Cheat Engine

johnkittz · Posted: Fri Sep 30, 2016 10:41 pm Post subject: AOBScan Problems with Unity Game

I haven't needed help in a long while lol

I'm having trouble With finding a AOB for a Unity Game

I can't even find a Pointer for it

No matter how many bytes I add its NEVER unique

i dont have much experience with Unity Games or The Protections they Might Have (I dont play many Unity Games my PC is crap)

if you need my Current Script just ask im willing to provide any detail including the Bytes

i would appreciate any help from you guys (even tho it might be dumb and you guys are laughing at me Confused

)

panraven · Posted: Fri Sep 30, 2016 11:30 pm Post subject:

Try use AA command AOBScanRegion instead. AOBScanRegion is new in ce 6.5+

When located where to inject, in unity game with mono feature enabled, the named address form of the related function can be seen, here as example is PM:PowerUpdate.

Limit the Scan with range like function+offset1, function+offset2, the aob pattern can be relaxed. The 2 aob pattern I used in example is exactly the same, only different by offset, and they are short.

Added benefit for mono feature is CE will JIT the function by referencing the function in script, so not need to wait the game to run the related code, ie. no more "get a hit , then activate the god mode cheat" etc.

The named address form may be a bit different when used in AA script. The form should be namespace:class:function. In case the namespace is default one, the form may be need a prefix ':', comparing to the form seen in disassembler.

johnkittz · Posted: Sat Oct 01, 2016 12:13 am Post subject:

Thanks for The Reply Man And Thanks for helping me

but sadly the Mono Features even when activated doesn't show any Related Function address it actually looks no different inside memory viewer

panraven · Posted: Sat Oct 01, 2016 7:34 am Post subject:

May post the disassembler code around the inject point?
People should have better suggestion with actual code.

bye~

johnkittz · Posted: Sat Oct 01, 2016 6:06 pm Post subject:

Here's a Screenshot of it

The injection point is the fstp at the very top

also, the Game is:
SkyHill from GOG

panraven · Posted: Sat Oct 01, 2016 7:32 pm Post subject:

The aob pattern cannot be found at starting menu, then it can be found after entered game.

The possible named address form may be

:UI_PC_CharacterInfo:updateStats

Using the aobscanregion command to found the ops

johnkittz · Posted: Sat Oct 01, 2016 7:45 pm Post subject:

I'm going to look into it, it shows the mono menu but when I try to dissect/activate mono it doesn't activate.

you've helped a ton buddy!!!

panraven · Posted: Sat Oct 01, 2016 8:59 pm Post subject:

EDIT: read Dark Byte post plz, My comment below may be outdated or incorrect.

ah... I seldom use debugger, so forgot this.

Mono feature likely cannot use with CE debugger at the same time (I mostly use VEH, not sure windows one). When a breakpoint is set, the mono feature will not be activated, and if mono feature activating, a break point cannot be set, something like this.

To deactivated mono feature, may use this lua (following in AA script lua block)

Dark Byte · Posted: Sun Oct 02, 2016 3:24 am Post subject:

You can set breakpoints without an issue with mono activated.
Only thing is that the symbols dissappear when a breakpoint can get hit