 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
JustHim24
How do I cheat?
![]() Reputation: 0
Joined: 15 Jan 2024
Posts: 7
|
 Posted: Mon Jan 15, 2024 11:37 pm Post subject: Some Cheat tables I worked on |
 |
|
This is my first time posting any of my cheats. I am fairly new and i've been following guides by @Stephen Chapman on youtube and it has been very helpful. Please give me any feedback or advice you guys may have im very eager to learn. Much thanks!
My account is not eligible to post URLS yet so look up XavierCruz5106 on github to find my cheat tables
|
|
| Back to top |
|
 |
ParkourPenguin
I post too much
 Reputation: 152
Joined: 06 Jul 2014
Posts: 4719
|
| Posted: Tue Jan 16, 2024 12:49 am Post subject: |
|
|
Cheat tables aren't distributed here anymore. Try a third party site:
https://forum.cheatengine.org/thirdparty.php
| Quote: | | Code: | [ENABLE]
aobscan(INJECT,F3 0F 11 AE 9C 00 00 00 48 8B CE 49) // should be unique
alloc(newmem,$1000,INJECT)
registersymbol(newmem)
registersymbol(INJECT)
registersymbol(playerStuffs)
define(playerStuffs,newmem+100)
label(return)
playerStuffs:
dd 0
newmem:
mov [playerStuffs],rsi
movss [rsi+0000009C],xmm5
jmp return
INJECT:
jmp newmem
nop 3
return:
[DISABLE]
INJECT:
db F3 0F 11 AE 9C 00 00 00
unregistersymbol(INJECT)
dealloc(newmem)
unregistersymbol(newmem)
{
... omitted for brevity ...
} |
|
Good job including the comment that shows the code around the injection point. That makes it far easier to update the script if the game updates and the aob signature changes.
No need for `registersymbol(newmem)`. In this case, it's not harmful because there's only one script in the table. If you had more than one script that did that, this would seriously screw things up when the wrong memory gets deallocated.
`define(playerStuffs,newmem+100)` - use labels instead, and put it further away from newmem. You've got at minimum 4 KiB to work with- no sense making everything cramped.
| Code: | label(playerStuffs)
registersymbol(playerStuffs)
...
newmem+800:
playerStuffs: |
Pointers in 64-bit processes are 8 bytes. Use `dq 0` instead of `dd 0`. Doesn't really matter in this case since there's only one variable. If there were several placed contiguously, they would overlap and very weird things would happen.
Remove structures you don't use in the table. They bloat .CT file size.
Memory Viewer -> Tools -> Dissect data/structures -> File -> Delete all structures
Instead of using an address like `[playerStuffs]+b4`, you could tick the "pointer" checkbox, set the base address to "playerStuffs", and 1 offfset "b4"
It's more or less the same thing though
Other table:
| Quote: | | Code: | [ENABLE]
//aobscanmodule(INJECT,GameAssembly.dll,89 51 24 49 8B F8) // should be unique
define(INJECT, GameAssembly.dll+A9886A)
registersymbol(INJECT)
... |
|
If you're not going to do an aobscan, use the full injection template instead.
I didn't look through the rest that closely, but the same problems in the previous script exist in this table.
You don't need to register every symbol you use- symbols defined by `alloc` are remembered when the script is disabled.
Symbols that are registered must be unique. Don't register generic names like "newmem" or "INJECT", or else you'll start screwing with things you didn't intend to.
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
| Back to top |
|
|
JustHim24
How do I cheat?
![]() Reputation: 0
Joined: 15 Jan 2024
Posts: 7
|
| Posted: Tue Jan 16, 2024 12:05 pm Post subject: |
|
|
| ParkourPenguin wrote: |
| Quote: | | Code: | [ENABLE]
aobscan(INJECT,F3 0F 11 AE 9C 00 00 00 48 8B CE 49) // should be unique
alloc(newmem,$1000,INJECT)
registersymbol(newmem)
registersymbol(INJECT)
registersymbol(playerStuffs)
define(playerStuffs,newmem+100)
label(return)
playerStuffs:
dd 0
newmem:
mov [playerStuffs],rsi
movss [rsi+0000009C],xmm5
jmp return
INJECT:
jmp newmem
nop 3
return:
[DISABLE]
INJECT:
db F3 0F 11 AE 9C 00 00 00
unregistersymbol(INJECT)
dealloc(newmem)
unregistersymbol(newmem)
{
... omitted for brevity ...
} |
|
Good job including the comment that shows the code around the injection point. That makes it far easier to update the script if the game updates and the aob signature changes.
No need for `registersymbol(newmem)`. In this case, it's not harmful because there's only one script in the table. If you had more than one script that did that, this would seriously screw things up when the wrong memory gets deallocated.
`define(playerStuffs,newmem+100)` - use labels instead, and put it further away from newmem. You've got at minimum 4 KiB to work with- no sense making everything cramped.
| Code: | label(playerStuffs)
registersymbol(playerStuffs)
...
newmem+800:
playerStuffs: |
Pointers in 64-bit processes are 8 bytes. Use `dq 0` instead of `dd 0`. Doesn't really matter in this case since there's only one variable. If there were several placed contiguously, they would overlap and very weird things would happen.
Remove structures you don't use in the table. They bloat .CT file size.
Memory Viewer -> Tools -> Dissect data/structures -> File -> Delete all structures
Instead of using an address like `[playerStuffs]+b4`, you could tick the "pointer" checkbox, set the base address to "playerStuffs", and 1 offfset "b4"
It's more or less the same thing though
Other table:
| Quote: | | Code: | [ENABLE]
//aobscanmodule(INJECT,GameAssembly.dll,89 51 24 49 8B F8) // should be unique
define(INJECT, GameAssembly.dll+A9886A)
registersymbol(INJECT)
... |
|
If you're not going to do an aobscan, use the full injection template instead.
I didn't look through the rest that closely, but the same problems in the previous script exist in this table.
You don't need to register every symbol you use- symbols defined by `alloc` are remembered when the script is disabled.
Symbols that are registered must be unique. Don't register generic names like "newmem" or "INJECT", or else you'll start screwing with things you didn't intend to. |
Thanks for the feedback ill definitely be more aware of those issues in the future!! and i appreciate the time you took to provide this information
|
|
| Back to top |
|
|
STN
I post too much
 Reputation: 43
Joined: 09 Nov 2005
Posts: 2676
|
| Posted: Sun Jan 21, 2024 8:55 am Post subject: |
|
|
I suggest https://fearlessrevolution.com only but I am biased ^_^
PS: Seeing your nick brought some memories, nice to see you still active and helping peeps around
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
