Cheat Engine

Hi Kai · How do I cheat? Reputation: 0 Joined: 19 Jan 2025 Posts: 2

There is such a simple script, I am not very good at writing scripts. But as I understand it, this value is not overwritten. This is the character's speed value set in the game's code. Therefore, after entering its value, it is stored there. I would like this value to be inserted into the address (the original value) after the script completes.

Script:

[ENABLE]

aobscanmodule(Runspeed,GameAssembly.dll,8B 43 34 48 8D 93 60 01 00 00) // should be unique
alloc(newmem,$1000,Runspeed)

label(code)
label(return)

newmem:
mov [rbx+34],(float)25

code:
mov eax,[rbx+34]
lea rdx,[rbx+00000160]
jmp return

Runspeed:
jmp newmem
nop 5
return:
registersymbol(Runspeed)

[DISABLE]

Runspeed:
db 8B 43 34 48 8D 93 60 01 00 00

unregistersymbol(Runspeed)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: GameAssembly.dll+2F861D1

GameAssembly.dll+2F86199: 8B B8 D4 01 00 00 - mov edi,[rax+000001D4]
GameAssembly.dll+2F8619F: 48 8B 05 62 4B 92 02 - mov rax,[GameAssembly.dll+58AAD08]
GameAssembly.dll+2F861A6: 83 B8 E0 00 00 00 00 - cmp dword ptr [rax+000000E0],00
GameAssembly.dll+2F861AD: 75 0F - jne GameAssembly.dll+2F861BE
GameAssembly.dll+2F861AF: 48 8B C8 - mov rcx,rax
GameAssembly.dll+2F861B2: E8 B9 65 5D FD - call GameAssembly.dll+55C770
GameAssembly.dll+2F861B7: 48 8B 05 4A 4B 92 02 - mov rax,[GameAssembly.dll+58AAD08]
GameAssembly.dll+2F861BE: 48 8B 80 B8 00 00 00 - mov rax,[rax+000000B8]
GameAssembly.dll+2F861C5: 3B B8 08 26 00 00 - cmp edi,[rax+00002608]
GameAssembly.dll+2F861CB: 0F 84 FF 00 00 00 - je GameAssembly.dll+2F862D0
// ---------- INJECTING HERE ----------
GameAssembly.dll+2F861D1: 8B 43 34 - mov eax,[rbx+34]
// ---------- DONE INJECTING ----------
GameAssembly.dll+2F861D4: 48 8D 93 60 01 00 00 - lea rdx,[rbx+00000160]
GameAssembly.dll+2F861DB: 48 8D 4C 24 30 - lea rcx,[rsp+30]
GameAssembly.dll+2F861E0: 89 83 5C 01 00 00 - mov [rbx+0000015C],eax
GameAssembly.dll+2F861E6: E8 55 89 65 FD - call UnityEngine.Vector3.get_normalized
GameAssembly.dll+2F861EB: 33 D2 - xor edx,edx
GameAssembly.dll+2F861ED: 48 8B CB - mov rcx,rbx
GameAssembly.dll+2F861F0: F2 0F 10 00 - movsd xmm0,[rax]
GameAssembly.dll+2F861F4: 8B 40 08 - mov eax,[rax+08]
GameAssembly.dll+2F861F7: F2 0F 11 44 24 20 - movsd [rsp+20],xmm0
GameAssembly.dll+2F861FD: 89 44 24 28 - mov [rsp+28],eax
}

jgoemat · Posted: Tue Jan 21, 2025 9:05 am Post subject:

I think what you're saying is that you have a cheat here that sets the value to 25, but after you disable the script it remains with the new value of 25, but you want that to go back to it's original value. That's a little tricky. One thing you could do would be to just save the 'rbx' value and create a table entry to let people edit that value.

Another option might be to use a globalalloc to get memory that isn't deallocated and save the value, then instead of replacing the original code, replace it with code to set the value to the saved value instead of 25. Or maybe save the pointer and speed and use a {$lua} section in the disable to restore the value to the original address. This modification shows saving the speed one time. It could be that your game does change that value sometimes like when you change equipment or get an upgrade and this would only store the first value.

Hi Kai · How do I cheat? Reputation: 0 Joined: 19 Jan 2025 Posts: 2

Yes, you got it right, or you can learn more about recording in rbx. I would like to do this in order to manually edit the address.