Cheat Engine

Invader

in last step "shade code"
Here Is My Code That I found

Fresco · Posted: Thu Jun 07, 2012 7:09 am Post subject:

Invader · Posted: Thu Jun 07, 2012 10:07 pm Post subject:

first thanks
second iam new in writ assemble for games so i don't understand most of things you write so can you help me of give me some links

g4m3rxx · Posted: Fri Jun 08, 2012 5:14 am Post subject:

I think that here +5 represents 5 bytes not instruction.

And floating values can be represented in AA as (float)100

Fresco · Posted: Fri Jun 08, 2012 8:38 am Post subject:

anyways it is simpler and faster to write the aa code as i have.

i'll explain it

[ENABLE] ->instructions from here to [DISABLE] are used to enable the cheat ... CE executes this code when you activate the code

alloc(newmem2,128) ->newmem2 is a label used to identify the address of the (in memory) allocated space where your code is stored, you can change newmem2 into whatever you want ... 128 is number of bytes that the whole code requires excluding labeld ... only real instructions ... for example if your code requires only 12 bytes, alloc only 12 not 2kb ...

registersymbol(newmem2) -> the label newmem2 is being recognized by the game (when you write jmp newmem2 the program understands that it has to jump to the specific address of newmem2 otherwise you'll have to write jmp address ... i know when you write jmp newmem2 without registersymbol it work anyway but if you make another script and write jmp newmem2 there it won't work because it is not registered.)

label(noop) to avoid using jmp+x register a label and jmp label not +x

newmem2: -> this indicates and address; the address of newmem2

pushfd -> when you use cmp or any other instruction that uses the flags you have to first save the old flags in order to prevent the changing of an "in game needed flag"
result of cmp is stored in flags

cmp [ebx+10],1 -> compare instruction if the unit is mine then

je noop -> then jump to the address of noop ... that does nothing

mov [ebx+04],eax -> if unit is not mine then store eax (decreased hp) into the value of enemy hp address

noop: no matter if coming from my or enemy unit run this code anyways

popfd -> delete flags that we used and restore the original ones

fldz -> i don't need to explain that you MUST put the original code that was not modifyed by you before exiting the code

ret -> since i have used a call i need to go back

"Tutorial-i386.exe"+250C6:
call newmem2 --> modify the original instruction with call newmem2 (my code)

[DISABLE] from here till the end of aa scrip ce recognises this as a disable code ... a restore to normal
dealloc(newmem2,128) / delete the allocated space in memory
unregistersymbol(newmem2) / unregister any symbol

"Tutorial-i386.exe"+250C6: / restore original code
mov [ebx+04],eax
fldz

sorry for any typing errors ... corrector was off Very Happy

ps: jmp +5 is not recognised as a true assembly instructions ... cheat engine then translates jmp +5 to jmp address ... being address equal to EIP + 5instructions