 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
 Posted: Wed Feb 26, 2025 9:59 am Post subject: How to make a fly car in aa script |
 |
|
I want to make a fly car but I don't know how to add angles of rotation direction to velocity +230 and +238 Coordinate X Y direction. Here is the LUA fly car script, it works, but I need to do this in an aa script for smoothness and convenience.
| Code: |
{$LUA}
[ENABLE]
function SpeedHack33()
Xp = readFloat('[_Speed33]+230') -- X coordinate position velocity
Xv = readFloat('[_Speed33]+170') -- Coordinate X direction
X = Xp+Xv*1-- Calculate the new position coordinate
Zp = readFloat('[_Speed33]+238')
Zv = readFloat('[_Speed33]+178')-- Coordinate Y direction
Z = Zp+Zv*1
if isKeyPressed(VK_SHIFT)then
writeFloat('[_Speed33]+230', X) -- We write the new coordinate of the velocity position X +0
writeFloat('[_Speed33]+238', Z) -- velocity Y
end
end
t=createTimer(nil)
timer_setInterval(t, 1)
timer_onTimer(t, SpeedHack33)
timer_setEnabled(t, true)
[DISABLE]
timer_setEnabled(t, false)
|
| Code: |
[ENABLE]
aobscanmodule(Fly2,SnowRunner.exe,F3 0F 10 89 34 02 00 00)
alloc(newmem,$1000,Fly2)// "SnowRunner.exe"+B09DD2
label(code)
label(return)
label(Multiplier2)
label(skip2)
label(subGetAsyncKeyState)
registersymbol(Fly2)
registersymbol(Multiplier2)
newmem:
push rax
push rbx
push rdx
push rsi
push rdi
push rbp
push r8
push r9
push r10
push r11
push r12
push r13
push r14
push r15
push rcx
xor r10,r10
mov ecx,VK_SHIFT
call subGetAsyncKeyState
pop rcx
test r10,r10
jz skip2
// THIS IS NOT HOW THE SCRIPT WORKS
//movss xmm0,[rcx+170] //Coordinate X direction
//movss xmm1,[Multiplier2]
//mulss xmm0,xmm1
//movss [rcx+170],xmm0
//movss xmm0,[rcx+178] // Coordinate Y direction
//movss xmm1,[Multiplier2]
//mulss xmm0,xmm1
//movss [rcx+178],xmm0
movss xmm0,[rcx+00000230] //X coordinate position velocity
movss xmm1,[Multiplier2]
mulss xmm0,xmm1
movss [rcx+00000230],xmm0
movss xmm0,[rcx+00000238]// Y coordinate position velocity
movss xmm1,[Multiplier2]
mulss xmm0,xmm1
movss [rcx+00000238],xmm0
jmp skip2
skip2:
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
pop rbp
pop rdi
pop rsi
pop rdx
pop rbx
pop rax
code:
movss xmm1,[rcx+00000234]
jmp return
subGetAsyncKeyState:
push r10
push r11
sub rsp,08
call GetAsyncKeyState
add rsp,08
pop r11
pop r10
test ax,8000
jz short @f
or r10,r11
@@:
ret
Multiplier2:
dd (float)1.2
Fly2:
jmp newmem
nop 3
return:
[DISABLE]
Fly2:
db F3 0F 10 89 34 02 00 00
unregistersymbol(*)
dealloc(*)
|
|
|
| Back to top |
|
 |
Csimbi
I post too much
 Reputation: 97
Joined: 14 Jul 2007
Posts: 3320
|
| Posted: Fri Feb 28, 2025 7:25 am Post subject: |
|
|
I think you are missing a fundamental difference between the two.
The LUA script is using its timer to run "independently".
The AA code runs only when that code you hooked is invoked.
|
|
| Back to top |
|
|
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
| Posted: Fri Feb 28, 2025 7:44 am Post subject: |
|
|
| Csimbi wrote: | I think you are missing a fundamental difference between the two.
The LUA script is using its timer to run "independently".
