 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
helldiver
How do I cheat?
![]() Reputation: 0
Joined: 02 May 2014
Posts: 5
|
 Posted: Fri May 02, 2014 9:21 am Post subject: Need help, increasing and decreasing |
 |
|
Hello i need help.
Im trying to change this script so whenever i toggle on it will increase or decrease value by 1 instead of always changing to 3.
| Code: | cmp dword ptr [edx+18],0
jne originalcode
mov [edx+000000CC],(int)3
mov [edx+000000D0],(int)0
originalcode:
mov edx,[edx+000000CC]
exit:
jmp returnhere
golaob:
golabel:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
golabel:
mov edx,[edx+000000CC]
unregistersymbol(golabel) |
I tried to add inc or dec but it was increasing or decreasing untill i press hotkey again, i dont know how to stop it.
My brain hurts from reading tutorials past last 2 days. Please help me or provide link for tutorial where i can learn how to do this. Thanks.
Also sry for my English, i hope you can understand me.
|
|
| Back to top |
|
 |
Gi@nnis
Cheater
![]() Reputation: 1
Joined: 26 Oct 2013
Posts: 32
Location: Greece
|
| Posted: Fri May 02, 2014 8:40 pm Post subject: |
|
|
I don't really understand what you want, or how the script works exactly (part of the script is missing and comments are non-existing). For example what does the [EDX+18] hold? Same for [EDX+D0].
But from the general description I think that you want a code that changes (inc/dec) a value only once. To do that you can create a variable that monitors if the script has been called again and reset it manually (setup a hot key that sets the value to 0).
| Code: | ...(missing script)...
label(iCount)
registersymbol(iCount)
...(missing script)...
PushFD // store flags
cmp dword ptr [edx+18],0
jne originalcode
Cmp Byte PTR [first],0
Jnz originalcode
Inc Dword PTR [edx+CC] // or dec (whatever you want)
// the Dword PTR is not needed, at least in most cases,
// but I like it to be clear that we're talking about a double word
// pointer ...
originalcode:
PopFD // restore flags
mov edx,[edx+000000CC]
exit:
Inc Dword PTR [iCount] // increase the counter
jmp returnhere
iCount:
DD 0
golaob:
golabel:
jmp newmem
nop
returnhere:
[DISABLE]
dealloc(newmem)
golabel:
mov edx,[edx+000000CC]
unregistersymbol(golabel)
unregistersymbol(iCount)
|
This script will keep track of how many times it has been called, not only if it has been called again. You might want to alter it a bit by moving the counter increase under the other increase (so that it gets done only one time, each time you change it). But for now it's better this way, more information for you.
Also, I notice that you don't protect your flags. I don't know if you need to, in most cases you don't, but it's safer if you do it.
|
|
| Back to top |
|
|
helldiver
How do I cheat?
![]() Reputation: 0
Joined: 02 May 2014
Posts: 5
|
| Posted: Sat May 03, 2014 11:58 am Post subject: |
|
|
This is whole code for Team 1. It gives 3 points for Team 1.
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
label(golabel)
registersymbol(golabel)
aobscan(golaob,8B 92 CC 00 00 00 ** ** ** ** 2B 4A)
newmem: //this is allocated memory, you have read,write,execute access
cmp dword ptr [edx+18],0
jne originalcode
mov [edx+000000CC],(int)3
mov [edx+000000D0],(int)0
originalcode:
mov edx,[edx+000000CC]
exit:
jmp returnhere
golaob:
golabel:
jmp newmem
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
golabel:
mov edx,[edx+000000CC]
unregistersymbol(golabel) |
And this is for Team 2. It gives 1 point for Team 2.
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
label(goblabel)
registersymbol(goblabel)
aobscan(goblaob,8B 84 91 CC 00 00 00 ** ** ** ** ** ** 2B 41)
newmem: //this is allocated memory, you have read,write,execute access
cmp dword ptr [ecx+edx*4+18],1
jne originalcode
mov [ecx+edx*4+000000CC],(int)1
mov [ecx+edx*4+000000D0],(int)0
originalcode:
mov eax,[ecx+edx*4+000000CC]
exit:
jmp returnhere
goblaob:
goblabel:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
goblabel:
mov eax,[ecx+edx*4+000000CC]
unregistersymbol(goblabel) |
And what i want to do is: whenever i click hotkey for toggling script it will increase value of team1 by 1, and another hotkey for team2 score by 1. Then again 1 hotkey for decrease team1 score by 1 and another hotkey for decreasing team2 score by 1.
|
|
| Back to top |
|
|
Gi@nnis
Cheater
![]() Reputation: 1
Joined: 26 Oct 2013
Posts: 32
Location: Greece
|
| Posted: Sat May 03, 2014 6:12 pm Post subject: |
|
|
From what I understand you want when you press a button to alter the value of an address. This is not what code injection main functionality is. Code injection is mainly intended for altering the actual actions that a function does when call, by the game. I think that the problem with your code is that the code gets called more than once, in witch case the mov function (set value to) works just fine, but the inc/dec doesn't work as intended.
To force call a assembly code you need to CreateThread etc ... But I bet you don't want that.
If I understand you correctly the solution to your problem is simple. All you need from the assembly code is to extract the pointer. And then have the CE alter the values for you. If that's the case:
| Code: |
...
label(pTeam1)
registersymbol(pTeam1)
...
// eax is safe (it gets mov by the original code)
lea eax,[ecx+edx*4]
mov dword ptr [pTeam1],eax // save pointer
...
jmp returnhere
pTeam1:
dd 0
golaob:
....
unregistersymbol(pTeam1)
|
Now go to the cheat engine "Add Address Manually" -> check box pointer -> pTeam1 -> offset CC. Now you can change is the value as you wish, or even bind a hotkey to change the value when you press it (Ctrl+H).
Do the same with Team 2.
If that solved your problem please let me know. If it didn't, please tell me the game's title.
Note that I'm not an expert. I'm just trying to help. Hope that helps.
Last edited by Gi@nnis on Tue May 06, 2014 11:30 pm; edited 2 times in total |
|
| Back to top |
|
|
helldiver
How do I cheat?
![]() Reputation: 0
Joined: 02 May 2014
Posts: 5
|
| Posted: Sat May 03, 2014 7:16 pm Post subject: |
|
|
I will try this tommorow, thanks for help. Here is table of this cheat i found this on russian forum, it's for fifa 12 but it works in 13 too.
| Description: |
|
Download |
| Filename: |
Cheat.CT |
| Filesize: |
104 KB |
| Downloaded: |
707 Time(s) |
|
|
| Back to top |
|
|
helldiver
How do I cheat?
![]() Reputation: 0
Joined: 02 May 2014
Posts: 5
|
| Posted: Tue May 06, 2014 7:48 am Post subject: |
|
|
Damn, nothing works :/
| Gi@nnis wrote: | From what I understand you want when you press a button to alter the value of an address. This is not what code injection main functionality is. Code injection is mainly intended for altering the actual actions that a function does when call, by the game. I think that the problem with your code is that the code gets called more than once, in witch case the mov function (set value to) works just fine, but the inc/dec doesn't work as intended.
To force call a assembly code you need to CreateThread etc ... But I bet you don't want that.
If I understand you correctly the solution to your problem is simple. All you need from the assembly code is to extract the pointer. And then have the CE alter the values for you. If that's the case:
| Code: |
...
label(pTeam1)
registersymbol(pTeam1)
...
// eax is safe (it gets mov by the original code)
lea eax,dword ptr [edx] // eax = pointer to team 1
mov dword ptr [pTeam1],eax // pTeam1 = eax
...
jmp returnhere
pTeam1:
dd 0
golaob:
....
unregistersymbol(pTeam1)
|
Now go to the cheat engine "Add Address Manually" -> check box pointer -> pTeam1 -> offset CC. Now you can change is the value as you wish, or even bind a hotkey to change the value when you press it (Ctrl+H).
Do the same with Team 2.
If that solved your problem please let me know. If it didn't, please tell me the game's title.
Note that I'm not an expert. I'm just trying to help. Hope that helps. |
How can i use this code to extract pointer?
|
|
| Back to top |
|
|
foxfire9
Advanced Cheater
![]() Reputation: 0
Joined: 23 Mar 2012
Posts: 57
|
| Posted: Tue May 06, 2014 9:13 pm Post subject: |
|
|
Gi@nnis is right Pointed Address is much sufficient. Than making it more complicated.
You can manipulate Pointed Address dynamically while AA Script isn't.
But... if you really want to make it dynamic try looking at Geri's AA Script for the game C&C Generals. You will know what I mean.
Check:
cheatengine.org/viewtopic.php?t=554158&sid=df7e46a0af89e9015dc77c3ca4edf48e
|
|
| Back to top |
|
|
Gi@nnis
Cheater
![]() Reputation: 1
Joined: 26 Oct 2013
Posts: 32
Location: Greece
|
| Posted: Tue May 06, 2014 11:52 pm Post subject: |
|
|
Unfortunately, I do not have access to the game. And given that mostly I work through trial and error, this is going to be hard. I made a table for you, but I'm not sure that it's going to work. Just try it. This would be much better if I could pm you but I can't.
Activate the script, wait until it gets a pointer (the Goal address is not ->0) and then press {Control} and {NumPad+}. This should increase the goals that the team A has. Ctrl+{NumPad-} will decrease it, Ctrl+{NumPad*} will set it to 0.
Let me know if this works for you.
| Description: |
|
Download |
| Filename: |
Fifa 12-13.CT |
| Filesize: |
53.4 KB |
| Downloaded: |
605 Time(s) |
|
|
| Back to top |
|
|
helldiver
How do I cheat?
![]() Reputation: 0
Joined: 02 May 2014
Posts: 5
|
| Posted: Fri May 09, 2014 12:12 pm Post subject: |
|
|
| So can any1 help me please?
|
|
| Back to top |
|
|
Gi@nnis
Cheater
![]() Reputation: 1
Joined: 26 Oct 2013
Posts: 32
Location: Greece
|
| Posted: Sat May 10, 2014 8:30 am Post subject: |
|
|
[quote="helldiver"]So can any1 help me please?[/quote]
I assume that my solution didn't work. Thanks for letting me know ...
I was ready to work on a solution if you were cooperative enough. Anyway, good luck on getting help.
|
|
| Back to top |
|
|
helldiver
How do I cheat?
![]() Reputation: 0
Joined: 02 May 2014
Posts: 5
|
| Posted: Mon Jun 02, 2014 2:01 pm Post subject: |
|
|
| Gi@nnis wrote: | | helldiver wrote: | | So can any1 help me please? |
I assume that my solution didn't work. Thanks for letting me know ...
I was ready to work on a solution if you were cooperative enough. Anyway, good luck on getting help. |
Well, sorry i couldn't pm You.
I tried a lot but i give up for now.
|
|
| Back to top |
|
|
NanoByte
Expert Cheater
![]() Reputation: 1
Joined: 13 Sep 2013
Posts: 222
|
| Posted: Mon Jun 02, 2014 5:17 pm Post subject: |
|
|
Hope it works for you
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem,2048) //2kb should be enough
globalalloc(_func,4) //important
label(returnhere)
label(originalcode)
label(exit)
label(goblabel)
label(_inc) //important
label(_dec) //important
label(_inc2) //important
label(_dec2) //important
registersymbol(goblabel)
aobscan(goblaob,8B 84 91 CC 00 00 00 ** ** ** ** ** ** 2B 41)
_func: //important
db 0
newmem: //this is allocated memory, you have read,write,execute access
//-----------------------------------------------------
pushad //start
push 61
call GetAsyncKeyState
shr ax,f
cmp ax,1
popad
je _inc //end - if numpad 1 pressed go to _inc code
pushad //start
push 62
call GetAsyncKeyState
shr ax,f
cmp ax,1
popad
je _dec //end - if numpad 2 pressed go to _dec code
cmp [_func],0
je originalcode
cmp [_func],1
je _inc
cmp [_func],2
je _dec
jmp originalcode
_inc:
mov [_func],1
jmp newmem
_dec:
mov [_func],2
jmp newmem
_inc2: //put your code for inc value here - important!!
jmp originalcode
_dec2: //put your code for dec value here - important!!
jmp originalcode
//------------------------------------------------------------------
originalcode:
mov edx,[edx+000000CC]
exit:
jmp returnhere
goblaob:
goblabel:
jmp newmem
nop
nop
returnhere:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem)
goblabel:
mov eax,[ecx+edx*4+000000CC]
unregistersymbol(goblabel) |
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
