the 0x
memrec3 = foundlist_getAddress(fl2, y);
memrec4 = tonumber(memrec3, 16);
print("Gold from foundlist_getAddress(fl2, x)", y, memrec3);
if memrec4 - memrec2 == goldoffset then
experienceaddress = memrec1;--address in hex format without 0x
print("exp address ", experienceaddress);
goldaddress = memrec3;--address in hex format without 0x
byteoffset = memrec3--goldaddress
byteoffset = "0x" .. byteoffset;
print("gold address ", goldaddress);
print("byteoffset ", byteoffset);
break;
end;
end;
if byteoffset ~= nil then
break;
end;
end;
addresslist = getAddressList();
memrec5 = addresslist_getMemoryRecordByDescription(addresslist, "Gold (2 bytes)");--address in hex format without 0x
goldtableaddress = memoryrecord_getAddress(memrec5);--Item in num format
--print("Gold table address", goldtableaddress);
--print("Gold current table address", string.format('%x', goldtableaddress), "which is ", goldtableaddress);
goldtableaddress = string.format('%x', goldtableaddress);--Items in number format converted to hex format without 0x
goldtableaddress = "0x" .. goldtableaddress
for x = 0, addresslist_getCount(addresslist)-1 do
memrec6 = addresslist_getMemoryRecord(addresslist, x);--Item in hex format without the 0x
if byteoffset ~= goldtableaddress then
memoryrecord_setAddress(memrec6, string.format('%x', memoryrecord_getAddress(memrec6) + byteoffset - goldtableaddress));
end;
end;
expvalue = nil
goldvalue = nil
heroname = nil
trainer.exp_value.Caption = "";
trainer.gold_value.Caption = "";
timer_setEnabled(tde, true)
print("The table is recalculated,spaghetti monstermode is not enabled")
trainer.characters_rg.setItemIndex(4);
--radiogroup_setItemIndex(CheatPanel_CERadioGroup2, 8)
end
|
The above came up with zero results for both scans via the orint statements.
Now almost the identical code for a different game different table but works as I posted earlier.
Code: |
function RecalculateAddresses()
--print("Hero name ", heroname, "experience to search = " ,expvalue, "and gold to match = ", goldvalue)
if heroname == "Hero 1" then
goldoffset = 0xF--items are in num format
form_show(CheatPanel_CEListView1)
elseif heroname == "Hero 2" then
goldoffset = 0x21--items are in num format
form_show(CheatPanel_CEListView2)
else
goldoffset = 0x33--items are in num format
form_show(CheatPanel_CEListView3)
end
--print(goldoffset)
errorOnLookupFailure(false);
ms = createMemScan();
ms2 = createMemScan();
--The key to recalculating should be goldoffset subtracted from a specific hero experience address
memscan_firstScan(ms, soExactValue, vtWord, rtRounded, expvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
memscan_waitTillDone(ms);
fl = createFoundList(ms);
foundlist_initialize(fl);
foundlist_getCount(fl);
memscan_firstScan(ms2, soExactValue, vtWord, rtRounded, goldvalue, "", "00000000", "7fffffff", "+W*X-C", fsmNotAligned, "", false, false, false, false);
memscan_waitTillDone(ms2);
fl2 = createFoundList(ms2);
foundlist_initialize(fl2);
foundlist_getCount(fl2);
--print("num of search hits for experience is ", foundlist_getCount(fl));
--print("num of search hits for gold is ", foundlist_getCount(fl2));
--print("Gold offset from if statement", goldoffset);
for x = 0, foundlist_getCount(fl)-1 do--Items are in the hex format (0125D60F) without 0x
memrec1 = foundlist_getAddress(fl, x);
memrec2 = tonumber(memrec1, 16);
--print("Experience from foundlist_getAddress(fl, x)", x, memrec1);
for y = 0, foundlist_getCount(fl2)-1 do--Items are in hex format without the 0x
memrec3 = foundlist_getAddress(fl2, y);
memrec4 = tonumber(memrec3, 16);
--print("Gold from foundlist_getAddress(fl2, x)", y, memrec3);
if memrec2 - memrec4 == goldoffset then
experienceaddress = memrec1;--address in hex format without 0x
--print("exp address ", experienceaddress);
goldaddress = memrec3;--address in hex format without 0x
byteoffset = memrec3--goldaddress
byteoffset = "0x" .. byteoffset;
--print("gold address ", goldaddress);
--print("byteoffset ", byteoffset);
break;
end;
end;
if byteoffset ~= nil then
break;
end;
end;
local addresslist = getAddressList();
memrec5 = addresslist_getMemoryRecordByDescription(addresslist, "Gold (2 bytes)");--address in hex format without 0x
goldtableaddress = memoryrecord_getAddress(memrec5);--Item in num format
--print("Gold table address", goldtableaddress);
--print("Gold current table address", string.format('%x', goldtableaddress), "which is ", goldtableaddress);
goldtableaddress = string.format('%x', goldtableaddress);--Items in number format converted to hex format without 0x
goldtableaddress = "0x" .. goldtableaddress
for x = 0, addresslist_getCount(addresslist)-1 do
memrec6 = addresslist_getMemoryRecord(addresslist, x);--Item in hex format without the 0x
if byteoffset ~= goldtableaddress then
memoryrecord_setAddress(memrec6, string.format('%x', memoryrecord_getAddress(memrec6) + byteoffset - goldtableaddress));
end;
end;
expvalue = nil
goldvalue = nil
heroname = nil
edit_clear(CheatPanel_CEEdit1);
edit_clear(CheatPanel_CEEdit2);
radiogroup_setItemIndex(CheatPanel_CERadioGroup1, 0);
print("table is recalculated");
print("God Mode is not enabled");
--print("the timer is about to be enabled");
--timer_setEnabled(t, true);
--print("the timer has been enabled");
--radiogroup_setItemIndex(CheatPanel_CERadioGroup1, -1)
end--function RecalculateAddresses()
|
They appear to me to nearly identical in the scheme of the code. In short I'm looking for 3 variables heroname, exp, gold. I know the distance between gold and exp for a specific heroname, the difference is what I'm looking for, then if that difference matches the known value all the records are recalculated. These codes were written perhaps 10-15 years ago, and if the coding has changed and won'r work, I guess I'll have to re-write a lot of codes.
|
|
Back to top |
|
|
TheyCallMeTim13 Wiki Contributor Reputation: 50
Joined: 24 Feb 2017 Posts: 976 Location: Pluto
|
Posted: Thu Jan 27, 2022 8:14 pm Post subject: |
|
|
In both scripts "expvalue", and "goldvalue" are never set before the scans. Thus I still don't know what you're actually scanning for. And if they are not binary strings then this will not find them since you are telling the memscan you're using a binary string. And thus I'd have to say you're scanning for nil, so there is nothing to find. And with everything being global there's no telling what else might be setting this stuff, and so other code could be breaking things. Plus there is no clean up for the memscans or found lists, and those are also global so that could cause problems if you run this more than once.
And yeah, if you update CE you might have to update code. CE is pretty good about things continuing to work, but there is no guarantee. It's like any framework or even games. Have you tried this with the same version of CE as it was created?
And format your code, you have some formatted then random indents and no indents. But, I generally don't even look at unformatted code any more. Unformatted code is a good way to have a lot of people nope out of the situation. Plus all the prints make this really taxing to read, so you tend to want to remove that kind of stuff before posting; I get that you're "debugging" with that but you're asking people to read a lot of unneeded things.
_________________
|
|
Back to top |
|
|
bknight2602 Grandmaster Cheater Reputation: 0
Joined: 08 Oct 2012 Posts: 577
|
Posted: Thu Jan 27, 2022 8:41 pm Post subject: |
|
|
You are correct that those values are set form edit boxes which are immaterial to the function, but both are there as well as heorname which is set from a radio graph.
Here is a couple of images.
byteoffset = memrec3 and is nil because there are no matches and the function fails.
ETA:
Before you ask both expvalue and goldvalue are numbers not strings.
ETA2:
I re-ran with a different set of values and found many matches. The top image is the output, as you can see the function ran into an error after all the print statements, in the correction part of the function. I'm not sure why it found matches now and didn't during the prior runs.
Description: |
|
Filesize: |
93.02 KB |
Viewed: |
2470 Time(s) |
|
Description: |
|
Filesize: |
87.35 KB |
Viewed: |
2486 Time(s) |
|
Description: |
|
Filesize: |
74.81 KB |
Viewed: |
2486 Time(s) |
|
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Fri Jan 28, 2022 1:34 am Post subject: |
|
|
is the target process still 32-bit ?
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
bknight2602 Grandmaster Cheater Reputation: 0
Joined: 08 Oct 2012 Posts: 577
|
Posted: Fri Jan 28, 2022 8:51 am Post subject: |
|
|
Dark Byte wrote: | is the target process still 32-bit ? |
I believe so, it is an emulator 20+ years old with a ROM of equal age.
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|