 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Y.A.K.E
Cheater
![]() Reputation: 0
Joined: 15 Jul 2019
Posts: 40
|
 Posted: Wed Mar 30, 2022 12:53 pm Post subject: I have two questions about AA |
 |
|
1, How to compare a big number with AA?
cmp rax,#1000000000
jg code
2,readmem not working
| Code: |
[ENABLE]
aobscanmodule( money_INJECT, game.exe , 45 89 AE * 05 00 00 )
alloc(newmem,$1000,money_INJECT)
alloc(bkp_money,7,money_INJECT)
registersymbol(bkp_money)
bkp_money:
readmem(money_INJECT,7) //<--- is working
label(code)
label(return)
newmem:
mov r13d,#900000
code:
readmem(bkp_money,7) //<--- not working
//mov [r14+00000524],r13d <--- new game version
//mov [r14+00000500],r13d <--- old game version
jmp return
money_INJECT:
jmp newmem
nop 2
return:
registersymbol(money_INJECT)
[DISABLE]
money_INJECT:
readmem(bkp_money,7) //<--- is working
//db 45 89 AE 00 05 00 00 <-- old game version
unregistersymbol(bkp_money)
dealloc(bkp_money)
unregistersymbol(money_INJECT)
dealloc(newmem)
|
[/quote] |
|
| Back to top |
|
 |
TheyCallMeTim13
Wiki Contributor
 Reputation: 50
Joined: 24 Feb 2017
Posts: 976
Location: Pluto
|
| Posted: Wed Mar 30, 2022 12:57 pm Post subject: |
|
|
You can only compare a 32 bit immediate. You'll need to break it up, or use a registry.
And what you are trying to read with readMem doesn't exist yet for the one that's not working. Do it the same as where it's working in the enable section.
_________________
|
|
| Back to top |
|
|
panraven
Grandmaster Cheater
![]() Reputation: 52
Joined: 01 Oct 2008
Posts: 925
|
| Posted: Wed Mar 30, 2022 1:40 pm Post subject: |
|
|
Alternative that may considered:
1. pointer typecast:
| Code: |
...
aobscanmodule( money_INJECT, game.exe , 45 89 AE * 05 00 00 )
...
label(omoney)
(DWORD)[money_INJECT+03]:
omoney: /// --> this set omoney to the 4 bytes (should be signed) integer value at * 05 00 00 (addr=money_INJECT+03)
...
code:
/// readmem(bkp_money,7)
mov [r14+omoney],r13d
...
|
(DWORD)[money_INJECT+03] -> means read the content at money_INJECT+03 and type cast it to DWORD
The caveat is that typecast line may likely error during syntaxcheck, ignore and save and execute the script may work if no other actual error.
2. manipulate code from the save at readmem,
| Code: |
...
bkp_money:
readmem(money_INJECT,7)
...
code:
/// readmem(bkp_money,7)
push rax
mov rax,bkp_money+03
mov eax,[rax]///read in * 05 00 00
movsxd rax,eax/// and sign extend to 64bit (fixed movsxd rax,[...] not compile)
mov [r14+rax],r13d
pop rax
|
3. oh, forgot this, reassemble for original code, may fail if involve rip addressing
| Code: |
code:
/// readmem(bkp_money,7)
reassemble(money_INJECT)
|
_________________
- Retarded. |
|
| Back to top |
|
|
Y.A.K.E
Cheater
![]() Reputation: 0
Joined: 15 Jul 2019
Posts: 40
|
| Posted: Wed Mar 30, 2022 10:22 pm Post subject: |
|
|
Thank everyone.
I'll try.
----
1 and 3 It's all work.Thank you very much.
| panraven wrote: |
2. manipulate code from the save at readmem,
| Code: |
...
bkp_money:
readmem(money_INJECT,7)
...
code:
/// readmem(bkp_money,7)
push rax
mov rax,bkp_money+03
mov eax,[rax]///read in * 05 00 00
movsxd rax,eax/// and sign extend to 64bit (fixed movsxd rax,[...] not compile)
mov [r14+rax],r13d
pop rax
|
|
2, I need this to work
| Code: |
push rax
mov rax,dword ptr[bkp_money+03]
mov [r14+rax],r13d
pop rax
|
|
|
| Back to top |
|
|
TsTg
Master Cheater
 Reputation: 5
Joined: 12 Dec 2012
Posts: 319
Location: Somewhere....
|
| Posted: Thu Mar 31, 2022 6:23 pm Post subject: |
|
|
| Quote: | | 2, I need this to work |
try this:
| Code: |
push rax
xor rax,rax
mov ax,word ptr [bkp_money+03]
mov [r14+rax],r13d
pop rax
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
