 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
jgoemat
Master Cheater
![]() Reputation: 23
Joined: 25 Sep 2011
Posts: 264
|
 Posted: Tue Aug 14, 2012 2:30 am Post subject: Idea for autoassembly aobscan |
 |
|
1. Every time I use aobscan I'm looking for code in a particular module, but there's no way to search just in one module.
2. If an AOB can't be found in the specific module, there's no reason to search all of the game's memory and an immediate error would be nice if the game is incompatible.
3. The address is often not where I'd want to insert code so I use 'aobaddr+4:' as the place...
4. I guess you could probably search for code around but not including the replaced code and you could duplicate your aobscans in the DISABLE section looking for your JMP and NOPs, but I find myself creating a label and registering a symbol so I can use the already found address in the disable section.
5. It would be nice if the symbol was only created once much like globalalloc, if the injection point is found once it will not change during a game session.
| Code: | [ENABLE]
aobscan(AOB1,c8 4b ?? ?? ?? ?? 53 89 72 87 43)
label(LBL1)
registersymbol(LBL1)
AOB1+6:
LBL1:
jmp MyCode
[DISABLE]
LBL1:
DB 53 89 72 87 43
|
unregistersymbol(LB1)
I'd like to propose adding options to aobscan to let me replace five lines with one. I don't know if it would be better to add optional parameters to aobscan, but I've added the options in brackets before the parenthesis just to see how hard it would be (also letting you add others in the future like min and max)... Options:
* module (or no name): the module to search
* add: number of bytes to add to the found address
* register: if true, register as a user-defined symbol
| Code: | [ENABLE]
aobscan[game.exe,add=6,register=true](AOB1,c8 4b ?? ?? ?? ?? 53 89 72 87 43)
AOB1:
jmp MyCode
[DISABLE]
AOB1:
DB 53 89 72 87 43
|
I added a "getOptions(name, optionsString) : string" function to pull apart the options. I added an optional options parameter to findaob and changed the scan to use the module and add options. Then I changed autoassembler to strip the brackets and options out and pass them to findaob, and to create the symbol (if not already created) if register=true instead of creating the define... I think a label for a memory address.
| Code: | //aobscan[module=game.exe,add=6,register=true](AOB1,c8 4b ?? ?? ?? ?? 53 89 72 87 43)
aobscan(AOB1,c8 4b ?? ?? ?? ?? 53 89 72 87 43,game.exe,6,true)
|
Either way the options would be completely optional and the changes would be backwards-compatible with existing scripts. This change would make this style of scripts much more readable and faster, hopefully leading to more people using AOBSCAN for their scripts making them more resilient to version changes...
Other notices:
1. All data emitters except DB only use the first parameter, for some reason they just use parameter1 instead of going through the tokens array...
| Code: | db 1 2 3 4 // really 1 2 3 4
dd 1 2 3 4 // really 1 1 1 1
dw 1 2 3 4 // really 1 1 1 1
db 1 2 3 4 // really 1 1 1 1 |
2. Is there a reason to have to declare labels ahead of time? Is it just so an undeclared symbol that should cause an error doesn't get assembled as a label?
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25820
Location: The netherlands
|
| Posted: Tue Aug 14, 2012 5:57 am Post subject: |
|
|
You can do this with lua and the getAddress() and getModuleSize() functions and a memscan object, but I'll look into adding something like this to aa's aobscan
1: Looks like a bug yes
2: It keeps the writer of aa scripts alert about the variable names they use, causing them to write cleaner scripts with less bugs
As for a programmatic reason, not really sure. In the past there might have been a reason (perhaps a specific difference between consts, allocs and labels for some code optimization)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
mgr.inz.Player
I post too much
 Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Tue Aug 14, 2012 7:06 am Post subject: |
|
|
I have another suggestion.
What if we have something like this:
| Code: | (...)
aobscan(aobSearchAddress,8B C8 8D 14 91 56 3B C2 74 18)
aobscan(RetCheck1,85 C0 74 15 8B 10 8B C8 8B 42 38 56)
(...)
aobSearchAddress-9:
jmp NewMem
nop
nop
nop
NewMem:
cmp [ebp+4],RetCheck1 //ret check
(...) |
It looks like it search first AOB, and then second AOB. It takes a while.
It would be nice if CE has search both AOB simultaneously.
something like this:
aobscansimul(aobSearchAddress,8B C8 8D 14 91 56 3B C2 74 18,RetCheck1,85 C0 74 15 8B 10 8B C8 8B 42 38 56)
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
