Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Cheat Engine Dll Select?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Mobie
Cheater
Reputation: 0

Joined: 10 Feb 2011
Posts: 43

PostPosted: Sat Dec 01, 2012 11:48 am    Post subject: Cheat Engine Dll Select? Reply with quote

How i can view withe the memory viewer only in a dll? Example FarCry 3 all cheats stored in a dll for Direct X 11 and normal Direct X 9. When i use the Assemply scan from cheat engine how i can select directly, the .dll for search in the modul.

greets a sry for my english
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25794
Location: The netherlands

PostPosted: Sat Dec 01, 2012 12:47 pm    Post subject: Reply with quote

the auto assembler's aobscan will always scan till the first occurance. Is there really no way to distinguish between the dx9 and 11 dll with anything nearby ?

Anyhow, the lua version of AOBScan will return all addresses, so you can use that and then scan through all the results looking for a address that falls in the range of the given dll, it's slow, but pretty easy (getAddress('dllname.dll') for base and getModuleSize('dllname.dll') for size)

If you do want a bit more effort and speed you can make use of the memscan_ class object and specifically scan the region of the dll.
---

I've written an function and a easy to use example that can be used in your table
Code:

function aobscandll(dllname, aobstring)
  local dllbase=getAddress(dllname)
  local dllsize=getModuleSize(dllname)
  local ms=createMemScan()
  memscan_returnOnlyOneResult(ms, true)
  memscan_firstScan(ms, soExactValue, vtByteArray, 0, aobstring, "", string.format("%x", dllbase), string.format("%x", dllbase+dllsize) , "", fsmNotAligned, "1", true, false,false,false)
  memscan_waitTillDone(ms)
 
  local r=memscan_getOnlyResult(ms) 
  object_destroy(ms)
  return r
end


AOBCompatibleAddressSpecifier=string.format("%x", aobscandll("tutorial-i386.exe", "c6 05 20 e0 68 00 00 e8 b4 ff ff ff"))


After this script gets executed you can use an auto assembler script like this:
Code:

[enable]
$AOBCompatibleAddressSpecifier:
nop
nop
nop

[disable]
$AOBCompatibleAddressSpecifier:
db c6 05 20

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
gir489
Grandmaster Cheater
Reputation: 14

Joined: 03 Jan 2012
Posts: 841
Location: Maryland, United States

PostPosted: Sun Dec 02, 2012 6:22 pm    Post subject: Reply with quote

There isn't really "anything near by", the main difference in the FC3_d3d11.dll is that it uses D3D11 calls instead of D3D9. Which could've been done with some simple intrinsics, but what do I know, I'm just a reverse engineer.

It looks like it loads FC3.dll, kicks that off, then loads FC3_d3d11 and then kicks that off, too. So it looks like both DLLs are running at the same time.

I thought that it would just load FC3_d3d11 instead of FC3.dll. They're both relatively the same size.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites