| View previous topic :: View next topic |
| Author |
Message |
ner0
Cheater
![]() Reputation: 0
Joined: 10 Dec 2011
Posts: 32
|
 Posted: Sat Jan 28, 2017 5:25 pm Post subject: How to programatically enable MEM_MAPPED for createMemScan? |
 |
|
I noticed that when a trainer is shared, even as a standalone EXE, the memory scan programmed in LUA will not work for mapped memory. Is it possible to enable scanning of mapped memory with CreateMemScan or firstScan?
I did search the forum but found nothing besides people pointing at the settings page in CE. Any global flag in LUA?
Thanks! 
|
|
| Back to top |
|
 |
mgr.inz.Player
I post too much
 Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sat Jan 28, 2017 5:52 pm Post subject: |
|
|
Currently there's no easy way. Ask DB to add this feature in next CE release.
There is workaround if you have latest CE (6.6.0.1 from official download page).
When you want to release 64bit trainer use this line at the beginning of Lua script:
| Code: | | autoAssemble('00A38150:\ndb 01',true) -- mem_mapped |
When you want to release 32bit trainer use this line at the beginning of Lua script:
| Code: | | autoAssemble('009073E0:\ndb 01',true) -- mem_mapped |
_________________
|
|
| Back to top |
|
|
ner0
Cheater
![]() Reputation: 0
Joined: 10 Dec 2011
Posts: 32
|
| Posted: Sat Jan 28, 2017 6:00 pm Post subject: |
|
|
| mgr.inz.Player wrote: | Currently there's no easy way. Ask DB to add this feature in next CE release.
There is workaround if you have latest CE (6.6.0.1 from official download page).
When you want to release 64bit trainer use this line at the beginning of Lua script:
| Code: | | autoAssemble('00A38150:\ndb 01',true) -- mem_mapped |
When you want to release 32bit trainer use this line at the beginning of Lua script:
| Code: | | autoAssemble('009073E0:\ndb 01',true) -- mem_mapped |
|
That is awesome!
I'll give it a try later and will possibly request that a feature be added to make it possible.
Thanks a lot
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25813
Location: The netherlands
|
| Posted: Sun Jan 29, 2017 1:09 am Post subject: |
|
|
i'm not on my comp atm till monday, but you can use getSettings tp get to the ce settings, change them, and then reload the settings using a reloadSettings function
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
ner0
Cheater
![]() Reputation: 0
Joined: 10 Dec 2011
Posts: 32
|
| Posted: Sun Jan 29, 2017 1:38 pm Post subject: |
|
|
I've tried both but only the method from mgr.inz.Player works.
Using getSettings to set the value in the registry works, although the reloadSettings command does not, not sure if that might be a problem even though CE is installed and has MEM_MAPPED enabled there too. reloadSettings() gives me:
| Code: | | attempt to call a nil value (global 'reloadSettings') |
Besides, the standalone doesn't seem to load much out of the registry on it's own besides window positioning and a few other values that seemed unrelated to CE core settings.
Any thoughts Dark Byte?
Also, I suppose mgr.inz.Player method is dependent on the current version of CE, in which case the addresses will probably change on future releases of CE, right?
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun Jan 29, 2017 2:31 pm Post subject: |
|
|
function name is reloadSettingsFromRegistry
So:
| Code: |
s = getSettings()
s.Value['MEM_MAPPED']=1
s.destroy()
reloadSettingsFromRegistry() |
Downside is: it will change user settings. What if someone doesn't want mem_mapped. Your trainer will silently change it. As we know, MEM_MAPPED is slow.
| Quote: | | Also, I suppose mgr.inz.Player method is dependent on the current version of CE, in which case the addresses will probably change on future releases of CE, right? |
right. Here instructions how to update it. As example, CE compiled from newest source.
Launch CE 64bit. Attach CE to itself. Run "dissect code". Open "referenced strings" window.
Find this: "scanCopyOnWrite=" (without ")
Should be only one reference. Follow it. You will see something like this:
There are three interesting lines:
cheatengine-x86_64.exe+106250 - 80 3D 697E5300 00 - cmp byte ptr [cheatengine-x86_64.exe+63E0C0],00
cheatengine-x86_64.exe+106263 - 80 3D 767E5300 00 - cmp byte ptr [cheatengine-x86_64.exe+63E0E0],00
cheatengine-x86_64.exe+106273 - 80 3D 567E5300 00 - cmp byte ptr [cheatengine-x86_64.exe+63E0D0],00
In comment column you will see what is currently inside [cheatengine-x86_64.exe+63E0C0], [cheatengine-x86_64.exe+63E0E0] and [cheatengine-x86_64.exe+63E0D0].
If you go to settings and check (uncheck) MEM_MAPPED, you will see that one of above will change between 0 and 1.
In my case it is the first line: "cmp byte ptr [cheatengine-x86_64.exe+63E0C0],00"
Double click opcode and copy. You will get something like this: cmp byte ptr [00A3E0C0],00
And now you know what to do:
autoAssemble('00A3E0C0:\ndb 01',true)
_________________
|
|
| Back to top |
|
|
ner0
Cheater
![]() Reputation: 0
Joined: 10 Dec 2011
Posts: 32
|
| Posted: Sun Jan 29, 2017 5:18 pm Post subject: |
|
|
That is great mgr.inz.Player, thank you for taking the time to explain this in such detail, really! I'll probably use this method from now on.
Just out of curiosity, couldn't I technically create my own reg key and load that instead? I'm just not sure if the trainer would use it. Something like this:
| Code: | s = getSettings('myTrainerSettings')
s.Value['MEM_MAPPED'] = 1
s.destroy()
reloadSettingsFromRegistry() |
But it seems that 'reloadSettingsFromRegistry()' doesn't take arguments so this will probably not work as expected.
Another thing that might work would be to store the user value and restore it OnClose(). Anyway, whatever works, but your method is the one I'm gong with at the moment.
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 222
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Sun Jan 29, 2017 6:36 pm Post subject: |
|
|
| ner0 wrote: | | Another thing that might work would be to store the user value and restore it OnClose(). Anyway, whatever works, but your method is the one I'm gong with at the moment. |
I think you should wait for newer CE version, something like new property of MemScan class object.
Just an example:
| Quote: | MemScan Class (Inheritance: Object)
getCurrentMemscan() : Returns the current memory scan object. If tabs are used the current tab's memscan object
createMemScan(progressbar OPTIONAL) : Returns a new MemScan class object
properties
OnScanDone: function(memscan) - Set a function to be called when the scan has finished
FoundList: FoundList - The foundlist currently attached to this memscan object
OnlyOneResult: boolean - If this is set to true memscan will stop scanning after having found the first result, and written the address to "Result"
ReadMemPrivate: boolean - true by default
ReadMemImage: boolean - true by default
ReadMemMapped: boolean - false by default
Result: Integer - If OnlyOneResult is used this will contain the address after a scan has finished |
Or use the trick I found out. Just be sure to use
autoAssemble('00A3E0C0:\ndb 01',true)
instead of
autoAssemble('cheatengine-x86_64.exe+63E0C0:\ndb 01',true)
Because standalone trainer will have different EXE name.
_________________
|
|
| Back to top |
|
|
ner0
Cheater
![]() Reputation: 0
Joined: 10 Dec 2011
Posts: 32
|
| Posted: Mon Jan 30, 2017 3:24 am Post subject: |
|
|
| Sure thing, thanks again!
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
