 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
MotorBoatMan
How do I cheat?
![]() Reputation: 0
Joined: 08 Jan 2024
Posts: 2
Location: Romania
|
 Posted: Mon Jan 08, 2024 8:36 am Post subject: [Help] I need a little bit of help in making a script |
 |
|
Hey everyone! While I knew about Cheat Engine and used it for a long time, I never bothered learning advanced stuff like pointer scanning, scripting, assembly, opcodes, functions, debugger, etc. and recently I was looking for a cheat table for Juiced 2 Hot Import Nights (that came out in 2007) that would have a "Infinite Nitro" option and I couldn't find one. While I managed to get a trainer that did that, it wasn't consistent and in some races it would not work, so then I was like: "Maybe I can make one!". I looked up tutorials on YouTube and I managed to learn a lot of things but I ended up encountering some things I don't know and came here to get help.
So first I did a float search and managed to get the (dynamic) nitrous address, and with that I was able to get the instruction that depletes the nitrous bar and the one that fills the nitrous bar.
I made an auto assemble code injection table and nop'd the instruction that depletes the nitrous bar (by commenting it out) but the problem is that at the start of every race, the nitrous bar is empty, and you need to fill it up.
And now my question is: how can I fill the nitrous bar before nop'ing the depletion instruction?
These are the instructions in case they provide any help:
Nitrous depletion: movss [esi+000010C0],xmm0
Nitrous addition: movss [eax+000010C0],xmm0
TL;DR: I have 2 questions:
1. How can I add a float value to a register? (if it's possible)
2. How can I fill the nitrous bar before nop'ing the instruction that depletes the nitrous?
Thanks for taking time reading this!
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4720
|
| Posted: Mon Jan 08, 2024 1:44 pm Post subject: |
|
|
Sounds like the instruction that depletes the nitrous bar also initializes it at the start of the race.
Hard to say what to do without more information. If the nitrous is uninitialized before that point, you can't really know anything about that value to determine whether the instruction is initializing nitrous or decreasing it.
You could try to check if the current value is less than the new value (would work if it's previously zero-initialized), but if the current value read is indeterminate (truly uninitialized memory), this could crash the game later on due to leaving it uninitialized.
| Code: | ...
label(exit)
newmem:
comiss xmm0,[esi+000010C0]
jbe exit // if new value <= old value, skip write
movss [esi+000010C0],xmm0
exit:
jmp return
... |
Is there a "max nitrous" value near the nitrous value? Right click the nitrous memory record in the address lisit and select "Browse this memory region". In the data view (bottom half of memory viewer), right click it and set the display type as float. Search for the max nitrous value somewhere around there- could be above or below that value. Then, figure out the offset and use that value in the code injection to always max out the nitrous value.
| Code: | ...
newmem:
movss xmm0,[esi+000010CC] // max nitrous: 3 floats (0xC bytes) after nitrous
movss [esi+000010C0],xmm0
jmp return
... |
If all cars have the same max nitrous, it could just be a constant.
| Code: | ...
alloc(newmem,2048)
alloc(maxNitrous,4)
newmem:
movss xmm0,[maxNitrous]
movss [esi+000010C0],xmm0
jmp return
maxNitrous:
dd (float)1000
... |
The instruction that increases nitrous value should have information about the max nitrous value somewhere before the write. If you're not familiar with assembly, this could be infeasible for you to determine. (might not even be in the same function)
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
MotorBoatMan
How do I cheat?
![]() Reputation: 0
Joined: 08 Jan 2024
Posts: 2
Location: Romania
|
| Posted: Mon Jan 08, 2024 4:12 pm Post subject: |
|
|
Sorry for the late reply. I was able to find a couple more interesting and helpful things.
| ParkourPenguin wrote: | Sounds like the instruction that depletes the nitrous bar also initializes it at the start of the race.
Hard to say what to do without more information. If the nitrous is uninitialized before that point, you can't really know anything about that value to determine whether the instruction is initializing nitrous or decreasing it.
You could try to check if the current value is less than the new value (would work if it's previously zero-initialized), but if the current value read is indeterminate (truly uninitialized memory), this could crash the game later on due to leaving it uninitialized.
| Code: | ...
label(exit)
newmem:
comiss xmm0,[esi+000010C0]
jbe exit // if new value <= old value, skip write
movss [esi+000010C0],xmm0
exit:
jmp return
... |
|
While I don't know how to respond to this, all I can say is that the game uses the same function every time I use nitrous and it only triggers when I use it.
I used the debugger to check and it only updates the counter when I use nitrous.
| ParkourPenguin wrote: | Is there a "max nitrous" value near the nitrous value? Right click the nitrous memory record in the address lisit and select "Browse this memory region". In the data view (bottom half of memory viewer), right click it and set the display type as float. Search for the max nitrous value somewhere around there- could be above or below that value. Then, figure out the offset and use that value in the code injection to always max out the nitrous value.
| Code: | ...
newmem:
movss xmm0,[esi+000010CC] // max nitrous: 3 floats (0xC bytes) after nitrous
movss [esi+000010C0],xmm0
jmp return
... |
If all cars have the same max nitrous, it could just be a constant.
| Code: | ...
alloc(newmem,2048)
alloc(maxNitrous,4)
newmem:
movss xmm0,[maxNitrous]
movss [esi+000010C0],xmm0
jmp return
maxNitrous:
dd (float)1000
... |
|
Funny thing, I forgot to mention that the nitrous cap is 3.5 and I managed to find it thanks to your very helpful advice.
I attached a screenshot in which you can see the current nitrous value (0.71) at offset 20 and the nitrous cap value (3.50) at offset 24, so the values are right next to each other, sharing the same address.
| ParkourPenguin wrote: | | The instruction that increases nitrous value should have information about the max nitrous value somewhere before the write. If you're not familiar with assembly, this could be infeasible for you to determine. (might not even be in the same function) |
To be honest I didn't even bother checking for this one but I will do some research on this one as well and I'll probably come back with a video with everything I do in case you can make something out of it.
Thanks a lot for the help! 
| Description: |
|
| Filesize: |
41.07 KB |
| Viewed: |
1094 Time(s) |
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