The AA code runs only when that code you hooked is invoked. |
the code is just an example, I just need to add two offsets, [rcx+170] and [rcx+178] correctly, to the Script.
|
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3320
|
| Posted: Fri Feb 28, 2025 11:17 am Post subject: |
|
|
LUA
| Code: | Xp = readFloat('[_Speed33]+230') -- X coordinate position velocity
Xv = readFloat('[_Speed33]+170') -- Coordinate X direction
X = Xp+Xv*1-- Calculate the new position coordinate |
ASM
| Code: | mov rax,[_Speed33]
movss xmm0,[rax+230]
addss xmm0,[rax+170]
|
LUA
| Code: | Zp = readFloat('[_Speed33]+238')
Zv = readFloat('[_Speed33]+178')-- Coordinate Y direction
Z = Zp+Zv*1
|
ASM
| Code: | mov rax,[_Speed33]
movss xmm1,[rax+238]
addss xmm1,[rax+178]
|
|
|
| Back to top |
|
|
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
| Posted: Fri Feb 28, 2025 11:38 am Post subject: |
|
|
| Csimbi wrote: | LUA
| Code: | Xp = readFloat('[_Speed33]+230') -- X coordinate position velocity
Xv = readFloat('[_Speed33]+170') -- Coordinate X direction
X = Xp+Xv*1-- Calculate the new position coordinate |
ASM
| Code: | mov rax,[_Speed33]
movss xmm0,[rax+230]
addss xmm0,[rax+170]
|
LUA
| Code: | Zp = readFloat('[_Speed33]+238')
Zv = readFloat('[_Speed33]+178')-- Coordinate Y direction
Z = Zp+Zv*1
|
ASM
| Code: | mov rax,[_Speed33]
movss xmm1,[rax+238]
addss xmm1,[rax+178]
|
|
the game hangs when you press VK_SHIFT, what could it be, maybe the rax register?
|
|
| Back to top |
|
|
HenryEx
Expert Cheater
![]() Reputation: 2
Joined: 18 Dec 2011
Posts: 100
|
| Posted: Sat Mar 01, 2025 8:01 am Post subject: |
|
|
| LAGARIUM1 wrote: |
the game hangs when you press VK_SHIFT, what could it be, maybe the rax register? |
Depending on where you inject the code, you might be overwriting a critical value in the rax register. Only write to rax if you know that the game doesn't need the register later on.
Either save the rax value and restore it manually after you're done, or find a register that the code you're hooking doesn't need later on and that you can overwrite freely.
|
|
| Back to top |
|
|
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
| Posted: Sat Mar 01, 2025 8:59 am Post subject: |
|
|
| HenryEx wrote: | | LAGARIUM1 wrote: |
the game hangs when you press VK_SHIFT, what could it be, maybe the rax register? |
Depending on where you inject the code, you might be overwriting a critical value in the rax register. Only write to rax if you know that the game doesn't need the register later on.
Either save the rax value and restore it manually after you're done, or find a register that the code you're hooking doesn't need later on and that you can overwrite freely. |
I tried other registers and there is no crash, they are free
but there is no acceleration, the script for some reason does not work
and an error when I confirm the script
| Description: |
|
| Filesize: |
42.41 KB |
| Viewed: |
12071 Time(s) |
|
|
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3320
|
| Posted: Sun Mar 02, 2025 1:19 pm Post subject: |
|
|
| You need to write those floats back, lol
|
|
| Back to top |
|
|
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
| Posted: Mon Mar 03, 2025 4:18 am Post subject: |
|
|
| Csimbi wrote: | | You need to write those floats back, lol |
I don't understand where to insert this?
mov rax,[_Speed33]
movss xmm0,[rax+230]
addss xmm0,[rax+170]
|
|
| Back to top |
|
|
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
| Posted: Thu Mar 06, 2025 1:33 pm Post subject: |
|
|
| Csimbi wrote: | | You need to write those floats back, lol |
Can you give me more details about the floats? What should I do? I'm confused?
|
|
| Back to top |
|
|
Csimbi
I post too much
Reputation: 97
Joined: 14 Jul 2007
Posts: 3320
|
| Posted: Fri Mar 07, 2025 11:44 am Post subject: |
|
|
| LAGARIUM1 wrote: | | Csimbi wrote: | | You need to write those floats back, lol |
Can you give me more details about the floats? What should I do? I'm confused? |
Write them back.
|
|
| Back to top |
|
|
Frouk
Grandmaster Cheater
![]() Reputation: 5
Joined: 22 Jun 2021
Posts: 507
|
| Posted: Thu Mar 13, 2025 9:26 am Post subject: Re: How to make a fly car in aa script |
|
|
| LAGARIUM1 wrote: | I want to make a fly car but I don't know how to add angles of rotation direction to velocity +230 and +238 Coordinate X Y direction. Here is the LUA fly car script, it works, but I need to do this in an aa script for smoothness and convenience.
| Code: |
{$LUA}
[ENABLE]
function SpeedHack33()
Xp = readFloat('[_Speed33]+230') -- X coordinate position velocity
Xv = readFloat('[_Speed33]+170') -- Coordinate X direction
X = Xp+Xv*1-- Calculate the new position coordinate
Zp = readFloat('[_Speed33]+238')
Zv = readFloat('[_Speed33]+178')-- Coordinate Y direction
Z = Zp+Zv*1
if isKeyPressed(VK_SHIFT)then
writeFloat('[_Speed33]+230', X) -- We write the new coordinate of the velocity position X +0
writeFloat('[_Speed33]+238', Z) -- velocity Y
end
end
t=createTimer(nil)
timer_setInterval(t, 1)
timer_onTimer(t, SpeedHack33)
timer_setEnabled(t, true)
[DISABLE]
timer_setEnabled(t, false)
|
| Code: |
[ENABLE]
aobscanmodule(Fly2,SnowRunner.exe,F3 0F 10 89 34 02 00 00)
alloc(newmem,$1000,Fly2)// "SnowRunner.exe"+B09DD2
label(code)
label(return)
label(Multiplier2)
label(skip2)
label(subGetAsyncKeyState)
registersymbol(Fly2)
registersymbol(Multiplier2)
newmem:
push rax
push rbx
push rdx
push rsi
push rdi
push rbp
push r8
push r9
push r10
push r11
push r12
push r13
push r14
push r15
push rcx
xor r10,r10
mov ecx,VK_SHIFT
call subGetAsyncKeyState
pop rcx
test r10,r10
jz skip2
// THIS IS NOT HOW THE SCRIPT WORKS
//movss xmm0,[rcx+170] //Coordinate X direction
//movss xmm1,[Multiplier2]
//mulss xmm0,xmm1
//movss [rcx+170],xmm0
//movss xmm0,[rcx+178] // Coordinate Y direction
//movss xmm1,[Multiplier2]
//mulss xmm0,xmm1
//movss [rcx+178],xmm0
movss xmm0,[rcx+00000230] //X coordinate position velocity
movss xmm1,[Multiplier2]
mulss xmm0,xmm1
movss [rcx+00000230],xmm0
movss xmm0,[rcx+00000238]// Y coordinate position velocity
movss xmm1,[Multiplier2]
mulss xmm0,xmm1
movss [rcx+00000238],xmm0
jmp skip2
skip2:
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
pop rbp
pop rdi
pop rsi
pop rdx
pop rbx
pop rax
code:
movss xmm1,[rcx+00000234]
jmp return
subGetAsyncKeyState:
push r10
push r11
sub rsp,08
call GetAsyncKeyState
add rsp,08
pop r11
pop r10
test ax,8000
jz short @f
or r10,r11
@@:
ret
Multiplier2:
dd (float)1.2
Fly2:
jmp newmem
nop 3
return:
[DISABLE]
Fly2:
db F3 0F 10 89 34 02 00 00
unregistersymbol(*)
dealloc(*)
|
|
Non-related but you'd rather use pushad/popad rather than pushing each register individually
|
|
| Back to top |
|
|
LAGARIUM1
Newbie cheater
![]() Reputation: 0
Joined: 08 Jul 2022
Posts: 15
|
| Posted: Fri Mar 14, 2025 1:08 am Post subject: Re: How to make a fly car in aa script |
|
|
[quote="Frouk"] | LAGARIUM1 wrote: | I want to make a fly car but I don't know how to add angles of rotation direction to velocity +230 and +238 Coordinate X Y direction. Here is the LUA fly car script, it works, but I need to do this in an aa script for smoothness and convenience.
[code]
Non-related but you'd rather use pushad/popad rather than pushing each register individually |
I'm a noob in these registers, I see that it works, so everything is ok
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
